Tag Archives: 199

[ISN] Surprise! America Already Has a Manhattan Project for Developing Cyber Attacks

http://www.wired.com/2015/02/americas-cyber-espionage-project-isnt-defense-waging-war By Kevin Poulsen Threat Level Wired.com 02.18.15 “What we really need is a Manhattan Project for cybersecurity.” It’s a sentiment that swells up every few years in the wake of some huge computer intrusion—most recently the Sony and Anthem hacks. The invocation of the legendary program that spawned the atomic bomb is telling. The Manhattan Project is America’s go-to shorthand for our deep conviction that if we gather the smartest scientists together and give them billions of dollars and a sense of urgency, we can achieve what otherwise would be impossible. A Google search on “cyber Manhattan Project” brings up results from as far back as 1997—it’s second only to “electronic Pearl Harbor” in computer-themed World War II allusions. In a much-circulated post on Medium last month, futurist Marc Goodman sets out what such a project would accomplish. “This Manhattan Project would help generate the associated tools we need to protect ourselves, including more robust, secure, and privacy-enhanced operating systems,” Goodman writes. “Through its research, it would also design and produce software and hardware that were self-healing and vastly more resistant to attack and resilient to failure than anything available today.” These arguments have so far not swayed a sitting American president. Sure, President Obama mentioned cybersecurity at the State of the Union, but his proposal not only doesn’t boost security research and development, it potentially criminalizes it. At the White House’s cybersecurity summit last week, Obama told Silicon Valley bigwigs that he understood the hacking problem well—“We all know what we need to do. We have to build stronger defenses and disrupt more attacks”—but his prescription this time was a tepid executive order aimed at improving information sharing between the government and industry. Those hoping for something more Rooseveltian must have been disappointed. On Monday, we finally learned the truth of it. America already has a computer security Manhattan Project. We’ve had it since at least 2001. Like the original, it has been highly classified, spawned huge technological advances in secret, and drawn some of the best minds in the country. We didn’t recognize it before because the project is not aimed at defense, as advocates hoped. Instead, like the original, America’s cyber Manhattan Project is purely offensive. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] The World’s Email Encryption Software Relies on One Guy, Who is Going Broke

http://www.propublica.org/article/the-worlds-email-encryption-software-relies-on-one-guy-who-is-going-broke By Julia Angwin ProPublica Feb. 5, 2015 Update, Feb. 5, 2015, 8:10 p.m.: After this article appeared, Werner Koch informed us that last week he was awarded a one-time grant of $60,000 from Linux Foundation’s Core Infrastructure Initiative. Werner told us he only received permission to disclose it after our article published. Meanwhile, since our story was posted, donations flooded Werner’s website donation page and he reached his funding goal of $137,000. In addition, Facebook and the online payment processor Stripe each pledged to donate $50,000 a year to Koch’s project. The man who built the free email encryption software used by whistleblower Edward Snowden, as well as hundreds of thousands of journalists, dissidents and security-minded people around the world, is running out of money to keep his project alive. Werner Koch wrote the software, known as Gnu Privacy Guard, in 1997, and since then has been almost single-handedly keeping it alive with patches and updates from his home in Erkrath, Germany. Now 53, he is running out of money and patience with being underfunded. “I’m too idealistic,” he told me in an interview at a hacker convention in Germany in December. “In early 2013 I was really about to give it all up and take a straight job.” But then the Snowden news broke, and “I realized this was not the time to cancel.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Finally, a New Clue to Solve the CIA’s Mysterious Kryptos Sculpture

http://www.wired.com/2014/11/second-kryptos-clue/ By Kim Zetter Threat Level Wired.com 11.20.14 In 1989, the year the Berlin Wall began to fall, American artist Jim Sanborn was busy working on his Kryptos sculpture, a cryptographic puzzle wrapped in a riddle that he created for the CIA’s headquarters and that has been driving amateur and professional cryptographers mad ever since. To honor the 25th anniversary of the Wall’s demise and the artist’s 69th birthday this year, Sanborn has decided to reveal a new clue to help solve his iconic and enigmatic artwork. It’s only the second hint he’s released since the sculpture was unveiled in 1990 and may finally help unlock the fourth and final section of the encrypted sculpture, which frustrated sleuths have been struggling to crack for more than two decades. The 12-foot-high, verdigrised copper, granite and wood sculpture on the grounds of the CIA complex in Langley, Virginia, contains four encrypted messages carved out of the metal, three of which were solved years ago. The fourth is composed of just 97 letters, but its brevity belies its strength. Even the NSA, whose master crackers were the first to decipher other parts of the work, gave up on cracking it long ago. So four years ago, concerned that he might not live to see the mystery of Kryptos resolved, Sanborn released a clue to help things along, revealing that six of the last 97 letters when decrypted spell the word “Berlin”—a revelation that many took to be a reference to the Berlin Wall. To that clue today, he’s adding the next word in the sequence—“clock”—that may or may not throw a wrench in this theory. Now the Kryptos sleuths just have to unscramble the remaining 86 characters to find out. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Why Health Data Security Still Has Catching Up To Do

http://healthitsecurity.com/2014/11/17/health-data-security-still-catching/ By Elizabeth Snell Health IT Security November 17, 2014 There is no question that the healthcare industry and its subsequent health data security options have made great strides over the last several years. However, with cyber thieves more interested than ever before in medical information, it is essential for healthcare organizations to go beyond the standard HIPAA compliance standards. Mark Ford, Principle of Deloitte Cyber Risk Services, specializes in the healthcare industry and discussed the current cyber threats and health data security issues with HealthITSecurity.com. According to Ford, the healthcare sector has come a long way in the last five years alone. However, the industry is still behind others – such as manufacturing and financial services – in terms of implementing the necessary cyber risk prevention measures. “What I’ve seen over time is the industry is making progress,” Ford said. “It’s still kind of slow, it’s more reactive, and has a more compliant focus still. There’s a pretty significant gap between where they are today and where they ultimately need to be. The only way to close that gap is to obviously understand what it is and does to make sure they can lift themselves up to another level of maturity in the future.” For example, Ford explained that from the mid-1990s to the early 2000s, approximately 70 percent of the online threats to the healthcare industry were from insider threats. The rest was relegated to hacker threats. However, that has shifted as there are now different types of hackers. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Major Cyber Attack Will Cause Significant Loss of Life By 2025, Experts Predict

http://www.defenseone.com/threats/2014/10/cyber-attack-will-cause-significant-loss-life-2025-experts-predict/97688/ By Patrick Tucker Defense One October 29, 2014 A major cyber attack will happen between now and 2025 and it will be large enough to cause “significant loss of life or property losses/damage/theft at the levels of tens of billions of dollars,” according to more than 60 percent of technology experts interviewed by the Pew Internet and American Life Project. But other experts interviewed for the project “Digital Life in 2015,” released Wednesday, said the current preoccupation with cyber conflict is product of software merchants looking to hype public anxiety against an eternally unconquerable threat. It’s the old phantom of the “cyber Pearl Harbor,” a concept commonly credited to former Defense Secretary Leon Panetta but that is actually as old as the world wide web. It dates back to security expert Winn Schwartau’s testimony to Congress in 1991, when he warned of an “electronic Pearl Harbor” and said it was “waiting to occur.” More than two decades later, we’re still waiting. The Pew report offers, if nothing else, an opportunity to look at how the cyber landscape has changed and how it will continue to evolve between now and 2025. Potential Infrastructure Vulnerabilities A key concern for many of the experts Pew interviewed is infrastructure, where very real cyber vulnerabilities do exist and are growing. Stewart Baker, former general counsel for the National Security Agency and a partner at Washington, D.C.-based law firm Steptoe & Johnson told Pew, “Cyberwar just plain makes sense. Attacking the power grid or other industrial control systems is asymmetrical and deniable and devilishly effective. Plus, it gets easier every year. We used to worry about Russia and China taking down our infrastructure. Now we have to worry about Iran and Syria and North Korea. Next up: Hezbollah and Anonymous.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] The Security Setup – HD Moore

