[ISN] N.Korea ‘Confident’ in Cyber Warfare Capabilities

http://english.chosun.com/site/data/html_dir/2013/04/08/2013040801313.html The Chosunilbo April 8, 2013 North Korean leader Kim Jong-un in February expressed confidence in the regime’s cyber warfare capabilities against South Korea. A South Korean official on Sunday quoted Kim as saying at the time, “If we have strong information technology and brave warriors like the Reconnaissance General Bureau, we will be able to break any sanctions and have no problem building a strong and prosperous country.” The official said the North has reason to be confident in its 12,000 highly skilled hackers, who are able to avoid detection by erasing their traces. Talented children in sciences in North Korea get intensive computer training at Kumsong Middle School in Pyongyang. They are then raised as “cyber warriors” for three to five years at either Mirim College under the General Staff Department or Moranbong College under the Reconnaissance Bureau. An estimated 1,000 North Korean hackers work under cover for educational software companies, animation companies and trade firms across China, Southeast Asia, and Europe. […] ______________________________________________ Attend #HITB2013AMS April 8th – 11th in Amsterdam. Featuring over 42 international speakers and keynotes by Bob Lord and Edward Schwartz http://conference.hitb.org




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] DHS warns of spear-phishing campaign against energy companies

https://www.computerworld.com/s/article/9238190/DHS_warns_of_spear_phishing_campaign_against_energy_companies By Jaikumar Vijayan Computerworld April 5, 2013 The Department of Homeland Security (DHS) has a warning for organizations that post a lot of business and personal information on public web pages and social media sites: Don’t do it. Phishers, the agency said in an alert this week, look for such information and use it to craft authentic looking emails aimed at fooling people in large organizations into opening and downloading things they shouldn’t. The alert was prompted by an incident last October in which 11 companies in the energy sector were targeted in a sophisticated spear-phishing campaign apparently aimed at breaching their network security. The phishing campaign was made possible to a large extent by information posted publicly by an energy company listing attendees at a recent conference. The employee names, email addresses, organizational affiliations and work titles so helpfully posted by the company was used by spear-phishers to launch customized attacks against energy sector companies. […] ______________________________________________ Attend #HITB2013AMS April 8th – 11th in Amsterdam. Featuring over 42 international speakers and keynotes by Bob Lord and Edward Schwartz http://conference.hitb.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Anonymous targets Israel in another cyberattack

http://news.cnet.com/8301-1009_3-57578331-83/anonymous-targets-israel-in-another-cyberattack/ By Steven Musil CNet News April 7, 2013 Anonymous claims that a cyberattack launched against Israeli government Web sites this weekend has caused billions of dollars of damage, although Israeli officials say there have been no major disruptions. The group claimed it hacked more than a dozen official Israeli Web sites, including those for the Israel Police, the Prime Minister’s Office, the Israel Securities Authority, the Immigrant Absorption Ministry, and the Central Bureau of Statistics. The country’s page for the Ministry of Defense was offline today as well, which Anonymous took credit for hacking in a tweet: The group estimates that #OpIsrael has caused more than $3 billion in damage, hacking more than 100,000 Web sites, 40,000 Facebook accounts, and 30,000 bank accounts belonging to Israelis. However, Yitzhak Ben Yisrael, of the government’s National Cyber Bureau, said the campaign has caused minimal disruption to key government Web sites. […] ______________________________________________ Attend #HITB2013AMS April 8th – 11th in Amsterdam. Featuring over 42 international speakers and keynotes by Bob Lord and Edward Schwartz http://conference.hitb.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] ‘Hidden’ Law Could Hamper Gov’t Infosec

http://www.bankinfosecurity.com/blogs/hidden-law-could-hamper-govt-infosec-p-1446 By Eric Chabrow Bank Info Security April 5, 2013 A mysterious lawmaker shielded by congressional rules covertly added language into a new law that could make the purchase of IT security wares very difficult for the departments of Commerce and Justice, NASA and the National Science Foundation. The law – the Consolidated and Further Continuing Appropriations Act of 2013, commonly known as the continuing resolution – funds federal government operations through September and was enacted by Congress and signed by President Obama last month. The law contains a number of amendments that go beyond funding the government, including one that could complicate the process to acquire IT security wares for the four federal agencies. Simply, the added provision requires that the agencies’ heads in consultation with the FBI or another appropriate federal entity (which weren’t identified in the legislation but presumably could include the Department of Homeland Security and National Security Agency) to conduct for the remainder of the fiscal year risk assessments on acquired technology to see if they pose a threat for cyber-espionage or sabotage. The rider specifically mentions systems from Chinese manufacturers, which some lawmakers suspect produce computer and telecommunications equipment that can spy on IT systems at the request of the Chinese government, an allegation the manufacturers and China deny. […] ______________________________________________ Attend #HITB2013AMS April 8th – 11th in Amsterdam. Featuring over 42 international speakers and keynotes by Bob Lord and Edward Schwartz http://conference.hitb.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail