[ISN] ASIO hacking failed, officials say

http://www.canberratimes.com.au/it-pro/security-it/asio-hacking-failed-officials-say-20130531-2nhgk.html By Philip Dorling The Canberra Times June 1, 2013 Australian national security officials have denied classified plans of ASIO’s new headquarters building were stolen by Chinese hackers and say the opposition was informed of this in a security briefing. According to security officials, there were attempted cyber intrusions against contractors engaged in the ASIO headquarters building project. The attacks are understood to have taken place in 2009-10. The malware employed in these efforts targeted building drawings and schematics. But the attempted hacking was ”not successful” in obtaining sensitive classified information. ”This was one of many attempts to obtain sensitive Australian government information, most likely by Chinese intelligence services but there was no compromise,” a security official said on condition of anonymity. ”Contracting firms involved in the project are required to comply with the highest security standards, including in regard to IT security, and this incident demonstrated the effectiveness of those measures.” […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Lawmakers press Obama to get tough with China on cyber espionage

http://thehill.com/blogs/hillicon-valley/technology/302885-lawmakers-to-obama-get-tough-with-china-on-hacking By Jennifer Martinez Hillicon Valley 06/02/13 Congressional pressure is mounting for President Obama to talk tough this week to his Chinese counterpart Xi Jinping on cybersecurity. House Intelligence Chairman Mike Rogers (R-Mich.) is calling on Obama to explicitly warn the Chinese president that cyberattacks waged by the country’s government and military against the U.S. “will not be tolerated.” “In years past, this cyber trade war has been well down the list of bilateral concerns to address with China. It is high time for it to jump to the top of the list,” Rogers said in a statement to The Hill. The House Intelligence Chairman has accused China of waging a sweeping cyber espionage campaign against American companies and the government. Rogers has made cybersecurity, particularly cyberattacks stemming from China, a cornerstone issue for the committee. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hacking The TDoS Attack

http://www.darkreading.com/attacks-breaches/hacking-the-tdos-attack/240155809 By Kelly Jackson Higgins Dark Reading May 30, 2013 When an ICU nurse refused to pay scammers who insisted she owed money for a payday loan, they unleashed a robo-dial flood of hundreds of calls per hour that ultimately shut down the phone system of the hospital’s intensive care unit. In another case, supporters of a popular company that received a negative rating from a major financial firm voiced their displeasure by crowdsourcing phone calls to the firm in an attempt to block its trading and other functions — and they organized it via a Facebook Event post. These real-world cases of telephony denial-of-service (TDoS) attacks in the past year didn’t get the publicity that distributed denial-of-service (DDoS) attacks did, but security experts say these types of attacks have been on the rise in the past couple of years and can be just as damaging as a DDoS. “Personally, I believe that it’s a more invasive approach to target a company’s [or] individual’s primary means of communication. Just like DDoS attacks, based on my observations, they tend to abuse the infrastructure of legitimate services, Skype, ICQ, major U.S-based carriers, and relevant SIP providers,” cybercrime researcher Dancho Danchev said in an interview via email. TDoS attacks — which earlier this year were becoming prevalent enough that the U.S. Department of Homeland Security issued an alert about a threat of TDoS attacks on public sector entities in an attempt to extort money — are typically similar in motivation and goals as DDoS attacks that flood networks, websites or other servers with massive volumes of traffic meant to bring an organization’s data structure to its knees. Call centers are the most popular TDoS targets — they’re easy to contact and flood with calls — and, increasingly, there are more tools readily available tools for launching these attacks on any organization or individual’s location. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] E-vil empire: USSR’s old domain space is increasingly attractive hideout for hackers

http://www.canada.com/entertainment/Evil+empire+USSRs+domain+space+increasingly+attractive+hideout/8459435/story.html BY RAPHAEL SATTER THE ASSOCIATED PRESS MAY 31, 2013 MOSCOW – The Soviet Union disappeared from the map more than two decades ago. But online an ‘e-vil empire’ is thriving. Security experts say the .su Internet suffix assigned to the USSR in 1990 has turned into a haven for hackers who’ve flocked to the defunct superpower’s domain space to send spam and steal money. Capitalist concerns, rather than Communist nostalgia, explain the move. “I don’t think that this is really a political thing,” Oren David, a manager at security firm RSA’s anti-fraud unit, said in a recent telephone interview. David noted that other obscure areas of the Internet, such as the .tk domain associated with the South Pacific territory of Tokelau, have been used by opportunistic hackers. “It’s all about business,” he said. David and others say scammers began to move to .su after the administrators of Russia’s .ru space toughened their rules back in late 2011. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] NATO’s Next War — in Cyberspace

http://online.wsj.com/article/SB10001424127887323855804578508894129031084.html By ANDERS FOGH RASMUSSEN The Wall Street Journal June 2, 2013 On April 23, the Dow Jones Industrial Average dropped by 150 points within seven minutes, destroying billions of dollars in value. The reason was a message on the Associated Press’s Twitter account claiming that two explosions had shaken the White House. The tweet was quickly exposed as bogus, the result of hacking by a group identifying itself as the Syrian Electronic Army. The Dow recovered immediately. But the lesson was clear. A single tweet can cause major economic disruption. How times have changed. During the age of the Berlin Wall, tanks and ideologies faced off across closed borders. In the age of the firewall, borders are open, ideas are free and war can be virtual—but its consequences just as devastating and real. Europol, the European Union’s law-enforcement agency, puts the annual value of corporations’ losses from criminal cyberactivity at $1 trillion. Computer viruses can shut down key infrastructure such as nuclear power plants, international airports, or power grids. Cyberattacks are a cheap way for terrorists, activists and state-sponsored agents to do extensive damage. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail