Author Topic: Cyberwar, Cyber Crime, and American Freedom  (Read 277555 times)

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #350 on: January 27, 2016, 02:56:31 PM »
Years ago a computer geek friend of mine spoke of installing unauthorized back doors when he installed software so that if necessary he would have means of enforcing payment.

ccp

  • Power User
  • ***
  • Posts: 19772
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #351 on: January 27, 2016, 03:06:12 PM »
All of the software companies do that I believe.  One way or the other Juniper needs to be held accountable.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #352 on: February 10, 2016, 09:05:20 PM »
Obama had a piece Monday on the editorial page of the WSJ about Cyber Security.  Could someone please find it and post it here?

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
Utilities Cautioned About Potential for a Cyberattack After Ukraine’s

By DAVID E. SANGERFEB. 29, 2016

WASHINGTON — The Obama administration has warned the nation’s power companies, water suppliers and transportation networks that sophisticated cyberattack techniques used to bring down part of Ukraine’s power grid two months ago could easily be turned on them.
From Our Advertisers

After an extensive inquiry, American investigators concluded that the attack in Ukraine on Dec. 23 may well have been the first power blackout triggered by a cyberattack — a circumstance many have long predicted. Working remotely, the attackers conducted “extensive reconnaissance” of the power system’s networks, stole the credentials of system operators and learned how to switch off the breakers, plunging more than 225,000 Ukrainians into darkness.

In interviews, American officials said they have not completed their inquiry into who was responsible for the attack. But Ukrainian officials have blamed the Russians, saying it was part of the effort to intimidate the country’s political leaders by showing they could switch off the lights at any time.

“They could be right,” said one senior administration official. “But so far we don’t have the complete evidence, and the attackers went to some lengths to hide their tracks.”

Even after it has reached a conclusion, the White House might decide not to name the attackers, just as it decided not to publicly blame China for the theft of 22 million security files from the Office of Personnel Management.

But American intelligence officials have been intensely focused on the likelihood that the attack was engineered by the Russian military, or “patriotic hackers” operating on their behalf, since the first reports of the December blackout. The officials have found it intriguing that the attack did not appear designed to shut down the entire country. “This appears to be message-sending,” said one senior administration official with access to the intelligence, who requested anonymity to discuss the ongoing inquiry.

Equally interesting to investigators was the technique used: The malware designed for the Ukrainian power grid was directed at “industrial control systems,” systems that act as the intermediary between computers and the switches that distribute electricity and guide trains as they speed down the track, the valves that control water supplies, and the machinery that mixes chemicals at factories.

The most famous such attack was the Stuxnet worm, which destroyed the centrifuges that enriched uranium at the Natanz nuclear site in Iran. But that is not an example often cited by American officials — largely because the attack was conducted by the United States and Israel, a fact American officials have never publicly acknowledged.

Experts in cybersecurity regard the Ukraine attack as a teaching moment, a chance to drive home to American firms the vulnerability of their own systems. “There’s never been an intentional cyberattack that has taken the electric grid down before,” said Robert M. Lee of the SANS Institute. Mr. Lee said that while it was still not possible to determine who conducted the attack — what is called “attribution” in the cyber industry — he noted that it was clearly designed to send a political message.

“It was large enough to get everyone’s attention,” he said, “and small enough not to prompt a major response.”

The warning issued last Thursday by the Department of Homeland Security provided the first detailed account of the Ukrainian attack, based on the findings of a series of government experts who traveled to Ukraine to gather evidence.

The attack described by the Homeland Security document was highly sophisticated. The attackers gained entry, it appears, by sending a series of “spearphishing” messages that led someone in Ukraine to unintentionally give them access. Once they had that, the attackers mapped the system, much as the North Koreans mapped Sony Entertainment’s computers before attacking them in the fall of 2014.

Then a series of cyberattacks were carefully coordinated to occur within 30 minutes of one another on Dec. 23. The “breakers” that disconnected power were operated “by multiple external humans” through secure communication channels. The hackers then wiped many of the systems clean using a form of malware aptly named “KillDisk” which erased files on the systems and disabled them. They wiped out the “human-machine interface” that enables operators of the electric system to run those systems — or get them back in service — from their computers.

For extra measure, the hackers even managed to disconnect backup power supplies, so that once the power failed, the computers could not turn them back on.

Investigators say that in the end, the Ukrainians may have been saved by the fact that their country relies on old technology and is still not as fully wired as many Western nations — meaning they were able to restore power by manually flipping old-style circuit breakers.

“The bad news for the United States is that we can’t do the same thing,” said Ted Koppel, the former ABC News anchor who published a best seller last year, entitled “Lights Out,” about the vulnerability of the American electric grid.

“We have 3,200 power companies, and we need a precise balance between the amount of electricity that is generated and the amount that is used,” he said. “And that can only be done over a system run on the Internet. The Ukrainians were lucky to have antiquated systems.”

The report from Homeland Security recommended a series of common-sense steps: Make sure that outsiders accessing power systems or other networks that operate vital infrastructure can monitor the system, but not change it; close “back doors” — system flaws that can give an intruder unauthorized access; have a contingency plan to shut down systems that have been infected, or invaded, by outsiders.

But all those systems make it harder for legitimate operators to use the Internet to keep vast systems operating, from a smartphone or laptop if necessary.

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #354 on: March 02, 2016, 12:21:46 PM »
Better plan on it happening here.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #355 on: March 02, 2016, 03:21:18 PM »
What can we do to save our data, our websites, the contents of our computers?

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #356 on: March 02, 2016, 04:10:56 PM »
What can we do to save our data, our websites, the contents of our computers?


I'd worry more about saving your family because a prolonged grid down scenario has an estimated 90% fatality rate.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile

ccp

  • Power User
  • ***
  • Posts: 19772
    • View Profile
law firms risking our privacy, our security and our property
« Reply #358 on: April 06, 2016, 06:54:59 PM »
"80%" of law firms have been hacked according to this.  As a doctor who has had to comply with HIPPA laws or risk jail , and forced  by lawyers and politicians to have to shell out thousands for electronic records and their security,  how would anyone think I might feel when reading this:

http://www.breitbart.com/video/2016/04/06/watch-matthews-presses-sanders-supporter-on-paying-for-free-college-supporter-says-i-dont-need-to-know-at-this-moment/?utm_source=facebook&utm_medium=social

I doubt we will see the public outrage against lawyers from the politicians most of whom are the same.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
Was NSA hacked?!?
« Reply #359 on: August 17, 2016, 11:27:59 PM »
http://www.nytimes.com/2016/08/17/us/shadow-brokers-leak-raises-alarming-question-was-the-nsa-hacked.html?emc=edit_th_20160817&nl=todaysheadlines&nlid=49641193&_r=1

rters of the National Security Agency in Fort Meade, Md. Credit Jim Lo Scalzo/European Pressphoto Agency

The release on websites this week of what appears to be top-secret computer code that the National Security Agency has used to break into the networks of foreign governments and other espionage targets has caused deep concern inside American intelligence agencies, raising the question of whether America’s own elite operatives have been hacked and their methods revealed.

Most outside experts who examined the posts, by a group calling itself the Shadow Brokers, said they contained what appeared to be genuine samples of the code — though somewhat outdated — used in the production of the N.S.A.’s custom-built malware.

Most of the code was designed to break through network firewalls and get inside the computer systems of competitors like Russia, China and Iran. That, in turn, allows the N.S.A. to place “implants” in the system, which can lurk unseen for years and be used to monitor network traffic or enable a debilitating computer attack.

According to these experts, the coding resembled a series of “products” developed inside the N.S.A.’s highly classified Tailored Access Operations unit, some of which were described in general terms in documents stolen three years ago by Edward J. Snowden, the former N.S.A. contractor now living in Russia.

But the code does not appear to have come from Mr. Snowden’s archive, which was mostly composed of PowerPoint files and other documents that described N.S.A. programs. The documents released by Mr. Snowden and his associates contained no actual source code used to break into the networks of foreign powers.

Whoever obtained the source code apparently broke into either the top-secret, highly compartmentalized computer servers of the N.S.A. or other servers around the world that the agency would have used to store the files. The code that was published on Monday dates to mid-2013, when, after Mr. Snowden’s disclosures, the agency shuttered many of its existing servers and moved code to new ones as a security measure.

By midday Tuesday Mr. Snowden himself, in a Twitter message from his exile in Moscow, declared that “circumstantial evidence and conventional wisdom indicates Russian responsibility” for publication, which he interpreted as a warning shot to the American government in case it was thinking of imposing sanctions against Russia in the cybertheft of documents from the Democratic National Committee.

“Why did they do it?” Mr. Snowden asked. “No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the DNC hack.”

Around the same time, WikiLeaks declared that it had a full set of the files — it did not say how it had obtained them — and would release them all in the future. The “Shadow Brokers” had said they would auction them off to the highest bidder.

“I think it’s Snowden-era stuff, repackaged for resale now,” said James A. Lewis, a computer expert at the Center for Strategic and International Studies, a Washington think tank. “This is probably some Russian mind game, down to the bogus accent” of some of the messages sent to media organizations by the Shadow Brokers group, delivered in broken English that seemed right out of a bad spy movie.

The N.S.A. would say nothing on Tuesday about whether the coding released was real or where it came from. Its public affairs office did not respond to inquiries.

“It certainly feels all real,” said Bruce Schneier, a leading authority on state-sponsored breaches. “The question is why would someone steal it in 2013 and release it this week? That’s what is making people think this is likely the work of Russian intelligence.”

There are other theories, including one that some unknown group was trying to impersonate hackers working for Russian or other intelligence agencies. Impersonation is relatively easy on the internet, and it could take considerable time to determine who is behind the release of the code.

The Shadow Brokers first emerged online on Saturday, creating accounts on sites like Twitter and Tumblr and announcing plans for an auction. The group said that “we give you some Equation Group files free” and that it would auction the best ones. The Equation Group is a code name that Kaspersky Labs, a Russian cybersecurity firm, has given to the N.S.A.

While still widely considered the most talented group of state-sponsored hackers in the world, the N.S.A. is still recovering from Mr. Snowden’s disclosures; it has spent hundreds of millions of dollars reconfiguring and locking down its systems.

Mr. Snowden revealed plans, code names and some operations, including against targets like China. The Shadow Brokers disclosures are much more detailed, the actual code and instructions for breaking into foreign systems as of three summers ago.

“From an operational standpoint, this is not a catastrophic leak,” Nicholas Weaver, a researcher at the International Computer Science Institute in Berkeley, Calif., wrote on the Lawfare blog on Tuesday.

But he added that “the big picture is a far scarier one.” In the weeks after Mr. Snowden fled Hawaii, landing in Hong Kong before ultimately going to Russia, it appears that someone obtained that source code. That, he suggested, would be an even bigger security breach for the N.S.A. than Mr. Snowden’s departure with his trove of files.

However, the fact that the code is dated from 2013 suggests that the hackers’ access was cut off around then, perhaps because the agency imposed new security measures.

The attack on the Democratic National Committee has raised questions about whether the Russian government is trying to influence the American election. If so, it is unclear how — or whether — President Obama will respond. A response could be public or private, and it could involve sanctions, diplomatic warnings or even a counterattack.

“The real problem for us is that the Russians seem to have taken the gloves off in the cyberdomain,” said Mr. Lewis, of the Center for Strategic and International Studies, “and we don’t know how to respond.”

ccp

  • Power User
  • ***
  • Posts: 19772
    • View Profile
ABC News: Yes it is possible to hack the election
« Reply #360 on: August 20, 2016, 02:15:36 PM »
From ABC news curtesy of Drudge:

http://abcnews.go.com/Politics/hack-election/story?id=41489017

"Those experiences confirm my belief that if sophisticated hackers want to get into any computer or electronic device, even one that is not connected to the internet, they can do so"

I could have told him this many years ago.  We are endlessly hacked and our devices are no where the internet.   I wondered years ago if the excuse was device makers where making this possible for law enforcement in the age of terrorism .   I also wondered if they just did it to control us for business reasons, such as to make sure people were not using subscriptions illegally for free or to see what our preferences are for their data and statistical analyses or just for snooping for any other reasons one can dream up.

All I can ask is if law enforcement is NOT up to the task of even protecting the big shots then the rest of us average folks have NO chance.  I have been saying this for years.  Sadly for me I have seen it personally over and over again and had to sit here watching it first hand while others have gotten very rich and we suffer.

The extent of the crime that is committed this way is STILL surprisingly apparently not even realized by many.  I think I read Bill Gates himself once said the biggest challenge is security in the IT age.  Yet another time he told a reporter the security he uses for his computers is the standard retail stuff we all use.  THAT is hard to believe.



« Last Edit: August 23, 2016, 03:59:15 AM by Crafty_Dog »

ccp

  • Power User
  • ***
  • Posts: 19772
    • View Profile
Like I said: "Crackas with Attitude"
« Reply #361 on: September 08, 2016, 02:18:53 PM »
It ain't always the "Russians" or the "Chinese".  But if you as victim are not the CIA this kind of crime is rampant and unpunished:

https://www.yahoo.com/news/2-men-arrested-charged-hacking-senior-us-officials-154755704.html
« Last Edit: September 08, 2016, 10:45:22 PM by Crafty_Dog »

DDF

  • Guest
DEEP WEB
« Reply #362 on: September 19, 2016, 06:31:30 AM »
And you're correct. It is not without significant risk.

I personally would avoid the dark web altogether. Big boy rules apply.


https://pjmedia.com/trending/2016/09/16/sources-tens-of-thousands-of-files-from-clinton-blumenthal-computers-available-on-deep-web/?singlepage=true

In deep.

People are afraid of the deepweb or don't know how to access it. They shouldn't be afraid and it isn't difficult to access.

Just download the TOR browser (from TOR), have a deicated computer for specifically that with no personal info on it or use a thumb drive to boot your system, a VPN, and you're good to go. Don't download anything from there, and obviously avoid the smut pages and whatnot, but it's surprising what is on there that Google and company don't register in their search engines. You can basically find whatever you want.

Edit: Make sure you cover up your camera physically as well and don't speak while surfing, or any background noise for that matter.
What are those risks?


Drawing the attention of lots of entities that you don't want attention from.

Just as GM stated, plus they could potentially hack into your computer, steal your files, id your location, control your computer remotely, you could potentially access websites that have criminal activities - thus drawing the attention of alphabet soup type organizations (NSA, CIA, FBI, USSS, ATF, DEA, NCIS and INS), or even if none of that happened, the fact that you have to use a TOR browser (which can also access "http:www" sites), your local internet service provider (even using a VPN with TOR), they'll know you're accessing onion sites BECAUSE of where their exit traffic is going - Note the following: "A user is talking to a clear net website instead of the onion so in theory the proxy can read all the information you're sending and getting from the onion. Also, you are far from anonymous because the Tor2Web-gateway sees your IP." https://chloe.re/2016/05/20/killing-tor2web-once-and-for-all/

 And (note the web address in the photo here). You WILL get attention from someone. There's no avoiding that. There are also a couple of things I didn't provide above to disguise where you are or who you are, but the bottom line, is if someone wants to find you, they will.  A quick query of TOR security precautions will make it so that most people won't find you, but the government and good hackers will if they want to.

I've used the deep web on and off for about two years. Then again, I work where I work and do what I do, so I'm not overly concerned about having uninvited guests. For the most part, I've seen a lot of bit coin operated sites that offer whatever service you can think of, blueprints, how to's, and seedier things. The bit coin sites all work off of an escrow service that can be used to locate someone as well.

GM is correct in saying that it has its risks. I'll add, for what I've seen on it, it isn't worth the hassle, other than just to go cruising downtown Tijuana to go see things that no one else sees for the "been there, done that trip."

Edit: I forgot to add, that if you do decide to access it, disable java. If anyone reading his doesn't know how to disable java, they shouldn't go. Period.
Edit II: Do not use TOR with windows to access the web. As I stated above, the best way is a dedicated machine, using Linux and TOR on a thumb drive into that.

It really isn't worth the hassle. Those curious, can go youtube query "deeb web sites" and get an idea that way without risking themselves.



« Last Edit: September 19, 2016, 06:34:42 AM by DDF »


G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: Yahoo scanned for the Feds
« Reply #364 on: October 04, 2016, 09:00:46 PM »

DDF

  • Guest
Re: Yahoo scanned for the Feds
« Reply #365 on: October 05, 2016, 06:48:32 AM »
http://www.dailymail.co.uk/news/article-3821959/Yahoo-secretly-scanned-customer-emails-US-intelligence-sources.html

Well, Bush isn't president, so this isn't something anyone will be concerned about.

If I had a nickel for everytime the Left has brought up Bush and emails this election season, as a defense to Clinton and Obama.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
Cyberwar with the Russkis?
« Reply #366 on: October 14, 2016, 07:08:07 PM »
http://www.nbcnews.com/news/us-news/cia-prepping-possible-cyber-strike-against-russia-n666636

If true and not a pretense or a bluff, and if we don't want them realizing it or seeing it coming, then why are we telling them?

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: Cyberwar with the Russkis?
« Reply #367 on: October 15, 2016, 01:06:51 AM »
http://www.nbcnews.com/news/us-news/cia-prepping-possible-cyber-strike-against-russia-n666636

If true and not a pretense or a bluff, and if we don't want them realizing it or seeing it coming, then why are we telling them?


Because it's "Operation Obama isn't a pussy". For domestic consumption only.

ccp

  • Power User
  • ***
  • Posts: 19772
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #368 on: October 15, 2016, 04:12:03 AM »
"Because it's "Operation Obama isn't a pussy". For domestic consumption only."

Drudge today now has headline : Obama is considering military options in Syria. 
Yeah right .  Just before an election.   Is this sickening how the Dems will do anything.

Notice Obama is now acting as Clinton's surrogate.  She is in hiding afraid to open up her mouth and he is out doing all her campaigning.




ccp

  • Power User
  • ***
  • Posts: 19772
    • View Profile
Freedom of speech cut
« Reply #369 on: October 17, 2016, 12:33:25 PM »
Because it is about the wrong political party.

Gee,  Obama?, HRC?, Brussels?, CNN?



http://www.bbc.com/news/technology-37680411
« Last Edit: October 17, 2016, 12:47:38 PM by ccp »

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #370 on: October 22, 2016, 05:01:16 AM »
Techie question:  Does our recent diminishment of control of the internet to some international body lessen our ability to defend ourselves in the event of cyberattacks such as these/cyberwar?
===========================================

Hackers Used New Weapons to Disrupt Major Websites Across U.S.

By NICOLE PERLROTHOCT. 21, 2016
photo
A map of the areas experiencing problems, as of Friday afternoon, according to downdetector.com.

SAN FRANCISCO — Major websites were inaccessible to people across wide swaths of the United States on Friday after a company that manages crucial parts of the internet’s infrastructure said it was under attack.

Users reported sporadic problems reaching several websites, including Twitter, Netflix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times.

The company, Dyn, whose servers monitor and reroute internet traffic, said it began experiencing what security experts called a distributed denial-of-service attack just after 7 a.m. Reports that many sites were inaccessible started on the East Coast, but spread westward in three waves as the day wore on and into the evening.

And in a troubling development, the attack appears to have relied on hundreds of thousands of internet-connected devices like cameras, baby monitors and home routers that have been infected — without their owners’ knowledge — with software that allows hackers to command them to flood a target with overwhelming traffic.