http://www.thesecuritysetup.com/home/2014/10/1/hd-moore [Interesting website I found while following someone else who was profiled earlier, Uri with @redteamsblog, the idea here is ‘what setup do folks in security use to attack, defend, build, break, hack, crack, secure, etc.’ which should make for some interesting reading. – WK] H D Moore OCTOBER 1, 2014 Who are you, and what do you do? My name is H D Moore (since the day I was born, it doesn’t stand for anything). I am a security researcher and the chief research officer for Rapid7. Some folks may be familiar with my work on Metasploit, but these days I also spend a lot of time scanning the internet as part of Project Sonar. My servers send friendly greetings to your servers at least once a week. Howdy! What hardware & operating systems do you use? Lots. My normal workload involves crunching a billion records at a time, running a dozen different operating systems, and still handling corporate stuff via Outlook and PowerPoint. As of 2009, I finally made the switch to Windows as my primary OS after being a die-hard Linux user since 1995. That doesn’t mean that I use Windows itself all that much, but I find it to be a useful environment to run virtual machines and access the rest of my hardware with SSH and X11. The tipping point was the need to quickly respond to corporate email and edit Office documents without using a dedicated virtual machine or mangling the contents in the process. The second benefit to using Windows is on the laptop front; Suspend, resume, and full hardware support don’t involve weeks of tuning just to have a portable machine. Finally, I tend to play a lot of video games as well, which work best on overspecced Windows hardware. All that said, Windows as productivity platform isn’t great, and almost all of my real work occurs in web browsers (Chrome), virtual machines (VMWare for Intel/AMD64 and QEmu for RISC), and SSH-forwarded XFCE4 tabbed-terminals. The laptop I currently use started life as a banged up ASUS ROG G750 (17″) bought as the display model from a Best Buy. The drives, video card, and memory were swapped out bringing the total specs up to 32Gb RAM, a 512Gb SSD boot disk, a 1Tb backup disk, and a GeForce GTX 770 GPU. This runs the most loathed operating system of all, Windows 8.1 (Update 1) Enterprise, but it has a huge screen, was relatively cheap, and can run my development virtual machines without falling over. It also runs Borderlands2 and Skyrim at maximum settings, critical features for any mobile system. Given that the total cost was under $1,500, it is a great machine for working on the road and blocking automatic weapons fire (as its weighs about 20 Lbs with accessories). I carry this beast around in a converted ammunition bag, sans the grenade pouches. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Secret Service study from 1990s found White House vulnerable to fence-jumpers

http://www.washingtonpost.com/politics/secret-service-study-from-1990s-found-white-house-vulnerable-to-fence-jumpers/2014/09/22/b1cf4f4e-4272-11e4-b47c-f5889e061e5f_story.html By Carol D. Leonnig and Spencer S. Hsu The Washington Post September 22, 2014 The Secret Service commissioned a classified mock attack two decades ago that found an easy way to pierce the White House security zone: Overwhelm Secret Service officers on the compound with six to eight attackers climbing over the fence at the same time. That vulnerability remains, despite the creation of specially trained counterassault and surveillance teams recommended at the time, according to government officials who were briefed on the findings and requested anonymity to discuss sensitive information. Securing the White House grounds has been further complicated over the past two years by severe staffing shortages and high turnover rates in the officer division tasked with patrolling the compound, according to these officials. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hacker exploits printer Web interface to install, run Doom

http://arstechnica.com/security/2014/09/hacker-exploits-printer-web-interface-to-install-run-doom/ By Sam Machkovech Ars Technica Sept 15 2014 On Friday, a hacker presenting at the 44CON Information Security Conference in London picked at the vulnerability of Web-accessible devices and demonstrated how to run unsigned code on a Canon printer via its default Web interface. After describing the device’s encryption as “doomed,” Context Information Security consultant Michael Jordon made his point by installing and running the first-person shooting classic Doom on a stock Canon Pixma MG6450. Sure enough, the printer’s tiny menu screen can render a choppy and discolored but playable version of id Software’s 1993 hit, the result of Jordon discovering that Pixma printers’ Web interfaces didn’t require any authentication to access. “You could print out hundreds of test pages and use up all the ink and paper, so what?” Jordon wrote at Context’s blog report about the discovery, but after a little more sniffing, he found that the devices could also easily be redirected to accept any code as legitimate firmware. A vulnerable Pixma printer’s Web interface allows users to change the Web proxy settings and the DNS server. From there, an enterprising hacker can crack the device’s encryption in eight steps, the final of which includes unsigned, plain-text firmware files. The hacking possibilities go far beyond enabling choppy, early ’90s gaming: “We can therefore create our own custom firmware and update anyone’s printer with a Trojan image which spies on the documents being printed or is used as a gateway into their network,” Jordon wrote. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail