Showing posts with label Cyber Espionage. Show all posts
Showing posts with label Cyber Espionage. Show all posts

June 5, 2015

People Are Our Greatest Asset, Goodbye!

The Chinese are smart and talented, and there is a cyberwar going on. 

They are suspected are having just stolen the personnel information of 4 million federal government workers.

And there are 4.2 million active, including 1.5 million military personnel. 

So if as they are apt to say, "people are our greatest asset"...

...then we just sort of lost the CROWN JEWELS in terms of highly personal, sensitive, and critical information on the people that handle everything from defense and diplomacy to the economy, energy, the environment, justice, and health and wellbeing. 

Oops!

This is getting scary folks. 

When the adversary through cyber (and other) espionage can know our people, our technology, our communications, virtually everything...then we got some big vulnerabilities!

If we can't defend ourselves adequately (at least for now), I hope at least we are doing okay on the offense! ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

October 20, 2014

Shining A Light On Your Privacy


Check out this special report...

~Half a billion~ downloads of the top 10 Flashlights Apps--the ones we all have on our smartphones--and guess what?

All/most are malware/spyware from China, India, and Russia that are spying on you!

Your contacts, banking information, even your location, is being intercepted by hackers abroad,

The cybersecurity experts Snoopwall (that conducted this study and are offering a free opensource "privacy flashlight") are recommending that you don't just uninstall these flashlight apps, because they leave behind trojans that still are functioning behind the scene and capturing your information. 

So instead doing a backup of key information and then a factory reset of the smartphone is advised.

Pain in the you know what, but these flashlight apps are shining a light and compromising your personal information.

Snopes points out that the flashlight apps may be no more vulnerable to spyware than other apps you download and that perhaps the screening process from the app stores help to protect us somewhat.

When the cyber hackers decide to exploit those apps that are vulnerable, whether for political, military, or financial gain, it will likely be ugly and that flashlight or other app you use may prove much more costly than the download to get them. ;-)

(Thank you Betty Monoker for sharing this.)
Share/Save/Bookmark

May 10, 2014

The *S*p*y* Named Snowden

So was Edward Snowden a whistleblower (some even call him a patriot) or one of the most ruthless spies this country has ever known?

An editorial in the Wall Street Journal by Edward Jay Epstein makes a strong case that Snowden was a spy galore, and the whistleblowing was his cover.
  1. What he stole? - 1.7 million documents from the NSA with "only a minute fraction of them have anything to do with civil liberties or whistleblowing." Instead, the vast majority "were related to our military capabilities, operations, tactics, techniques, and procedures"--otherwise known as the "keys to the kingdom." Moreover, it seems clear that a "top priority was lists of the computers of U.S. adversaries abroad that the NSA has succeeded in penetrating."
  2. When he stole them? - Snowden took the Booz Allen Hamilton job as a contractor for NSA in March 2013--this was at the "tail end of his operation." Moreover, the Foreign Surveillance Intelligence Act (FISA) court order for Verizon to provide metadata on U.S. phone calls for 90 days had only been issued in April 2013. And Snowden told reporter James Rosen in October 2013, that his last job at NSA gave him access to every active operation against the Chinese and "that is why I accepted the position."
  3. Where did Snowden end up? - First in Hong Kong and then under the protection of the FSB (aka the old KGB) in Russia, which "effectively compromises all the sources and methods" and ties all too nicely with what he stole. A former cabinet official has indicated that the Snowden heist was either Russian espionage, Chinese espionage, or a joint operation. 
If Snowden really was a spy as indicated, then the Whistleblowing of domestic surveillance in the U.S. was a most brilliant ploy by his operators to distract our nation from the true nature of the exfiltration and the harm done to our national security. In a way, it falls right in line with Russia's creative storyline/coverup in taking Crimea in saying that they were only protecting ethnic Russians. Score 2 for Russia!

Are we so easily lied to and manipulated...is public opinion really just jello in the hands of the global spymasters.  

We've got to be smart enough (i.e. critical thinkers) to interpret the noise in the intelligence signals, political speeches, and news stories to unveil the truth of what is really going on. In advertising, when exposing the truth of products and companies, this is sometimes referred to as culture jamming. Can we apply this to the complicated intrigue of global politics and get past the storyline that is fed to us to expose truth?  

