The Home Game Has Arrived: Lessons from the 10th Asymmetric Threat Symposium

 

Last week I was privileged to attend the 10th Asymmetric Threat Symposium. It’s not the first of these I’ve attended but was clearly the best. Maybe the participants felt less restrained by politics and thus spoke more directly to the issues we truly face. Or maybe the quality of experts is rising. For whatever reason, the event was candid and sobering, even for me. The event was held near our nation’s capitol and was sponsored by CACI International, the Center for Security Policy, and ISW (Institute for the Study of War). The title:  What Does It Take to Protect America? Combatting Global Asymmetric Threats.

While the rules of the event require that comments be shared without attribution, I’m pleased to offer a recap for our readers. You can read the agenda and see information about prior versions at www.asymmetricthreat.net. The speakers and panelists were impressive. In fact, I counted 36 stars on the shoulders (Admirals and Generals) of about a dozen participants, both active and retired, not to mention academic and civilian experts.

There were many important points covered and I’ll recap just a few:

First, the question was asked and answered. Are we already at war? Continue reading →

America’s Cyber Vulnerabilities

ISTOCK.COM/MONSITJ

 

Cyber is the newest branch of warfare. Even in its baby stages, it has the potential to cripple the United States.

On the afternoon of Dec. 23, 2015, Ukrainian engineers from a Prykarpattya Oblenergo power station stared at a computer screen while the cursor progressed on its own across the monitor. The mouse on the table had not moved. But the cursor hovered over the station’s breakers, each one controlling power to thousands of Ukrainian citizens. Then, with one mouse click at a time, the hackers now in control of the power station began shutting off power to hundreds of thousands of Ukrainians.

At the same time, Kyivoblenergo employees watched as dozens of substations shut down, one by one. In their case, there was no phantom mouse. A computer on their network that they could not locate was being used by someone to shut down the power—and there was nothing they could do. Continue reading →

Experts Say Medical Care Next Big Cyber Threat

 

Panelists discuss risks posed by new ‘Internet of Bodies’

“Medical care is the next cyber warfare,” technologist Janine Medina explained Thursday at a panel on the cybersecurity problems posed by the emerging prevalence of internet-connected medical and body-embedded devices. Continue reading →

Files released by WikiLeaks show advanced CIA collection methods

As we all know by now:

 

Thousands of documents belonging to the United States Central Intelligence Agency, which were released on Tuesday by the international anti-secrecy website WikiLeaks, are almost certainly genuine. They reveal an entire universe of technical intelligence collection methods used by the CIA to extract information from digital applications and electronic devices, ranging from flash drives to smart screen televisions. WikiLeaks named the collection Vault 7, and said that it consists of nearly 8,000 web pages and 1,000 attachments. It also said that its editors redacted hundreds of pages of computer code, in order to prevent the public release of advanced cyberweapons that are allegedly used by the CIA to sabotage electronic devices and systems. Continue reading →

Over 1 bil. Yahoo accounts breached in largest cyber intrusion ever

Technology giant Yahoo disclosed Wednesday that hackers had broken into more than one billion of its user accounts, starting three years ago, and stolen personal information including addresses, telephone numbers, dates of birth and security questions. Yahoo had said in September that 500,000 other accounts were compromised but denied that they included credit card or other financial information. Continue reading →

Sources: SWIFT System Under Constant Cyber Attack

Sources: SWIFT System Under Constant Cyber Attack

 

(LONDON) Cyber attacks targeting the global bank transfer system have succeeded in stealing funds since February’s heist of $81 million from the Bangladesh central bank as hackers have become more sophisticated in their tactics, according to a SWIFT official and a previously undisclosed letter the organization sent to banks worldwide.

• The messaging network in a Nov. 2 letter seen by Reuters warned banks of the escalating threat to their systems, according to the SWIFT letter.
• The attacks and new hacking tactics underscore the continuing vulnerability of the SWIFT messaging network, which handles trillions of dollars in fund transfers daily.
• “The threat is very persistent, adaptive and sophisticated – and it is here to stay,” SWIFT said in the November letter to client banks, seen by Reuters. Continue reading →

Updated: A million German routers knocked offline by failed Mirai botnet attack

Nearly a million customers of telecoms company Deutsche Telekom AG began experiencing network outages, possibly to due hacker sabotage.

Deutsche Telekom said that an outage of service to nearly one million customers over the weekend was possibly a botched attempt to capture a massive botnet.

Deutsche Telekom’s head of IT security Thomas Tschersich, speaking to German newspaper Der Tagesspiegel, blamed the outages that hit 900,000 customers over the 26 November weekend on hackers who tried and failed to recruit those customers’ routers into a botnet. Continue reading →

SCADA malware discovered in European energy company

For more information on this vulnerability, please refer to the SCADA/SCADAs tags.

A new piece of industrial control malware has been discovered. Dubbed SFG, Sentinel One Labs discovered the piece on the information networks of a yet-unnamed European energy company.

It appears quite sophisticated. It not only collects information on the infected system but opens a backdoor through which a destructive payload could be launched, “to potentially shut down an energy grid”. Continue reading →

The Wars of the Near Future (IV)

MUNICH/BERLIN (Own report) – The Bundeswehr University in Munich has convened a high level cyberwarfare conference. Organized by the military academy’s research center’s “Cyber Operational Defense” (CODE), representatives from the Defense, Interior and Foreign Ministries, the Bavarian Regional Office of Criminal Investigation as well as from several leading German arms companies are among the participants. German Defense Minister Ursula von der Leyen (CDU) recently announced the establishment of a new branch of the military, the “Cyber and Information Command” (KdoCIR) with a staff of 13,500. Like the Army, Navy, and Air Force, it will be commanded by its own Inspector General. The Bundeswehr has already launched an advertising campaign costing millions, which, according to the Minister, is aimed at recruiting IT specialists (“Nerds”) for military service. The Bundeswehr is explicitly preparing capabilities for cyber attacks – a project that is massively being promoted by NATO. The “neutralization” of enemy air defenses through cyber attacks is also in discussion.

Continue reading →

U.S. government worse than all major industries on cyber security: report

WASHINGTON (Reuters) – U.S. federal, state and local government agencies rank in last place in cyber security when compared against 17 major private industries, including transportation, retail and healthcare, according to a new report released Thursday.

The analysis, from venture-backed security risk benchmarking startup SecurityScorecard, measured the relative security health of government and industries across 10 categories, including vulnerability to malware infections, exposure rates of passwords and susceptibility to social engineering, such as an employee using corporate account information on a public social network. Continue reading →

NUKE TERROR FEARS: Billions to be spent to stop ISIS hacking into UK nuclear weapons

Growing fears over a plot by Islamic State (ISIS), China, Russia or North Korea to interfere with the UK’s military has prompted a major review of security policy.

After a high level warning last year that the UK’s nuclear weapons could be wiped out by hackers, the stockpile will now be upgraded to counter emerging threats.

Continue reading →

China Hacked F-22, F-35 Stealth Jet Secrets

Su Bin

Chinese national pleads guilty in California to hacking Boeing C-17 data

A Chinese businessman pleaded guilty this week to conspiracy to hack computer networks of U.S. defense contractors and obtain sensitive data on military aircraft that was passed on to China.

Su Bin, also known as Stephen Su and Stephen Subin, reached a plea deal in U.S. District Court in Los Angeles on Tuesday, following a 2014 criminal complaint and later indictment for illegal computer hacking and theft and transfer of export-controlled data. Continue reading →

A Cyberattack Has Paralyzed a Los Angeles Hospital

Hospitals have little or no safeguards against this threat and it’s sadly just a matter of time before they start manipulating patient dosages at pharmacies or taint hospital food at production plants.

 

 

Doctors have been locked out of patient records for more than a week by hackers who are demanding money to release the data.

A hospital in Los Angeles has been operating without access to email or electronic health records for more than a week, after hackers took over its computer systems and demanded millions of dollars in ransom to return it.

The hackers that broke into the Hollywood Presbyterian Medical Center’s servers are asking for $3.6 million in Bitcoin, a local Fox News affiliate reported. Hospital staff are working with investigators from the Los Angeles Police Department and the FBI to find the intruders’ identities. Continue reading →

Hackers Turn Ukrainian Infrastructure into ‘Powder Keg’

For more information on SCADAs, their vulnerabilities and exploitations, please see the SCADA tag.

An example article showing American vulnerability to SCADA attacks:

UPDATE 3: U.S. probes cyber attack on water system

 

Several attacks have already taken place against regional power plants in Ukraine, resulting in several short-term blackouts in December 2015. It was the first recorded case of power outages being caused by cyber attacks and originated from a type of malware known as BlackEnergy.

It is not clear who was behind the attacks but a military spokesperson stated last week that they were originating from Russia. Another type of malware has since been discovered by investigators looking into the December cyber attacks, although researchers say it is impossible to know how many systems are currently at risk. Continue reading →

Cyber Attacks on U.S. Companies Since November 2014

Researchers are concerned over the strength and comprehensiveness of cybersecurity in the U.S., as companies across the country are being targeted in cyber attacks at an increasing rate of both occurrence and cost. Concerns continue to grow as both the number of attacks on companies’ networks and the cost to companies are increasing. The quantity and quality of information being hacked, stolen, destroyed, or leaked is becoming more of a problem for consumers and businesses alike. Continue reading →