Tag Archives: america

Security

[ISN] Outrage: Iran deal commits U.S. to teach them how to defeat a cyber attack

http://www.americanthinker.com/blog/2015/07/outrage_iran_deal_commits_us_to_teach_them_how_to_defeat_a_cyber_attack_.html By Thomas Lifson American Thinker July 22, 2015 Perhaps the very worst aspect of the Iran deal reached in Vienna is the commitment of the U.S. and European powers to teach the Iranians how to resist attacks such as Stuxnet. Although it has received very little media coverage (Adam Kredo of the Free Beacon is the notable exception), the agreement states (buried on page 142 of the 159-page deal, in Annex III, under Civil Nuclear Cooperation, Section D, under Nuclear Safety, Safeguards and Security, item 10): 10. Nuclear Security E3/EU+3 parties, and possibly other states, as appropriate, are prepared to cooperate with Iran on the implementation of nuclear security guidelines and best practices. Co- operation in the following areas can be envisaged: 10. Co-operation in the form of training courses and workshops to strengthen Iran’s ability to prevent, protect and respond to nuclear security threats to nuclear facilities and systems as well as to enable effective and sustainable nuclear security and physical protection systems; 10. Co-operation through training and workshops to strengthen Iran’s ability to protect against, and respond to nuclear security threats, including sabotage, as well as to enable effective and sustainable nuclear security and physical protection systems. The language obviously s not limited to physical threats, so it must include advanced cyber warfare training. The Israelis are outraged. Ari Yasher of Israel National News writes: […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , , ,
Security

[ISN] Unit 8200: Israel’s cyber spy agency

http://www.ft.com/cms/s/2/69f150da-25b8-11e5-bd83-71cb60e8f08c.html By John Reed FT.com July 10, 2015 In a searingly hot afternoon at a campuslike new science park in Beer Sheva, southern Israel, I watched as a group of bright, geeky teenagers presented their graduation projects. Parents and uniformed army personnel milled around a windowless room packed with tables holding laptops, phones or other gadgets. There was excited chatter and a pungent smell of adolescent sweat. This was a recent graduation ceremony for Magshimim (which roughly translates as “fulfilment”), the three-year after-school programme for 16 to 18-year-old students with exceptional computer coding and hacking skills. Magshimim serves as a feeder system for potential recruits to Unit 8200, the Israeli military’s legendary high-tech spy agency, considered by intelligence analysts to be one of the most formidable of its kind in the world. Unit 8200, or shmone matayim as it’s called in Hebrew, is the equivalent of America’s National Security Agency and the largest single military unit in the Israel Defence Forces. It is also an elite institution whose graduates, after leaving service, can parlay their cutting-edge snooping and hacking skills into jobs in Israel, Silicon Valley or Boston’s high-tech corridor. The authors of Start-up Nation, the seminal 2009 book about Israel’s start-up culture, described 8200 and the Israeli military’s other elite units as “the nation’s equivalent of Harvard, Princeton and Yale”. With a female IDF minder at my side, I listened as the teenagers described their projects. More than half were boys but there were girls too, and 8200 is open to both. Omer, 19, had designed a USB key that can suck information out of one computer and organise it on another: essentially, a hacking tool. “We made it appear like a keyboard so you can infiltrate any company in the world,” he told me. “It’s a proof of concept.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , ,
Security

[ISN] Computer hack reveals identity of Syrians in contact with Israel

http://www.timesofisrael.com/computer-hack-reveals-identity-of-syrians-in-contact-with-israel/ By Elhanan Miller The Times of Israel July 12, 2015 Computer hackers likely working for the Syrian regime and Hezbollah have managed to penetrate the computers of Israeli and American activists working with the Syrian opposition, exposing sensitive contacts between the sides. Al-Akhbar, a newspaper serving as Hezbollah’s mouthpiece in Lebanon, published a series of articles over the weekend purporting to divulge correspondence between Mendi Safadi, a Druze Israeli and former political adviser to Deputy Regional Cooperation Minister Ayoub Kara, with members of the Syrian opposition around the world, taken from taken from Safadi’s computer. The article also contains screenshots of word documents and text message exchanges saved on Safadi’s computer. The article alleged that Safadi, working on behalf of the Israeli government, tried to recruit Israeli agents in Syria and Lebanon, smuggle weapons into the hands of Islamist rebel groups in Syria, and locate targets within Syria to be bombed by coalition forces. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , ,
Security

[ISN] Madonna Phone Hacker Sentenced to 14 Months in Jail

http://www.rollingstone.com/music/news/madonna-phone-hacker-sentenced-to-14-months-in-jail-20150709 By Kory Grow Rolling Stone July 9, 2015 The Israeli man who was indicted on four charges of cyber crimes in association with hacking into Madonna’s songs and leaking Rebel Heart tracks before the record’s release has been sentenced to 14 months in jail. Adi Lederman accepted a plea bargain with a Tel Aviv Magistrate’s Court in forming his sentence on Thursday, according to The Jerusalem Post. The man was also fined NIS 15,000 (approximately US $4,000) Lederman, who’d gained fame in 2012 with an audition for the Israeli analog to American Idol, was accused of leaking demos and in-progress versions of the singer’s tunes online in December 2014. Madonna reacted by releasing six songs from the LP and putting out the album earlier than she had intended. The man was arrested in January, and the country’s authorities said they believed he had also hacked into the personal computers of other celebrities. “I am profoundly grateful to the FBI, the Israeli police investigators and anyone else who helped lead to the arrest of this hacker,” Madonna wrote on Facebook at the time. “Like any citizen, I have the right to privacy. This invasion into my life – creatively, professionally, and personally – remains a deeply devastating and hurtful experience, as it must be for all artists who are victims of this type of crime.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , ,
Security

[ISN] Lizard Squad Hacker Who Shut Down PSN, Xbox Live, And An Airplane Will Face No Jail Time

http://www.forbes.com/sites/insertcoin/2015/07/09/lizard-squad-hacker-who-shut-down-psn-xbox-live-and-an-airplane-will-face-no-jail-time/ By Paul Tassi Contributor Forbes.com 7/09/2015 Last Christmas, a hacking collective known as the “Lizard Squad” managed to take down PSN and Xbox Live right as everyone was attempting to play their consoles during holiday, creating one of the worst outages in the history of either network. The attacks soon evolved into a more personal nature, targeting then-president of Sony Online Entertainment, John Smedley, which included posting his personal details and actually grounding an American Airlines flight he was on with a Twitter TWTR -1.15%-issued bomb threat. Since then, everyone has been wondering just who the members of Lizard Squad were and if they’d ever be brought to justice. Recently, one individual, 17 year-old Julius “zeekill” Kivimaki was identified, and after standing trial in his native Finland, has just been convinced of an incredible 50,700 charges of computer-related crimes. He will serve a two-year suspended sentence, and effectively face no jail time. If you imagine the general public might be upset about such a lax sentence, you’d be right, but no one is more angry than John Smedley himself, now leading Daybreak, the studio responsible for games like H1Z1 and Planetside 2. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , , , , , , ,
Security

[ISN] How To Break Into the CIA’s Cloud on Amazon

http://www.defenseone.com/technology/2015/07/how-break-cias-cloud-amazon/117175/ By Patrick Tucker defenseone.com July 7, 2015 Last year, Amazon Web Services surprised a lot of people in Washington by beating out IBM for a $600 million contract to provide cloud services and data storage to the CIA and the broader intelligence community. But more money can bring more problems. Amazon, in essence, has turned itself into the most valuable data target on the planet. The cloud is completely separate from the rest of the Internet and heavy duty encryption is keeping the spies’ secrets relatively safe from outsiders — but what about an attack from within? In 2010, Army PFC Bradley — now Chelsea — Manning explained how she stole millions of classified and unclassified government documents: “Weak servers, weak logging, weak physical security, weak counter-intelligence, inattentive signal analysis.” She “listened and lip-synced to Lady Gaga’s ‘Telephone’ while exfiltrating possibly the largest data spillage in American history.” So if you wanted to pull off a similar feat at Amazon, how would you do it? First, get a job at Amazon’s Commercial Cloud Service or C2S, sometimes called the “spook cloud.” According to this help-wanted ad, applicants must pass a single-scope background investigation—in essence, the kind of detailed 10-year background check required for a Top Secret security clearance. Of course, to a savvy spy or informant, obtaining top-secret clearance is not the barrier it once was. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , , , , , , , ,
Security

