What you need to know for your personal cyber security life…
Number Seventeen in a series of semi-regular daily current and topical computer threats that may affect your online, or even offline, digital and real life. Why cyber-security on SurvivalRing? Because EVERYTHING you do in your life everyday now is a part of the cyber world…even your offline plans. So, be aware, and pay attention. The bad guys WILL eventually get around to YOU…personally…so be prepared for it, by staying in the loop.
# # #
India not prepared to handle cyber terrorism threat: EC Council
- Feb 19, 2014
NEW DELHI: India may have a burgeoning Internet population but when it comes to cyber attacks, it is ill-equipped to handle sophisticated intrusions as there is a “serious shortage” of skilled professionals, IT security training firm EC Council said.
EC Council’s report, Talent Crisis in Indian Information Security, revealed major gaps in present day skill situation concerning IT security, which can impact handling of cyber threats in industries such as banking, defence, healthcare, information, energy, etc.
“India’s response to cyber terrorism is dis-jointed. To begin with, there is no central cyber command and there is a non-existent cyber-security training programme,” EC Council President and CEO Jay Bavisi told PTI.
Citing examples, Bavisi added the US Computer Emergency Readiness Team (CERT) alone spends over USD 100 million, which is huge compared to India’s about USD 7 million total spending on IT security.
# # #
S. Korea Seeks Cyber Weapons to Target North Korea’s Nukes
- By David Cenciotti
- The Aviationist
- Feb 17, 2014
“Train as you fight, fight as you train” has always been Red Flag’s motto.
U.S. Air Force’s main exercise has to prepare aircrew and support personnel to fight modern war. In the air, on the ground, over the sea and in the cyberspace.
For the first time, the recent Red Flag 14-1 at Nellis Air Force Base featured a “contested, degraded or operationally limited” environment, or CDO, for maintainers, who were trained to cope with cyber vulnerabilities in the systems they use on the flightline.
Ground personnel are always using computers and brand new technologies that may be targeted by cyber attacks launched by tech-savvy adversaries: laptop used for aircraft maintainance and diagnosis, GPS systems, communication and network equipment are all high-value targets for enemy hacking teams. That’s why Red Flag maintainers receive academics on cyber vulnerabilities, information operations and other CDO-related threats.
# # #
Israel Electric Opens Cyber-War Room to Defend Against Power-Grid Hacks
- By Zachary Keck
- The Diplomat
- February 21, 2014
South Korea is developing offensive cyber weapons to target North Korea’s nuclear weapons program, according to the country’s defense ministry said on Wednesday.
According to Yonhap News Agency, South Korea’s Defense Ministry outlined its long-term cyberpolicy to the parliament’s defense committee on Wednesday. The report stated that, “A strategic plan for the second phase calls for developing cybertools for offense like Stuxnet, a computer virus that damaged Iran’s uranium enrichment facility, to cripple North Korea’s missile and atomic facilities.” Yonhap also quoted an anonymous senior defense official as saying: “Once the second phase plan is established, the cyber command will carry out comprehensive cyberwarfare missions.”
These missions will be carried out under a new Cyber Defense Command that South Korea plans to establish in May. It will operate under the purview of the ROK Joint Chiefs of Staff, according to the report.
South Korea first established a Cyber Command in 2010 to guard against the threat posed by North Korea’s elite unit of hackers. So far, its aims have primarily been to protect vulnerable national networks from cyber attacks originating from North Korea, as well as to wage psychological warfare campaigns against Pyongyang. The decision to equip South Korea’s cyber warriors with the capabilities to attack North Korea’s nuclear and missile facilities therefore represents a dramatic escalation.
# # #
Beware of employees’ cheap Android phones
- By Sean Gallagher
- Ars Technica
- Feb 19 2014
In 2012, Iranian hackers managed to penetrate the US Navy’s unclassified administrative network, the Navy Marine Corps Intranet. While the attack was disclosed last September, the scale of it was not — the attack gave hackers access to the NMCI for nearly four months, according to an updated report by The Wall Street Journal.
Vice Adm. Michael Rogers, who is now President Barack Obama’s choice to replace Gen. Keith Alexander as both NSA director and commander of the US Cyber Command, led the US Fleet Cyber Command when the attack came to light. Rogers’ response to the attack may be a factor in his confirmation hearings.
Iranian hackers attacked NMCI in August of 2012, using a vulnerability in a public-facing website to gain initial access to the network. Because of a flaw in the security of the network the server was hosted on, attackers were able to use the server to gain access to NMCI’s private network and spread to other systems. While the vulnerability that allowed the attackers to gain access in the first place was discovered and closed by October, spyware installed by the attackers remained in place until November.
Officials said no e-mail accounts were compromised and no data was stolen in the attack. But it cost about $10 million to repair the damage done to the network’s systems — a process that included taking the whole network down twice for upgrades to systems and removal of malware.
# # #
UMD security breach exposes personal info of students, faculty, staff
- By Roz Plater
- February 19, 2014
(WJLA) – The University of Maryland says it had just recently doubled its number of IT security engineers, analysts, and security tools. But still, hackers somehow managed to carry out a sophisticated attack early Tuesday morning.
“It’s scary,” says student Ricky Bailey. “I just got the email about an hour ago, and I don’t think people realize how serious it is just yet.” In a letter sent on Wednesday evening, President Wallace Loh said that the
database that was breached contained more than 300,000 records of faculty, staff, students, and affiliated personnel from the College Park and Shady Grove campuses since 1998.
Those records include name, social security number, date of birth, and university ID number.
# # #
d card firms may suffer some 100 bln won revenue loss on biz suspension
- Yonhap News Agency
SEOUL, Feb. 20 (Yonhap) — The three credit card firms hit by recent massive data leaks may lose some 100 billion won (US$93.6 million) in revenues due to a three-month business suspension ordered by the country’s financial regulator, data showed on Thursday.
Last month, the Financial Services Commission (FSC) revealed that some 20 million clients’ personal data had been leaked from the three credit card firms — KB Kookmin, NH Nonghyup and Lotte — as well as Kookmin Bank, which shared customer data with its affiliated card firm.
As punishment for the data breach, the card firms were barred from signing up new customers and offering new products and loan services starting Monday this week.
KB Kookmin Card estimated in a regulatory filing that it could lose some 44.6 billion won in operating revenue.
# # #
Apple promises to fix OS X encryption flaw ‘very soon’
- By Zack Whittaker
- CNET News
- Security and Privacy
- February 22, 2014
Apple said it will fix a bug “very soon” that allows hackers to spy on financial, e-mail, and other personal data on computers from its Mac desktop and notebook lineup.
The Cupertino, Calif.-based technology giant confirmed in an e-mail to Reuters that it was aware of the issue and already has a software fix that will be released likely in the next few days.
The severity of the bug was significant enough for Apple to issue an iterative update to its more popular iOS 7 software — version 7.0.6, released on Friday — instead of waiting for a larger update as the company does with minor or insignificant design changes.
But its desktop and notebook range of Macs was left vulnerable to man-in-the-middle (MITM) attacks, which could allow a hacker to snoop and surveil sensitive data due to a bug in the security layer.
# # #
EC-Council Website Defaced Twice In A Weekend [Updated]
- By William Knowles
- Senior Editor
- InfoSec News
- February 23, 2014
Today’s defacement of the EC-Council (the second time this weekend) by Eugene Belford (a.k.a. The Plague) threatens the compromise of the 60,000+ security professionals who currently hold CEH certifications.
Individuals who have achieved EC-Council certifications include the US Army, the FBI, Microsoft, IBM, the United Nations, National Security Agency (NSA). Also the United States Department of Defense has included the EC-Council Certified Ethical Hacker program into its Directive 8570, making it as one of the mandatory standards to be achieved by Computer Network Defenders Service Providers (CND-SP)
In the most recent defacement, Eugene Belford has stated that “P.S It seems like lots of you are missing the point here, I’m sitting on thousands of passports belonging to LE (and .mil) officials” leading the InfoSec News staff to believe considering the mail on the defacement page is from Edward Snowden’s Yokota Air Base e-mail asking for an exam code, with a copy of his U.S. Passport and a letter from John A. Niescier, an Information Security Officer with the Department of Defense Special Representative, Japan stating that he has verified Edward J. Snowden has at least five years professional information security experience in the required domains.
Eugene Belford has potentially sixty thousand other similar statements from undercover law enforcement agents, intelligence professionals, and members of the United States Military, creating an additional quagmire and has you wondering why the EC-Council has all this personally identifiable information sitting unprotected online?
# # #
Poorly managed SSH keys pose serious risks for most companies
By Jaikumar Vijayan
February 22, 2014
Many companies are dangerously exposed to threats like the recently revealed Mask Advanced Persistent Threat because they don’t properly manage the Secure Shell (SSH) cryptographic keys used to authenticate access to critical internal systems and services.
A Ponemon Institute survey of more than 2,100 systems administrators at Global 2000 companies discovered that three out of four enterprises are vulnerable to root-level attacks against their systems because of their failure to secure SSH keys.
Even though more than half of the surveyed enterprises had suffered SSH-key related compromises, 53% said they still had no centralized control over the keys and 60% said they had no way to detect new keys introduced in the organizations. About 46% said they never change or rotate SSH keys — even though the keys never expire.
Those findings reveal a significant gap in enterprise security controls, said Larry Ponemon, founder and CEO of the Ponemon Institute. “It’s hard to believe that companies allow themselves to be so insecure,” he said. “This doesn’t appear to be a situation where this vulnerability has to even be a vulnerability.”
# # #
Neiman Marcus Hackers Set Off Nearly 60K Alarms
- BY STEPHANIE MLOT
- PC MAG
- FEBRUARY 23, 2014
A month after Neiman Marcus revealed a hack of customer credit and debit cards, Bloomberg Businessweek said the attackers set off the retailer’s security system about 60,000 times during their strike.
Between July and October 2013, hackers quietly collected card data via “sophisticated, self-concealing” malware installed on Neiman’s system, the company said in January. But the exploit took about eight months, Bloomberg said; the hackers were forced to reload their software daily, as it was automatically deleted from the retailer’s registers each day. That process also meant that the hackers often tripped hundreds of alarms, which were not detected by Neiman Marcus.
A Neiman Marcus spokeswoman declined to comment, pointing PCMag to the Bloomberg story, which quoted her as saying that the hackers were smart enough to give their malware a title almost identical to the company’s payment software, ensuring that alerts would not be picked out of the crowd.
“These 60,000 entries, which occurred over a three-and-a-half month period, would have been on average around 1 percent or less of the daily entries on these endpoint protection logs, which have tens of thousands of entries every day,” the company said.
# # #
99% of future IT workforce does not understand basic concepts of secure coding: Jay Bavisi
- By Manu Kaushik
- Business Today
- February 22, 2014
The National Cyber Security Policy released by Indian government last year aims to create a workforce of 500,000 cybersecurity professionals in the next five years and build a training infrastructure through the public-private-partnership (PPP) model. Malaysia-based Jay Bavisi, President, EC-Council, a company that is involved in training and certification of cybersecurity professionals, says that the situation is worrisome for India as far as cybersecurity is concerned. The US-based EC-Council came into the limelight last year when reports emerged that Edward Snowden, the man who turned whistleblower against the National Security Agency and revealed its global spying programme, was trained at one of its training institute in New Delhi in 2010. Edited excerpts:
Q. How prepared is India against growing cybersecurity threats?
A. The problem that we are facing with hacking actually stems from the inability of coders to actually code securely. In India, we ran a competition where we partnered with more than 100 colleges, NASSCOM, HCL and several other large corporations. The results showed that almost 99 per cent of the future IT workforce in India does not understand the basic concepts of secure coding.
We think that a better model is that every single developer, before he/she touches a code, has to be security-conscious. In India, the financial sector is extremely vulnerable because of the sheer risk associated with the sector. Then come defence, IT and telecom. But I think the risk is sector-agnostic. There’s a major risk for India simply because it’s a leading exporter of software in the world.
Q. You are working with various government departments in India. What has your experience been?
A. We are working with at least 15 government departments. We have trained law enforcement agencies, defence communities and peripheral agencies. Our engagement with government agencies is something we would not like to discuss due to confidentiality issues.
# # #
U.S. Running Out Of Allies On Cyber Battlefiel
- By Sara Peters
- Dark Reading
- February 19, 2014
International cyber policy and enforcement and ownership over the Internet are all thorny topics, particularly since the Edward Snowden leaks. All of these subjects will be tackled at the RSA Conference next week in a panel discussion titled “Cyber Battle: The Future of Conflict.”
Outdated extradition treaties are not prepared to deal with the borderless realm of the Internet. Although there are rules about international airspace and international waters, there is no defined international cyberspace. Without discrete laws to be enforced, cybercrime investigations and prosecutions rely less upon a set of established directives and more upon an international spirit of cooperation.
Yet recent events have disturbed that spirit of cooperation. Dmitri Alperovitch, panel moderator and co-founder and CTO of CrowdStrike, says that while the U.S.’s traditional allies are publicly taking a stand against American spying, unofficially they’re much more understanding and less surprised.
However, says Alperovitch, the Snowden scandal has increased the “lack of trust from the rest of the world in the continued U.S. leadership of the Internet.”