TweakTown NewsRefine News by Category:
President Barack Obama wants cybersecurity to have a more prominent role among companies and federal agencies, including cybersecurity information sharing. As part of the proposal, Obama wants streamlined threat intelligence sharing between the private sector and government agencies.
In addition, Obama wants to disrupt botnet operators - including the sale or rental of botnets for criminal use - to be investigated, disrupted and prosecuted by federal courts.
Obama yesterday announced an updated proposal so national data breach reporting is modified following a cyberattack and data breach. Instead of a mix of state laws, a single federal statute would be created, so businesses better understand their responsibilities while informing customers.
The Australian Communications and Media Authority is warning everyone to be careful when receiving emails that have anything to do with an "ISIS threat," after numerous reports of people becoming infected when opening emails containing the subject "ISIS attacks in Sydney?" have surfaced.
The Australian Government's Stay Smart Online service statement reads "new emails referring to ISIS terrorism activities carry a malicious attachment that can be used to infect your computer," further commenting that "clicking on the attachment could result in malicious code being installed that allows an attacker to take control of your computer."
The body of the email in question goes on to mention "ISIS has warned Australian Police today about new attacks in Sydney," further stating that "attached the places in word file which ISIS planning to attack in Sydney this year 2015."
The Russian FSB intelligence security service reportedly tried to recruit former NSA contractor Edward Snowden, approaching him while he was stranded in the Sheremetyevo International Airport in 2013. The American fugitive declined the offer.
Snowden was reportedly approached only once and he "didn't give anything to the Russians at all," according to WikiLeaks staffer Sarah Harrison, a close friend to the stranded American.
Snowden was granted temporary asylum to stay in Russia in August 2013, and he remains inside of Russian borders.
United Airlines says it wasn't breached as several MileagePlus members have discovered fraudulent activity on their accounts. It appears usernames and passwords were compromised from a third-party, and the unauthorized purchases began sometime in December 2014, the airline has confirmed. The California Office of the Attorney General was notified about the incident last week.
United is still trying to determine how the information was compromised, as criminals have increasingly targeted loyalty programs for airlines, hotels and other travel industry businesses. The accrued points are easy to cash out for restaurants, rental cars, air travel, hotels, and other perks.
Cybercriminals are finding new methods to find usernames and password credentials to steal - and the fraudulent activity suffered by MileagePlus members is an indication that trend will continue.
It appears the US Central Command Twitter and YouTube accounts were hacked by the Islamic State, corresponding with President Obama preparing to deliver a speech regarding cybersecurity. Both accounts have been temporarily suspended, as threatening messages were posted aimed at US soldiers.
One of the messages posted on the US Central Command Twitter page included: American soldiers, we are coming, watch your back. ISIS. #CyberCaliphate" and included a link to a Pastebin link.
This effort was designed to be an annoyance to the US government and US Central Command systems remain secure from attack. Meanwhile, US officials are looking into the breach, including extent of the incident and any messages that may have been sent from the hijacked accounts.
The FBI continues to say North Korea is responsible for a crippling cyberattack and data breach of Sony Pictures, and the Obama Administration vowed revenge, but Washington didn't drop the North Korean Internet, sources claim. However, those responsible for hitting North Korea likely didn't need to work very hard, and future attacks could be imminent.
"It looks more like the result of an infrastructure attack than an infrastructure failure," said James Cowie, chief scientist of Dynamic Network Services, in a statement to the AP. "There's nothing you can point to that says it has all the hallmarks of an attack by a nation state. It could have been anybody."
The entire country of North Korea only has four principal access point to the Internet, and while the US government has the capabilities to impact them, so do multiple other nation states - and smaller hacker groups.
Before Sony Pictures had its data released to the Internet, the Guardians of Peace offered to simply disappear if they were paid a ransom - an extortion attempt that Sony promptly denied. However, this type of criminal activity is overshadowed by the new forms of malware customized to encrypt files and demand payment from compromised victims.
Ransomware attacks tend to get the most attention when a new piece of malware hits the Web, infecting end-users and corporations. The ransoms range from as low as $200 up to thousands of dollars, with a short deadline before the files are permanently encrypted.
Cybersecurity experts warn these types of attacks will continue to increase in popularity, as many victims provide payment to the criminals.
The Anonymous hacker collective has publicly launched a campaign against Islamic extremists tied to the attacks on Charlie Hebdo, which has killed 12 people. The group plans to target al-Qaeda, ISIS and other terrorists, with a focus on bringing down their social media accounts and websites used to spread propaganda.
"We, Anonymous around the world, have decided to declare war on you the terrorists," the group declared in a YouTube video. "We intend to take revenge in their name, we are going to survey your activities on the net, we are going to shut down your accounts on all social networks."
#OpCharlieHebdo has already claimed one victim, though the victimized website returned to service after an hour or two of downtime. However, distributed denial of service (DDoS) attacks and other cyberattacks are expected to target the terrorist groups operating in Iraq, Syria, and elsewhere in the Middle East.
The North Korean Bureau 121 cyber warfare unit has continued to recruit new computer experts to its unit, with potential long-term plans of conducting wide-scale cyberespionage operations. Despite additional sanctions levied against Pyongyang, it hasn't slowed momentum of the secretive cyber unit.
"North Korea is currently running its 6,000 (-member) workforce for cyber warfare and performing cyberattacks for physical and psychological paralysis inside South Korea such as causing troubles for military operations and national infrastructures," said the South Korean Defense Ministry, in a statement published by Reuters.
The North Korean government has denied it was involved in breaching Sony Pictures Entertainment - but details of its hacker group continue to be published. Bureau 121 has been blamed for several notable breaches targeting South Korean banks and other infrastructure, with the unit's skills reportedly developing.
Based on its success during cybersecurity-based competitions, the University of Central Florida (UCF) has won the 2014 Collegiate Cybersecurity Championship Cup.
"The Cybersecurity Championship Cup program is designed to encourage collegiate participation in all cybersecurity-based competitions - not just specific events," said Dr. Gregory White, Director of the Center for Infrastructure Assurance and Security. "The program is similar to the FedEx or Sprint Cups - teams gain points for participation in placement in disparate cybersecurity competitions."
The cup competition is supported by a grant from the Department of Homeland Security Science and Technology Director Cyber Security Division, and is managed by the Center for Infrastructure Assurance and Security at the University of Texas at San Antonio. There is a growing need for cybersecurity specialists - both by the private sector and the federal government - as foreign cyberattacks continute to warrant great concern.