It's high time to outmaneuver those that may seek to manipulate the public (whether from outside or even sometimes from within) with some brilliance of our own--in not believing every snippet that is fed to us and instead looking at the bigger picture of political theater, special interests, and national security to see who is now zinging whom and why. ;-)

(Source Photo: Andy Blumenthal)

Share/Save/Bookmark

March 8, 2014

Security Is A Joke!


Fascinating video with Dan Tentler on the Shodan Search Engine...which CNN calls the "scariest search engine on the Internet."

The search engine crawls the Internet for servers, webcams, printers, routers, and every type of vulnerable device you can imagine.

It collects information on more than 500 million devices per month and that was as of last year, so it's already probably a lot more.

Tentler shows the unbelievable amounts and type of things you can access with this, including our critical infrastructure for the country --from utilities to traffic lights, and power plants:

- Private webcams
- Bridges
- Freeways
- Data Centers
- Polycoms
- Fuel cells
- Wind farms
- Building controls for lighting, HVAC, door locks, and alarms
- Floor plans
- Power meters
- Heat pump controllers
- Garage doors
- Traffic control systems
- Hydroelectric plants
- Nuclear power plant controls
- Particle accelerators
- MORE!!!!

Aside from getting information on the IP address, description of the devices, locations (just plug the longitude and latitude into Google for a street location), you can often actually control these devices right from YOUR computer!

The information is online, open to the public, and requires no credentials.

- "It's a massive security failure!"

- "Why is this stuff even online?"

Where is our cyber leadership????

>>>Where is the regulation over critical infrastructure?

If there is a heaven for hackers, this is it--shame on us. :-(
Share/Save/Bookmark

March 7, 2014

We're Giving It All Away


Nice little video from Mandiant on "The anatomy of a cyber attack."

Despite the typical firewalls, antivirus, and intrusion detection system, cyber attacks can and do penetrate your systems.

This happens through social engineering (including phishing attempts), automated spam, and zero-day exploits.

Once inside your network, the cyber attacker takes command and control of your computers, surveys your assets, steals user names and passwords, hijacks programs, and accesses valuable intellectual property. 

Mandiant performs security incident response management (detecting breaches, containing it, and helping recovery efforts), and they are known for their report "APT1" (2013) exposing an alleged significant government-sponsored cyber espionage group that they state "has systematically stolen hundreds of terabytes of data from at least 141 organizations."

Another fascinating report on a similar topic of advanced persistent threats was done by McAfee on Operation Shady Rat (2011) that reveals over 70 organizations (governments, commercial entities, and more) that were targeted over 5 years and had terabytes of information siphoned off. 

The overall risk from cyber espionage is high and the McAfee report states:

- "Every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact."

- "What we have witnessed...has been nothing short of a historically unprecedented transfer of [intellectual] wealth - closely guarded national secrets...disappeared in the ever-growing electronic archived of dogged adversaries."

In short we can't keep a secret--we're putting endless gobs and gobs of our information online and are not adequately protecting it in cyberspace, with the result that our adversaries are able to access, exfiltrate, disclose, modify, or destroy it.

In short, we're giving it all away - why? 
Share/Save/Bookmark

February 22, 2014

National State Of Cyber Insecurity


This video is a wake up call on the state of our national cyber insecurity. 

It is the opening statement (about 6 minutes) of Chairman Michael McCaul (R-TX) of the Homeland Security Subcommittee of Oversight, Investigations, and Management.

What he describes is quite grave and every American should listen carefully about the state of our cyber insecurity that poses a real and significant threat to our economy and national security.

We are under attack by cyber criminals, terrorists, and hostile nation states. 

Our adversaries seek to and can paralyze our critical infrastructure, steal our intellectual property, conduct espionage, and access our personal and financial information. 

The collapse of our military networks, financial system, energy, transportation, and electricity "is not science fiction."

The cyber attacks are "real, stealth, and persistent, and can devastate our nation." 

It is "not a matter of if, but when a Cyber Pearl Harbor will occur."

And "we have been fortunate that up until this point that cyber attacks on our country have not caused a cataclysmic event."

I read from the Center for Strategic and International Studies (2011) that cybersecurity has taken a back seat after 9/11 to the War on Terror as well as the economic fight after the recession of 2008, with the result that "the United States is unprepared to defend itself."

Chairman McCaul critically states at the end of his opening statement, "Let's do something meaningful [now] because it is not a tolerable situation!"
Share/Save/Bookmark

March 19, 2013

iRobot For Your Windows


A Chinese company, Ecovacs, has developed a robot that cleans your windows--and it looks quite like an iRobot that cleans your floors.

You spray the cleaning pad, attach it to your window, and it senses that boundaries of the window and calculates a path to clean them. 


The spray pad wipes them, the squeegee collects dampness, and another wipes it dry. 


There are multiple safety features including dual suction rings, a safety pod with a tether, and an alarm if Winbot runs into problems. 


The spray pads once used can be removed, washed, and dried for another cleaning run. 


I like Winbot as long as it is just cleaning windows and not also looking in the window and listening to what you are doing to gain competitive advantages in a cyberspace that these days, knows few, if any, security bounds. ;-)

Share/Save/Bookmark

June 25, 2012

Security Advisory For Architecture Drawings

Dark Reading (21 June 2012) came out with security news of a AutoCAD Worm called ACAD/Medre.A that targets design documents.

I also found warnings about this vulnerability at PC magazine (24 June 2012).

This malware was discovered by computer security firm ESET

This is a serious exploitation in the industry leader for computer-aided design and drafting that is used to create most of our architectural blueprints.

Approximately 10,000 machines are said to have been affected in Peru and vicinity, with documents being siphoned off to email accounts in China. 

With information on our architectural structure and designs for skyscrapers, government building, military installations, bridges, power plants, dams, communication hubs, transportation facilities, and more, our critical infrastructure would be seriously jeopardized. 

This can even be used to steal intellectual property such as designs for innovations or even products pending patents. 

This new malware is another example of how cyber espionage is a scary new reality that can leave us completely exposed from the inside out.

Need any more reason to "air gap" sensitive information and systems?

(Source Photo: here with attribution to Wade Rockett)

Share/Save/Bookmark

May 29, 2012

A Cyber Security House Of Cards

Yesterday there were reports of a new "massive cyber attack" called the Flame.

A U.N. Spokesperson called it "the most powerful [cyber] espionage tool ever."

The Flame ups the cyber warfare ante and is "one of the most complex threats ever discovered"--20 times larger than Stuxnet--and essentially an "industrial vacuum cleaner for sensitive information."

Unlike prior cyber attacks that targeted computers to delete data ("Wiper"), steal data ("Duqu"), or to disrupt infrastructure ("Stuxnet"), this malware collects sensitive information. 

The malware can record audio, take screenshots of items of interest, log keyboard strokes, sniff the network, and even add-on additional malware modules as needed. 

Kaspersky Labs discovered the Flame visus, and there have been greater than 600 targets infected in more than 7 countries over the last 2 years with the greatest concentration in Iran. 

This is reminiscent of the Operation Shady Rat that was a 5-year cyber espionage attack discovered by McAfee in 2011--involving malware that affected more than 72 institutions in 14 countries. 

Separately, an attack on the U.S. Federal government's retirement investments--the Thrift Saving Plan --impacted the privacy and account information of 123,000 participants and "unathroized access"--and was reported just last week after being discovered as far back as July 2011.

Regardless of where the particular cyber attacks are initiating from, given the scale and potential impact of these, it is time to take cyber security seriously and adopt a more proactive rather than a reactive mode to it.

One can only wonder how many other cyber attacks are occuring that we don't yet know about, and perhaps never will.

We can't afford to fumble the countermeasures to the extraordinary risk we face in the playing fields of cyber warfare. 


We have to significantly strengthen our cyber defenses (and offenses) -- or else risk this "cyber house of cards" come crashing down. 

It's time for a massive infusion of funds, talent, tools, and leadership to turn this around and secure our nation's cyber infrastructure.   

(Source Photo: here with attribution to Dave Rogers)

Share/Save/Bookmark