A spokeswoman said the Federal Bureau of Investigation and the Department of Homeland Security were looking into the incident and all potential causes, including criminal activity and a nation-state attack.

Kyle York, Dyn’s chief strategist, said his company and others that host the core parts of the internet’s infrastructure were targets for a growing number of more powerful attacks.

“The number and types of attacks, the duration of attacks and the complexity of these attacks are all on the rise,” Mr. York said.

Security researchers have long warned that the increasing number of devices being hooked up to the internet, the so-called Internet of Things, would present an enormous security issue. And the assault on Friday, security researchers say, is only a glimpse of how those devices can be used for online attacks.

Dyn, based in Manchester, N.H., said it had fended off the assault by 9:30 a.m. But by 11:52 a.m., Dyn said it was again under attack. After fending off the second wave of attacks, Dyn said at 5 p.m. that it was again facing a flood of traffic.

A distributed denial-of-service attack, or DDoS, occurs when hackers flood the servers that run a target’s site with internet traffic until it stumbles or collapses under the load. Such attacks are common, but there is evidence that they are becoming more powerful, more sophisticated and increasingly aimed at core internet infrastructure providers.

Going after companies like Dyn can cause far more damage than aiming at a single website.

Dyn is one of many outfits that host the Domain Name System, or DNS, which functions as a switchboard for the internet. The DNS translates user-friendly web addresses like fbi.gov into numerical addresses that allow computers to speak to one another. Without the DNS servers operated by internet service providers, the internet could not operate.

In this case, the attack was aimed at the Dyn infrastructure that supports internet connections. While the attack did not affect the websites themselves, it blocked or slowed users trying to gain access to those sites.

Mr. York, the Dyn strategist, said in an interview during a lull in the attacks that the assaults on its servers were complex.

“This was not your everyday DDoS attack,” Mr. York said. “The nature and source of the attack is still under investigation.”
Photo
A notice from Dyn on its website about the outage.

Later in the day, Dave Allen, the general counsel at Dyn, said tens of millions of internet addresses, or so-called I.P. addresses, were being used to send a fire hose of internet traffic at the company’s servers. He confirmed that a large portion of that traffic was coming from internet-connected devices that had been co-opted by type of malware, called Mirai.

Dale Drew, chief security officer at Level 3, an internet service provider, found evidence that roughly 10 percent of all devices co-opted by Mirai were being used to attack Dyn’s servers. Just one week ago, Level 3 found that 493,000 devices had been infected with Mirai malware, nearly double the number infected last month.

Mr. Allen added that Dyn was collaborating with law enforcement and other internet service providers to deal with the attacks.

In a recent report, Verisign, a registrar for many internet sites that has a unique perspective into this type of attack activity, reported a 75 percent increase in such attacks from April through June of this year, compared with the same period last year.

The attacks were not only more frequent, they were bigger and more sophisticated. The typical attack more than doubled in size. What is more, the attackers were simultaneously using different methods to attack the company’s servers, making them harder to stop.

The most frequent targets were businesses that provide internet infrastructure services like Dyn.

“DNS has often been neglected in terms of its security and availability,” Richard Meeus, vice president for technology at Nsfocus, a network security firm, wrote in an email. “It is treated as if it will always be there in the same way that water comes out of the tap.”

Last month, Bruce Schneier, a security expert and blogger, wrote on the Lawfare blog that someone had been probing the defenses of companies that run crucial pieces of the internet.

“These probes take the form of precisely calibrated attacks designed to determine exactly how well the companies can defend themselves, and what would be required to take them down,” Mr. Schneier wrote. “We don’t know who is doing this, but it feels like a large nation-state. China and Russia would be my first guesses.”

It is too early to determine who was behind Friday’s attacks, but it is this type of attack that has election officials concerned. They are worried that an attack could keep citizens from submitting votes.

Thirty-one states and the District of Columbia allow internet voting for overseas military and civilians. Alaska allows any Alaskan citizen to do so. Barbara Simons, the co-author of the book “Broken Ballots: Will Your Vote Count?” and a member of the board of advisers to the Election Assistance Commission, the federal body that oversees voting technology standards, said she had been losing sleep over just this prospect.

“A DDoS attack could certainly impact these votes and make a big difference in swing states,” Dr. Simons said on Friday. “This is a strong argument for why we should not allow voters to send their voted ballots over the internet.”

This month the director of national intelligence, James Clapper, and the Department of Homeland Security accused Russia of hacking the Democratic National Committee, apparently in an effort to affect the presidential election. There has been speculation about whether President Obama has ordered the National Security Agency to conduct a retaliatory attack and the potential backlash this might cause from Russia.

Gillian M. Christensen, deputy press secretary for the Department of Homeland Security, said the agency was investigating “all potential causes” of the attack.

Vice President Joseph R. Biden Jr. said on the NBC News program “Meet the Press” this month that the United States was prepared to respond to Russia’s election attacks in kind. “We’re sending a message,” Mr. Biden said. “We have the capacity to do it.”

But technology providers in the United States could suffer blowback. As Dyn fell under recurring attacks on Friday, Mr. York, the chief strategist, said such assaults were the reason so many companies are pushing at least parts of their infrastructure to cloud computing networks, to decentralize their systems and make them harder to attack.

“It’s a total wild, wild west out there,” Mr. York said.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile


ccp

  • Power User
  • ***
  • Posts: 19772
    • View Profile
No surprise if true
« Reply #373 on: October 22, 2016, 05:43:32 PM »
From above article from McAfee:

"What about Russia?"

"If all evidence points to the Russians, then, with 100% certainty, it is not the Russians," said McAfee. "Anyone who is capable of carrying out a hack of such sophistication is also capable, with far less effort than that involved in the hack, of hiding their tracks or making it appear that the hack came from some other quarter. The forensic tools used to assign culpability in a hack are well known, in the cybersecurity world, to be largely ineffective. They may, sometimes, correctly identify an unsophisticated 15 year old as the source of a hack, such as the teenager who hacked the FBI less than a year ago. But they are completely ineffective against large, sophisticated groups of hackers such as those run by the Russian State."

I have ZERO confidence in this administration to be truthful or honest of forthcoming.  That is the biggest problem we have about government.  They lie to us all the time so now they want us to believe it is Russia I don't. 

The attack on Mosul while a good idea is very odd to occur right before an election.  The tough talk with Russia right before an election is also suspect.  Blaming Russia and tying this to Trump somehow is also suspect.  Articles claiming Hillary is terrifying Putin also suspect. 

An administration that will be complicit and cover up crimes of the degree that is obvious to everyone else is never to be trusted.


DougMacG

  • Power User
  • ***
  • Posts: 19460
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #374 on: October 24, 2016, 08:50:11 AM »
quote author=Crafty_Dog Techie question:  Does our recent diminishment of control of the internet to some international body lessen our ability to defend ourselves in the event of cyberattacks such as these/cyberwar?
===========================================

I don't know the tech answer to that, just speculate that of course it does.  Leave the broader question open to be addressed as the evidence comes in, what are all the ill-effects of this disgraceful, anti-American policy?

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
Huma and Anthony's computer
« Reply #375 on: November 01, 2016, 09:47:14 AM »
A friend writes:

Marc,


There is another reason for concern about all these emails being found on the laptop jointly owned by Weiner and Abedin.  I have not yet seen this aspect discussed publicly.

If Weiner were sending and receiving porn (underage or otherwise) from that laptop, then he was most likely frequenting unsecured file sharing services.

This is how child porn and other illegal porn is distributed outside of the usual pay internet sites.  (Not to mention what gets attached to those
files)  I know this from , , , .  You get porn by allowing others to access your files directly from your computer storage via these file sharing sites for porn- especially underage porn.

Thus, if Huma's files from clintonemail.com to her Yahoo account were all stored on the same laptop that Weiner was using to share porn, then all those emails were subject to easy discovery by any interested party who would troll those boards for ways to hack into other peoples' computers and take them over for various purposes.  The FBI trolls those boards in order to impersonate and catch child porn users and distributors.  So, her IP address was known.  Access to the file storage on the laptop was enabled.

Who knows what was attached to any of the files that Weiner would have accessed?  

Not to mention that Yahoo was hacked and humaabedin@yahoo.com was likely compromised.  

Just saying that there is a lot more potential security exposure here including a way for outside agencies to access everything on that laptop and cover their tracks inside Weiner's file sharing services.
« Last Edit: November 01, 2016, 10:55:38 AM by Crafty_Dog »

DDF

  • Guest
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #376 on: November 01, 2016, 10:39:42 AM »
PGC...and incredibly valid point.

Hope you don't mind if I steal this... it is a point that needs to be circulating on social media.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #377 on: November 01, 2016, 10:56:36 AM »
Please  hold off for now.

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
TEMPEST
« Reply #379 on: November 01, 2016, 08:33:27 PM »
https://en.wikipedia.org/wiki/Tempest_(codename)

How could hostile nation states use this to target unsecure computers at Hillary's and Huma's?

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #380 on: November 01, 2016, 11:14:19 PM »
DDF:  You may forward it in its present form.

DougMacG

  • Power User
  • ***
  • Posts: 19460
    • View Profile
Re: Huma and Anthony's computer
« Reply #381 on: November 02, 2016, 06:08:43 AM »
A friend writes:

Marc,


There is another reason for concern about all these emails being found on the laptop jointly owned by Weiner and Abedin.  I have not yet seen this aspect discussed publicly.

If Weiner were sending and receiving porn (underage or otherwise) from that laptop, then he was most likely frequenting unsecured file sharing services.

This is how child porn and other illegal porn is distributed outside of the usual pay internet sites.  (Not to mention what gets attached to those
files)  I know this from , , , .  You get porn by allowing others to access your files directly from your computer storage via these file sharing sites for porn- especially underage porn.

Thus, if Huma's files from clintonemail.com to her Yahoo account were all stored on the same laptop that Weiner was using to share porn, then all those emails were subject to easy discovery by any interested party who would troll those boards for ways to hack into other peoples' computers and take them over for various purposes.  The FBI trolls those boards in order to impersonate and catch child porn users and distributors.  So, her IP address was known.  Access to the file storage on the laptop was enabled.

Who knows what was attached to any of the files that Weiner would have accessed?  

Not to mention that Yahoo was hacked and humaabedin@yahoo.com was likely compromised.  

Just saying that there is a lot more potential security exposure here including a way for outside agencies to access everything on that laptop and cover their tracks inside Weiner's file sharing services.


Besides setting up a culture of corruption, Hillary's leadership at State comprised and careless and reckless culture of disregard for security of national security information, each incident a felony.

The key here is to note that the motive for lax security, operating outside the government security, was an integral part of the premeditated corruption syndicate.  They knew before the pay for play communications were sent and received what they intending to do with the Secretary of State's office.  And Huma worked concurrently for both operations, not some inadvertent overlap of duties.  All this the idea of Hillary unless she doesn't run her own operations.  http://www.bloomberg.com/politics/articles/2016-08-15/huma-abedin-s-overlapping-jobs-renew-focus-on-clinton-conflicts

This was an planned and organized crime operation, not a mistake.  They knew these communications would not hold up to public or law enforcement scrutiny.  Even when totally and completely busted they act like nothing is wrong.  With the evidence all over the internet, they say the FBI Director has nothing, just out to get her!

We need the voters to speak on this.

ccp

  • Power User
  • ***
  • Posts: 19772
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #382 on: November 02, 2016, 01:37:21 PM »
Doug writes,

"We need the voters to speak on this."

I think THIS is the only remedy.  From what I read , unless I misunderstand the law, is that if she is elected there will be zero way to get real justice.  She will get away with it all.

She can pardon herself.  She can't be impeached for crimes that occurred 'before ' she is President  (not that Democrats would get on bard anyway),  no government agency is going to be able to not be corrupted to go after its boss,  and she can refuse to appoint an independent counsel.

Am I wrong on this??

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
Stratfor: The Year in Cyber Crime
« Reply #384 on: December 07, 2016, 09:50:36 AM »

The Year in Cybercrime: Exploiting the Weakest Link
Analysis
November 30, 2016 | 09:04 GMT Print
Text Size
The weapons used to conduct cyberattacks are relatively new, but the tactics employed have been around for centuries. (KIRILL KUDRYAVTSEV/AFP/Getty Images)
Forecast

    Hackers will continue to rely on social engineering tactics to exploit their victims.
    State and state-sponsored actors will turn increasingly to cybercrime to advance their national interests.
    Technological improvements to counter cybercrime will not protect against human vulnerability.

Analysis

Editor's Note: This analysis was produced by Threat Lens, Stratfor's unique protective intelligence product. Designed with corporate security leaders in mind, Threat Lens enables industry professionals to anticipate, identify, measure and mitigate emerging threats to people and assets around the world.

Learn more here.

The rise of the internet and related technologies has transformed the world, revolutionizing nearly all aspects of everyday life, including crime. In September, the Global Cyber Security Leaders summit in Berlin highlighted the cyberattack tactics that pose the greatest concern to security professionals. Many of these coincide with the threats that we have covered over the past year on Threat Lens, Stratfor's new security portal. Some transcend criminal activity and involve state or state-sponsored actors using tricks of the cybercriminal trade to advance their countries' agendas. Though the weapons used to conduct cyberattacks are relatively new — and rapidly evolving — the tactics have been around for centuries. Over the past year, several major crimes have combined the new platforms and greater access that the information age affords with the age-old art of social engineering. The tactics described below are by no means the most sophisticated of their kind, but they have proved to be some of the most successful and enduring.

An Online Heist in Bangladesh

One of the first cyberattacks of the year was also one of the most troubling. In February, suspected North Korean hackers managed to finagle $81 million in transfers from Bangladesh's central bank — well short of the attempted $1 billion, but an impressive sum nonetheless. The hackers first gained access to Bangladesh Bank's Society for Worldwide Interbank Financial Telecommunication (SWIFT) system, which banks use to make and track transfers. Posing as officers from Bangladesh Bank, the hackers then used the SWIFT software to request transfers from the central bank's accounts with the New York Federal
Reserve to various entities around Asia.

The SWIFT platform is an attractive target for hackers because it handles tens of millions of transfer requests each day across virtually the entire global financial industry. (SWIFT is so widely used that the U.S. government has sought the service's cooperation to block terrorist financing and enforce sanctions against rival countries such as Iran.) Gaining access to a bank's SWIFT account is tantamount to obtaining the keys to its vault, but it was not enough to pull off the crime without a hitch. Once the hackers gained access to Bangladesh Bank's secured networks, they studied the institution's common practices and got into the bank's SWIFT account. The hackers astutely planned their attack for a bank holiday and then covered their digital tracks, buying them time to steal the funds unnoticed. The incident was clearly the work of advanced and experienced operators armed with a shrewd plan.

The attack's meticulous planning and execution also suggest that it was carried out by a team with a state sponsor, and investigators later found the attack deployed code similar to that used in past cybercrimes linked to North Korea. On their own, North Korea's well-known financial woes would certainly provide a motive for a major theft like the Bangladesh Bank heist. But for Pyongyang, there is the added allure of attacking part of the international financial system that has kept sanctions on the country for its nuclear weapons program. Though the sanctions against North Korea have never gone so far as to restrict its SWIFT access, they have all but cut the country's economy off from the rest of the world. As a target, SWIFT offered a perfect opportunity for Pyongyang to antagonize the international financial services sector and make some money in the process.

Despite its technical proficiency, the attack was also opportunistic. Investigations found significant security failures in Bangladesh Bank's networks that the hackers likely exploited. Still, the theft was unique in that it targeted SWIFT using an old trick known as the fake CEO scam, or as the FBI calls it, the Business Email Compromise — something of a misnomer since the tactic long predates email. In fact, one of the most famous examples of the scam was carried out by phone. Gilbert Chikli swindled millions of dollars out of various companies in the mid-2000s by calling employees and, posing as their company executive, instructing them to transfer money to certain accounts — all his — under the guise of official business. In the Bangladesh Bank case, the perpetrators used the same strategy with slightly different tactics, infiltrating the bank's email network, likely through a phishing attack, and using the SWIFT system to order money transfers to dozens of accounts. After the heist, the FBI and SWIFT noted an uptick in both CEO scams and attacks on the financial messaging service over the past year. But the Bangladesh Bank incident is the first reported theft to use the tactics in tandem, to devastating financial effect.

Taking Data Hostage

The past year has seen a rise in ransomware attacks, in which perpetrators gain access to and seize files, and sometimes entire devices, freezing them until their owner pays a ransom. In conducting these attacks, cybercriminals typically go after a high volume of targets ill-equipped to deal with such a strike and demand a relatively small sum of money from each, usually in bitcoin or another digital currency. Even people without the savvy to set up a ransomware ploy on their own can purchase kits online for a few hundred dollars and get their money's worth after a single successful strike. Most of the high-profile ransomware cases this year targeted hospitals, which lost access to critical files for the duration of the attacks. Some victims, such as the Hollywood Presbyterian Medical Center in Los Angeles, opted to pay a relatively inexpensive ransom ($17,000 in this case) rather than deal with the cost and inconvenience of retrieving the data with help from information technology personnel. In April, a NASCAR team also found it more expedient to pay its $500 ransom to get back an estimated $2 million worth of information just days before a race worth millions more in advertising.

But paying a ransom does not guarantee that the locked data will be recovered. In many instances, ransomware operators leave files frozen after receiving payment out of negligence or incompetence. Furthermore, even if the data is retrieved, the attack may have compromised its integrity. Ransomware attacks are fairly easy to overcome, however. The tactic compels businesses to pay up by disrupting workflow — for instance, preventing a hospital from accessing patient files or a NASCAR team from seeing the wind-tunnel data it needs to adjust the aerodynamics on a car. If that data is backed up somewhere accessible, the victim will have less need to comply with attackers. San Francisco's light rail, the Muni Metro, demonstrated the value of that strategy Nov. 26, when a ransomware attack disabled its ticketing system — though only temporarily. Instead of forking over the ransom, Muni Metro's IT department worked around the problem and got the system back up and running the next day. In the meantime, riders were allowed to use the light rail for free.

So far, reported cases of ransomware have all been fairly modest in strategy and execution; attackers seem to be casting a wide net and charging their victims indiscriminately. In the future, though, more sophisticated attackers may do their research, targeting major banks, government agencies or strategic industries and demanding payments commensurate with the value of the locked data. Ransomware is still an opportunistic weapon, but with more deliberate planning and pre-operational intelligence, criminals could easily use it in a targeted application for a bigger payout, much as "tiger kidnappers" leverage their victims to get hefty rewards.

The Physical Dangers of Phishing

This year has also demonstrated the enduring popularity — and efficacy — of phishing and spear-phishing, cyberattack techniques that rely on social engineering to gain illicit access to networks and information. In August, following a yearlong doping scandal that eventually barred 118 Russian athletes from participating in the 2016 Summer Olympics, the World Anti-Doping Agency reported that Russian-backed hackers had used a phishing attack to infiltrate its networks. The attackers then stole information about athletes in the agency's database, including Yulia Stepanova, the Russian runner who blew the whistle on her country's doping program.

Though the hack in general seemed to be an attempt to incriminate other athletes, the intruders released personal details about Stepanova, such as her home address, in an apparent act of intimidation. Stepanova subsequently announced in a press conference that "if something happens to us … it's not an accident." No ill has befallen her or her family, but she had good cause for worry: The director of Russia's anti-doping agency died suddenly in February, two months after he tendered his resignation in response to the scandal. Even without evidence of foul play in his death, its timing was enough to spook Stepanova, and the passive threat against her illustrates the possible physical applications of a cyberattack.

Similarly, a spear-phishing attack on Ahmed Mansoor, an Emirati human rights activist, could have had grave repercussions offline. In August, Mansoor received a series of enticing text messages in which the anonymous sender included a hyperlink said to lead to new revelations about torture in the United Arab Emirates' prisons. Having been the target of previous spear-phishing attacks, Mansoor knew better than to click on the link and instead forwarded the messages to a Canadian research group. The group determined that the text was an attack containing software that could have allowed his attackers control over his cellphone and the means to track his movement. Though it is unclear what the assailants planned to do with the information, given his controversial line of work, it is easy to imagine that they might have tried to do their victim physical harm.

Intent Without Ability

On the other side of the screen, Charles Eccleston pleaded guilty in February to charges that he had been involved in a spear-phishing scheme. Using his position as a scientist at the U.S. Department of Energy, Eccleston sent emails to employees at nuclear labs infected with what he thought was malware. (The incident was actually part of an FBI sting operation against Eccleston, who had been identified as a threat after approaching foreign governments and offering to sell them the email addresses of all Department of Energy employees.) As an insider, Eccleston had access to and knowledge of contacts in sensitive positions that enabled him to tailor his emails to make them more specific and believable — traits that distinguish more sophisticated spear-phishing from phishing. But like the dozens of aspiring jihadists who have been wrapped up in similar FBI stings over the years, Eccleston lacked the know-how to carry out the attack. He had to seek outside help to weaponize his privileged position, which led him to an undercover agent.

As cyber weapons become more accessible and easier to use, would-be attackers such as Eccleston may have an easier time carrying out attacks on their own. This would pose a big problem for counterintelligence agencies. After all, had authorities not identified him ahead of time, Eccleston could have used his insider knowledge to introduce hostile intelligence assets into Department of Energy and related networks.

Tried-and-True Tactics

Throughout the year, these attack methods have stolen headlines and set the cybersecurity world abuzz, but they are far from the only threats lurking online. Hacks into email servers at sensitive times — for instance, during the U.S. presidential race — commanded the world's attention this year, and similar attacks will remain a popular tool. A distributed denial of service attack that shut down major media websites in October demonstrated the vulnerabilities that the internet of things has introduced by connecting more and more devices, risks that will only increase as the technology expands. Several unlimited attacks on ATMs over the year have also highlighted the growing intersection between cyber and traditional crime, a trend that will likely continue.

To combat the proliferating risks they face in the cyber realm, countries around the world will keep honing their technical prowess. But as with physical threats, the most advanced weapons will not necessarily be the most effective against cyberthreats. As technological defenses improve, cybercriminals will continue to focus their attacks on the most vulnerable link in the technological chain: the human.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
Re: Cyberwar, Cyber Crime, and American Freedom
« Reply #385 on: December 16, 2016, 09:16:23 AM »
I'm thinking maybe this is the better thread for the ongoing Russian brouhaha.



G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: POTH: Our Cyber Options with Russia
« Reply #388 on: December 19, 2016, 06:15:20 PM »
http://www.nytimes.com/2016/12/17/us/politics/obama-putin-russia-hacking-us-elections.html?emc=edit_th_20161218&nl=todaysheadlines&nlid=49641193&_r=0

“Is there something we can do to them, that they would see, they would realize 98 percent that we did it, but that wouldn’t be so obvious that they would then have to respond for their own honor?” David H. Petraeus, the former director of the Central Intelligence Agency under Mr. Obama, asked on Friday, at a conference here sponsored by Harvard’s Belfer Center for Science and International Affairs.

**Perhaps we can wait for Putin to get snared by an extramarital relationship that results in the mishandling of classified materials? If only the Belfer Center invited a subject matter expert on that to this conference...


“Our goal continues to be to send a clear message to Russia or others not to do this to us because we can do stuff to you,” he said. “But it is also important to us to do that in a thoughtful, methodical way. Some of it, we will do publicly. Some of it we will do in a way that they know, but not everybody will.”


Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
PotH calls for Bi-partisan investigation
« Reply #389 on: December 22, 2016, 07:28:26 AM »
President-elect Donald Trump will assume office next month dogged by the question of whether a covert ploy by the Russian government had a decisive effect on his election.

While a conclusive answer is likely to remain elusive, American voters deserve as many details as can be ascertained about Russia’s role in the campaign, to better protect the political process from similar interference in the future. The assessment by American intelligence agencies that the Russian government stole and leaked Clinton campaign emails has been accepted across the political spectrum, with the notable exception of Mr. Trump.

The House speaker, Paul Ryan, called Russian meddling “unacceptable,” and said that under President Vladimir Putin, Moscow “has been an aggressor that consistently undermines American interests.” Mitch McConnell, the Senate majority leader, said in a recent interview that the fact that the “Russians were messing around in our election” is a “matter of genuine concern.”

Addressing the issue properly will require a bipartisan congressional investigation led by people with the authority and intent to get to the truth, however disturbing that might be for the incoming administration and the Republican Party. The intelligence agencies concluded that the Russian hacking was meant to help elect Mr. Trump.

Mr. McConnell and Mr. Ryan have both called for a congressional inquiry, but they want it handled by the permanent standing committees, a bad idea for practical and political reasons. A far better approach would be to establish a select committee, with both House and Senate members, that would examine the Russian hacking across many areas of expertise. Senators John McCain of Arizona, Lindsey Graham of South Carolina and Cory Gardner of Colorado, all Republicans, argue that a select committee is necessary for an investigation as complex and politically delicate as this one. So does Senator Chuck Schumer, soon to be the Senate minority leader.

Cybersecurity threats cut across the jurisdictional lines of permanent congressional committees. Such threats have been examined by at least 19 standing committees in the House and Senate, including those that focus on the work of intelligence agencies, homeland security programs and military operations. If Mr. McConnell’s approach prevails, several House and Senate committees are likely to do overlapping work. Because those investigations would be run by lawmakers with varying degrees of loyalty to the White House, their disparate conclusions would probably be seen through a political lens.

A bipartisan select committee with subpoena power could examine the Russian hack in a comprehensive, dispassionate manner, with an eye to shielding its conclusions from charges of partisanship.

“This cannot become a partisan issue,” Mr. McCain, Mr. Graham and Mr. Schumer said in a statement. “The stakes are too high for our country.”

Mr. Trump, who broke with Republican Party orthodoxy by striking an admiring tone toward Moscow during the campaign, has rejected reports of Russian meddling as “ridiculous,” even though in July he called on the Russians to find and leak more Clinton emails. Unless Mr. Trump’s team actually colluded with the Russian government, it would be in his interest to support congressional Republicans in seeking an independent, comprehensive investigation. Any other position would suggest that he has something to hide or simply doesn’t care about the integrity of America’s elections.

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Sooner or later
« Reply #390 on: December 22, 2016, 06:25:53 PM »
Ukraine power grids a sign of things to come for U.S.?

    Comment Share Tweet Stumble Email

Russian hacking to influence the election has dominated the news. But CBS News has also noticed a hacking attack that could be a future means to the U.S. Last weekend, parts of the Ukrainian capitol Kiev went dark. It appears Russia has figured out how to crash a power grid with a click.

Last December, a similar attack occurred when nearly a quarter of a million people lost power in the Ivano-Frankivsk region of Ukraine when it was targeted by a suspected Russian attack. 

Vasyl Pemchuk is the electric control center manager, and said that when hackers took over their computers, all his workers could do was film it with their cell phones.

“It was illogical and chaotic,” he said. “It seemed like something in a Hollywood movie.”
williams-ukraine-grid-pkg-new-013.jpg

Vasyl Pemchuk in the control center that was hacked
CBS News

The hackers sent emails with infected attachments to power company employees, stealing their login credentials and then taking control of the grid’s systems to cut the circuit breakers at nearly 60 substations.

The suspected motive for the attack is the war in eastern Ukraine, where Russian-backed separatists are fighting against Ukrainian government forces.

But hackers could launch a similar attack in the U.S.

“We can’t just look at the Ukraine attack and go ‘oh we’re safe against that attack,’” said Rob Lee, a former cyberwarfare operations officer in the U.S. military, investigated the Ukraine attack.
williams-ukraine-grid-pkg-new-01.jpg

Rob Lee
CBS News

“Even if we just lose a portion, right? If we have New York City or Washington D.C. go down for a day, two days, a week, what does life look like at that point?” he said.

He said that some U.S. electric utilities have weaker security than Ukraine, and the malicious software the hackers used has already been detected in the U.S.

“It’s very concerning that these same actors using similar capabilities and tradecraft are preparing and are getting access to these business networks, getting access to portions of the power grid,” he said.

In Ukraine, they restarted the power in just hours. But an attack in the U.S. could leave people without electricity for days, or even weeks, according to experts. Because, ironically, America’s advanced, automated grid would be much harder to fix.




Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Chinese ‘corporate hackers’ accused of attacking US law firms
« Reply #395 on: December 31, 2016, 01:34:55 PM »
http://www.scmp.com/news/china/diplomacy-defence/article/2057608/chinese-corporate-hackers-accused-attacking-us-law

Chinese ‘corporate hackers’ accused of attacking US law firms
The three, including two suspects from Macau, charged with stealing information on corporate deals, allowing them to profit from share trading
PUBLISHED : Wednesday, 28 December, 2016, 11:20am
UPDATED : Wednesday, 28 December, 2016, 11:40pm

The US Securities and Exchange Commission yesterday charged three Chinese citizens with fraudulently trading on information they had obtained from hacking into the email networks of two New York City law firms, hauling in almost US$3 million in illicit profits.
In a complaint unsealed on Tuesday, the commission said that between April 2014 and late 2015 Iat Hong and Chin Hung from Macau, and Bo Zheng from Changsha, Hunan province, installed malware on the law firms’ networks, thereby gaining access to the email accounts of attorneys advising corporate clients on mergers and acquisitions. Armed with proprietary information on these clients, the trio traded big.
The commission said the three spent roughly US$7.5 million on shares of semiconductor company Altera before news of it being in talks to be acquired by Intel Corporation became public.
The three suspects are charged with trading on information that gained by hacking emails. Photo: Shutterstock


In addition, hours after extracting emails about a deal involving an e-commerce company, Hong and Hung purchased shares that amounted to 25 per cent of the company’s trading volume on certain days in advance of the 2015 deal’s announcement.
Hong and Zheng are also accused of trading in 2014 ahead of a merger announcement of a pharmaceutical company. They also stole schematic designs of a robot vacuum cleaner made by an American company, the commission’s complaint said.
Hong, 26, and Hung, 50, were employed at a robotics company founded by Zheng, 30, to develop robot controller chips and provide control system solutions, according to authorities.
Hackers in Greater China target online transactions, building ‘dossiers’ of information on individuals, expert says

The trio was accused of copying and transmitting dozens of gigabytes of emails to remote internet locations.
Hong was arrested in Hong Kong on Christmas Day with extradition proceedings scheduled to begin in mid-January.
Hong’s mother was also named as a relief defendant for the purpose of recovering money in her accounts from her son’s illicit trading, the commission said.
It is the first time the commission has charged anyone with hacking into a law firm’s computer network.
The Securities and Futures Commission of Hong Kong has assisted with the ongoing investigation.
In Beijing, Foreign Ministry spokeswoman Hua Chunying said in a daily press briefing that she was aware of the reports, but did not know the details.
The commission has asked for a judgement ordering the three to pay penalties and relinquish their illegal gains, plus interest.
Two government agencies in Hong Kong attacked by hackers, US firm says

The commission is also seeking to freeze an account opened in Hong’s mother’s name.
The US Attorney’s Office for the Southern District of New York also announced a 13-count indictment against the three stemming from the hacking.
Each count carries a maximum sentence of five to 20 years.
“This case of cyber meets securities fraud should serve as a wake-up call for law firms around the world,” said Manhattan US Attorney Preet Bharara in a statement.
“You are and will be targets of cyber hacking, because you have information valuable to would-be criminals.”
Additional reporting by Bloomberg and Reuters

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile
Critiques of the DHS/FBI Grizzly Steppe Report
« Reply #396 on: January 03, 2017, 11:24:34 PM »
Critiques of the DHS/FBI’s GRIZZLY STEPPE Report
http://www.robertmlee.org/critiques-of-the-dhsfbis-grizzly-steppe-report/

Article about the Indicators of Compromise (IOC) released in the US CERT Report:

Some notes on IoCs
http://blog.erratasec.com/2016/12/some-notes-on-iocs.html#.WGychxsrKC8

Russian election hacking sanctions
http://malwarejake.blogspot.com/2017/01/russian-election-hacking-sanctions.html

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72322
    • View Profile


G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
« Last Edit: January 05, 2017, 05:56:57 PM by G M »