Personal Cybersecurity #12: Daily news

What you need to know for your personal cyber security life… 

Number Twelve in a series of semi-regular daily current and topical computer threats that may affect your online, or even offline, digital and real life. Why cyber-security on SurvivalRing? Because EVERYTHING you do in your life everyday now is a part of the cyber world…even your offline plans. So, be aware, and pay attention. The bad guys WILL eventually get around to YOU…personally…so be prepared for it, by staying in the loop.  

evil inside

# # #

“The Mask” Espionage Malware

https://www.schneier.com/blog/archives/2014/02/the_mask_espion.html

  • By Bruce Schneier
  • schneier.com
  • February 11, 2014

We’ve got a new nation-state espionage malware. “The Mask” was discovered by Kaspersky Labs:

The primary targets are government institutions, diplomatic offices and embassies, energy, oil and gas companies, research organizations and activists. Victims of this targeted attack have been found in 31 countries around the world — from the Middle East and Europe to Africa and the Americas.

The main objective of the attackers is to gather sensitive data from the infected systems. These include office documents, but also various encryption keys, VPN configurations, SSH keys (serving as a means of identifying a user to an SSH server) and RDP files (used by the Remote Desktop Client to automatically open a connection to the reserved computer).

“Several reasons make us believe this could be a nation-state sponsored campaign. First of all, we observed a very high degree of professionalism in the operational procedures of the group behind this attack. From infrastructure management, shutdown of the operation, avoiding curious eyes through access rules and using wiping instead of deletion of log files. These combine to put this APT ahead of Duqu in terms of sophistication, making it one of the most advanced threats at the moment,” said Costin Raiu, Director of the Global Research and Analysis Team (GReAT) at Kaspersky Lab. “This level of operational security is not normal for cyber-criminal groups.”

It’s been in operation, undetected, for at least seven years.

As usual, we infer the creator of the malware from the target list.

We counted over 380 unique victims between 1000+ IPs. Infections have been observed in: Algeria, Argentina, Belgium, Bolivia, Brazil, China, Colombia, Costa Rica, Cuba, Egypt, France, Germany, Gibraltar, Guatemala, Iran, Iraq, Libya, Malaysia, Mexico, Morocco, Norway, Pakistan, Poland, South Africa, Spain, Switzerland, Tunisia, Turkey, United Kingdom, United States and Venezuela.

Based on the prevalence of Spanish-speaking victims, the number of infected victims in Morocco, and the fact that Gibraltar is on the list, that implies Spain is behind this one. My guess is that soon countries will start infecting uninteresting targets in order to deflect blame, but that they still think they’re immune from discovery. So Spain, if it is you, attack a few sites in the Falklands next time — and use a separate tool for Morocco.

There are several news articles.

[…]

# # #

Qatar to establish cyber security committee

http://www.arabianbusiness.com/qatar-establish-cyber-security-committee-537614.html

Qatar has announced it will establish a national cyber security committee to oversee the country’s fight against cyber crime and prevention strategies.

The committee, which has been approved by the Cabinet, also would be involved in the protection of vital infrastructure and information, communication services and associated database technology.

It will be responsible for safeguarding the nation’s security, financial and economic interests and improve Qatar’s competitiveness capabilities, as well as advise companies, institutions and individuals.

The draft law also requires institutions to establish individual frameworks for dealing with cyber security and to allocate funding within their budgets.

[…]

# # #

White hat hackers to gather in Tokyo

# # #

Spy Chief Says Snowden Took Advantage of ‘Perfect Storm’ of Security Lapses

http://www.nytimes.com/2014/02/12/us/politics/spy-chief-says-snowden-took-advantage-of-perfect-storm-of-security-lapses.html
By DAVID E. SANGER and ERIC SCHMITT

  • The New York Times
  • FEB. 11, 2014

WASHINGTON — The director of national intelligence acknowledged Tuesday that nearly a year after the contractor Edward J. Snowden “scraped” highly classified documents from the National Security Agency’s networks, the technology was not yet fully in place to prevent another insider from stealing top-secret data on a similarly large scale.

The director, James R. Clapper Jr., testifying before the Senate Armed Services Committee, said Mr. Snowden had taken advantage of a “perfect storm” of security lapses. He also suggested that as a highly trained systems administrator working for Booz Allen Hamilton, which provides computer services to the agency, Mr. Snowden knew how to evade the protections in place.

“He knew exactly what he was doing,” Mr. Clapper said. “And he was pretty skilled at staying below the radar, so what he was doing wasn’t visible.”

But Mr. Clapper confirmed the outlines of a New York Times report that the former N.S.A. contractor had used a web crawler, a commonly available piece of software, to sweep up a huge trove of documents.

Mr. Clapper also said, for the first time, that some of the information Mr. Snowden is believed to possess could expose the identities of undercover American operatives as well as foreigners who have been recruited by United States spy agencies. The information Mr. Snowden has released so far through several newspapers and a new digital news organization that began publishing on Monday has not revealed the names of agents or operatives, and it is unclear how much of that information he took with him when he fled the United States. He is now in Russia.

[…]

 # # #

Updated: February 12, 2014 — 9:45 pm

The Author

Rich Fleetwood

Rich is the founder of SurvivalRing, now in it's 24th year, author of multimedia CDs and DVDs, loves the outdoors, his family, his geeky skill-set, and lives in rural southern Wyoming, just below the continental divide (long story, that...). Always ready to help others, he shares what he learns on multiple blogs, many social sites, and more. With a background in preparedness and survival skills, training with county, state, and national organizations, and skills in all areas of media and on air experience in live radio and television, Rich is always thinking about the "big picture", when it comes to helping individuals and families prepare for life's little surprises.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.