[ISN] Sony Pictures: Inside the Hack of the Century, Part 1

https://fortune.com/sony-hack-part-1/ By Peter Elkind Fortune.com June 25, 2015 A cyber-invasion brought Sony Pictures to its knees and terrified corporate America. The story of what really happened—and why Sony should have seen it coming. A special three-part investigation. On Monday, Nov. 3, 2014, a four-man team from Norse Corp., a small “threat-intelligence” firm based in Silicon Valley, arrived early for an 11:30 a.m. meeting on the studio lot of Sony Pictures Entertainment, in the Los Angeles suburb of Culver City. They were scheduled to see Sony’s top cybersecurity managers to pitch Norse’s services in defending the studio against hackers, who had been plaguing Sony for years. After a quick security check at the front gate and then proceeding to the George Burns Building on the east side of the Sony lot, the Norse group walked straight into the unlocked first-floor offices of the information security department, marked with a small sign reading info sec. There was no receptionist or security guard to check who they were; in fact, there was no one in sight at all. The room contained cubicles with unattended computers providing access to Sony’s international data network. The visitors found their way to a small sitting area outside the office of Jason Spaltro, Sony’s senior vice president for information security, settled in, and waited. Alone. For about 15 minutes. “I got a little shocked,” says Tommy Stiansen, Norse’s co-founder and chief technology officer. “Their Info Sec was empty, and all their screens were logged in. Basically the janitor can walk straight into their Info Sec department.” Adds Mickey Shapiro, a veteran entertainment attorney who helped set up the meeting and was present that day: “If we were bad guys, we could have done something horrible.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , , , , , , , ,
Security

[ISN] Why Cyber War Is Dangerous for Democracies

http://www.theatlantic.com/international/archive/2015/06/hackers-cyber-china-russia/396812/ By MOISÉS NAÍM The Atlantic June 25, 2015 This month, two years after his massive leak of NSA documents detailing U.S. surveillance programs, Edward Snowden published an op-ed in The New York Times celebrating his accomplishments. The “power of an informed public,” he wrote, had forced the U.S. government to scrap its bulk collection of phone records. Moreover, he noted, “Since 2013, institutions across Europe have ruled similar laws and operations illegal and imposed new restrictions on future activities.” He concluded by asserting that “We are witnessing the emergence of a post-terror generation, one that rejects a worldview defined by a singular tragedy. For the first time since the attacks of Sept. 11, 2001, we see the outline of a politics that turns away from reaction and fear in favor of resilience and reason.” Maybe so. I am glad that my privacy is now more protected from meddling by U.S. and European democracies. But frankly, I am far more concerned about the cyber threats to my privacy posed by Russia, China, and other authoritarian regimes than the surveillance threats from Washington. You should be too. Around the time that Snowden published his article, hackers broke into the computer systems of the U.S. Office of Personnel Management and stole information on at least 4 million (and perhaps far more) federal employees. The files stolen include personal and professional data that government employees are required to give the agency in order to get security clearances. The main suspect in this and similar attacks is China, though what affiliation, if any, the hackers had with the Chinese government remains unclear. According to the Washington Post, “China is building massive databases of Americans’ personal information by hacking government agencies and U.S. health-care companies, using a high-tech tactic to achieve an age-old goal of espionage: recruiting spies or gaining more information on an adversary.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Tags: , , , , , , , , , , , , , , , , ,