Tag Archives: investigation

[ISN] GAO: Defense installation utilities at risk of cyber attack

http://www.militarytimes.com/story/military/2015/07/24/utility-cyber-attack/30615033/ By Andrew Tilghman Staff writer Military Times July 25, 2015 The utility systems that provide water, electricity and other essential services to military installations worldwide have limited defenses against cyber-attacks, putting many bases at risk for a “serious mission-disabling event,” a new Government Accountability Office report says. A recent GAO investigation identified a disturbing vulnerability in the military’s network of “industrial control systems,” the computers that monitor or operate physical utility infrastructure. For example, “most” Navy and Marine Corps industrial control systems (ICS) “have very little in the way of security controls and cybersecurity measures in place,” according to government documents identified by the GAO. That leaves many installations exposed to a “cyber-physical effect” attack that could cause the “physical destruction of utility infrastructure controlled by an ICS,” the GAO said. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] GAO: Defense installation utilities at risk of cyber attack

http://www.militarytimes.com/story/military/2015/07/24/utility-cyber-attack/30615033/ By Andrew Tilghman Staff writer Military Times July 25, 2015 The utility systems that provide water, electricity and other essential services to military installations worldwide have limited defenses against cyber-attacks, putting many bases at risk for a “serious mission-disabling event,” a new Government Accountability Office report says. A recent GAO investigation identified a disturbing vulnerability in the military’s network of “industrial control systems,” the computers that monitor or operate physical utility infrastructure. For example, “most” Navy and Marine Corps industrial control systems (ICS) “have very little in the way of security controls and cybersecurity measures in place,” according to government documents identified by the GAO. That leaves many installations exposed to a “cyber-physical effect” attack that could cause the “physical destruction of utility infrastructure controlled by an ICS,” the GAO said. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hacking Team orchestrated brazen BGP hack to hijack IPs it didn’t own

http://arstechnica.com/security/2015/07/hacking-team-orchestrated-brazen-bgp-hack-to-hijack-ips-it-didnt-own/ By Dan Goodin Ars Technica July 12, 2015 Spyware service provider Hacking Team orchestrated the hijacking of IP addresses it didn’t own to help Italian police regain control over several computers that were being monitored in an investigation, e-sent among company employees showed. Over a six day period in August 2013, Italian Web host Aruba S.p.A. fraudulently announced its ownership of 256 IP addresses into the global routing system known as border gateway protocol, the messages document. Aruba’s move came under the direction of Hacking Team and the Special Operations Group of the Italian National Military Police, which was using Hacking Team’s Remote Control System malware to monitor the computers of unidentified targets. The hijacking came after the IP addresses became unreachable under its rightful owner Santrex, the “bullet-proof” Web hosting provider that catered to criminals and went out of business in October 2013, according to KrebsOnSecurity. It’s not clear from the e-mails, but they appear to suggest Hacking Team and the Italian police were also relying on Santrex. The emails were included in some 400 gigabytes of proprietary data taken during last weekend’s breach of Hacking Team and then made public on the Internet. With the sudden loss of the block of IP addresses, Italy’s Special Operations Group was unable to communicate with several computers that were infected with the Hacking Team malware. The e-mails show Hacking Team support workers discussing how the law enforcement agency could regain control. Eventually, Italian police worked with Aruba to get the block—which was known as 46.166.163.0/24 in Internet routing parlance—announced in the BGP system as belonging to Aruba. It’s the first known case of an ISP fraudulently announcing another provider’s address space, said Doug Madory, director of Internet analysis at Dyn Research, which performs research on Internet performance. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] How To Break Into the CIA’s Cloud on Amazon

http://www.defenseone.com/technology/2015/07/how-break-cias-cloud-amazon/117175/ By Patrick Tucker defenseone.com July 7, 2015 Last year, Amazon Web Services surprised a lot of people in Washington by beating out IBM for a $600 million contract to provide cloud services and data storage to the CIA and the broader intelligence community. But more money can bring more problems. Amazon, in essence, has turned itself into the most valuable data target on the planet. The cloud is completely separate from the rest of the Internet and heavy duty encryption is keeping the spies’ secrets relatively safe from outsiders — but what about an attack from within? In 2010, Army PFC Bradley — now Chelsea — Manning explained how she stole millions of classified and unclassified government documents: “Weak servers, weak logging, weak physical security, weak counter-intelligence, inattentive signal analysis.” She “listened and lip-synced to Lady Gaga’s ‘Telephone’ while exfiltrating possibly the largest data spillage in American history.” So if you wanted to pull off a similar feat at Amazon, how would you do it? First, get a job at Amazon’s Commercial Cloud Service or C2S, sometimes called the “spook cloud.” According to this help-wanted ad, applicants must pass a single-scope background investigation—in essence, the kind of detailed 10-year background check required for a Top Secret security clearance. Of course, to a savvy spy or informant, obtaining top-secret clearance is not the barrier it once was. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Encryption Hinders Investigations: FBI Chief

http://www.informationweek.com/mobile/mobile-devices/encryption-hinders-investigations-fbi-chief/d/d-id/1321231 By Thomas Claburn Informationweek.com July 8, 2015 FBI Director James Comey appeared before the Senate Judiciary Committee on Wednesday to argue for legal support to weaken strong encryption, which he claims obstructs criminal investigations. The title of the hearing, “Going Dark: Encryption, Technology, and the Balance Between Public Safety and Privacy,” borrows Comey’s characterization of encryption as way to conceal evidence of criminal acts. “We are seeing more and more cases where we believe significant evidence resides on a phone, a tablet, or a laptop—evidence that may be the difference between an offender being convicted or acquitted,” said Comey and Sally Quillian Yates, US Deputy Attorney General, in joint prepared remarks. “If we cannot access this evidence, it will have ongoing, significant impacts on our ability to identify, stop, and prosecute these offenders.” The concerns of Comey and Yates were echoed by Cyrus Vance Jr., District Attorney for New York County, who complained about the device encryption deployed by Apple and Google last fall. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Pentagon Contractors Rank Below Retailers and Banks When it Comes to Cybersecurity

http://www.nextgov.com/cybersecurity/2015/07/pentagon-contractors-ranked-below-retailers-and-banks-when-it-comes-cybersecurity/116899/ By Aliya Sternstein Nextgov.com July 5, 2015 After revelations that a compromised contractor login abetted a grandiose breach of federal employees’ background investigations, now comes word that Defense Department suppliers score below hacked retailers when it comes to cyber defense. The new industry-developed cyber rankings


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Sony Pictures: Inside the Hack of the Century, Part 1

https://fortune.com/sony-hack-part-1/ By Peter Elkind Fortune.com June 25, 2015 A cyber-invasion brought Sony Pictures to its knees and terrified corporate America. The story of what really happened—and why Sony should have seen it coming. A special three-part investigation. On Monday, Nov. 3, 2014, a four-man team from Norse Corp., a small “threat-intelligence” firm based in Silicon Valley, arrived early for an 11:30 a.m. meeting on the studio lot of Sony Pictures Entertainment, in the Los Angeles suburb of Culver City. They were scheduled to see Sony’s top cybersecurity managers to pitch Norse’s services in defending the studio against hackers, who had been plaguing Sony for years. After a quick security check at the front gate and then proceeding to the George Burns Building on the east side of the Sony lot, the Norse group walked straight into the unlocked first-floor offices of the information security department, marked with a small sign reading info sec. There was no receptionist or security guard to check who they were; in fact, there was no one in sight at all. The room contained cubicles with unattended computers providing access to Sony’s international data network. The visitors found their way to a small sitting area outside the office of Jason Spaltro, Sony’s senior vice president for information security, settled in, and waited. Alone. For about 15 minutes. “I got a little shocked,” says Tommy Stiansen, Norse’s co-founder and chief technology officer. “Their Info Sec was empty, and all their screens were logged in. Basically the janitor can walk straight into their Info Sec department.” Adds Mickey Shapiro, a veteran entertainment attorney who helped set up the meeting and was present that day: “If we were bad guys, we could have done something horrible.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail