North Korea tried and failed to hide behind the undisputed superstars of the hacker community last month when South Korea got hit by a large scale cyberattack. According to South Korea, Kim Jong Un and company worked hard to cover its tracks by hiding the IP addresses of computers used in the attacks and later destroying their hard drives. And when they got caught, they did what any dictatorial wasteland would: blame Anonymous.
     |
Although they probably didn’t maintain any pretense of security, Verizon customers will be bummed to know that a duo of security experts have discovered how to hack into the carrier’s network extending base stations and turn them into little spy centers.
| |
This week, United States and Chinese leaders sat down for a special cybersecurity working group, a rare but increasingly necessary opportunity to clear the air of rumors and untruths about each country’s hacking practices. The talks went fine but also served to illustrate further how difficult a challenge the Pentagon and Department of Homeland Security have when it comes to protecting our nation’s cybersecurity. But that doesn’t mean they aren’t trying. Here’s how we’re fighting back.
| |
President Obama hasn’t been shy about engaging the public and other nations on digital issues, and that includes the idea of cyber warfare. While his administration has been pretty aggressive in building up our cyber defenses, our offensive capabilities have remained somewhat more mysterious. According to a leaked document obtained by the Guardian, the White House has made moves to seriously step up its digital arsenal. In fact, it appears that a Presidential Policy Directive issued in October (though, never released for public consumption) ordered that a list of over-seas targets be drawn up for potential future offensives. Offensive Cyber Effects Operations (or OCEOs) are cited in the directive as having “unique and unconventional capabilities to advance US national objectives around the world.” It then goes on to say that the government will, “identify potential targets of national importance where OCEO can offer a favorable balance of effectiveness and risk as compared with other instruments of national power.”
The more aggressive approach to battling foreign nations through the internet is likely to raise concerns in certain circles about the weaponization of the web. Of course, such fears about militarization aren’t completely unwarranted. But with countries like China posing serious digital threats, government officials will likely see the moves as necessary. The document also says that any operations must abide by US and international law, though, we doubt any suggestions that our government blatantly ignore such rules would ever be put down on paper. The leak of the document follows hot on the heels of the growing PRISM scandal, which has put the nations digital policies front and center in the public’s mind.
Filed under: Internet
Source: The Guardian
Amidst increasing concern about cybersecurity, researchers at North Carolina State University have taken one step closer to guarding America’s infrastructure from Cylon attack. Well, almost. Dr. Mo-Yuen Chow and Ph.D candidate Wente Zeng have developed an algorithm that detects cyber attacks aimed at distributed network control systems (D-NCSs), which differ from their more vulnerable counterparts in that they don’t rely on a centralized brain to coordinate the network’s activities. Essentially, then, D-NCSs are nervous systems comprised of several mini-brains working together. In the event of a cyber attack, the algorithm isolates the infected brain before the contamination can spread across the network’s pathways. This software solution will be a good first line of defense when vengeful A.I. inevitably rises up in revolt. In the words of Admiral William Adama, so say we all.
It’s funny how a few tweaks can make a Government program go from completely legal, to questionably so. A new secret authorization puts the US Justice Department on the fuzzy side of the legal line, approving the expansion of a program originally intended to monitor the internet traffic of military defense contractors to include energy, healthcare and finance sectors. The original program, known as the DIB Cyber Pilot, was voluntary, requiring users to approve monitoring via a login interface. Specific details on how the new program differs aren’t known, but CNET reports that the Justice Department has begun issuing letters granting legal immunity to providers who violate the Wiretap Act for the sake of the program. These letters were sent to AT&T and other internet service providers, though it isn’t clear how many have gone out.
Electronic Privacy Information Center executive director Marc Rotenberg summarized the situation for CNET, “The Justice Department is helping private companies evade federal wiretap laws. Alarm bells should be going off.” The operation was approved by Executive order earlier this year, but remains on shaky ground. Still, these legal complications could soon vanish: if signed into law, the CISPA (Cyber Intelligence Sharing and Protection Act) would formally authorize the program. The expanded program doesn’t go into effect until June 12th and will only apply to areas of critical infrastructure. Hungry for more information? Don your tinfoil hat, and check out CNET for the entire report.
Filed under: Internet
Source: CNET
Akamai’s back with yet another snapshot of the state of the internet and, surprise surprise, it’s reporting that DDoS attacks were up threefold last year versus 2011. That stat’s just one slice of the sprawling cybersecurity picture painted by the company, which also ranks China as the foremost perpetrator of “observed attack traffic” in Q4 2012, numbering that country’s share at 41 percent. To put that into better perspective, consider that the number two and three offenders — the U.S. and Turkey, respectively — are responsible for a shared 15 percent of that traffic, while former Cold War enemy Russia accounts for just 4.3 percent. On a continent-by-continent basis, the majority of these attacks originated in the Asia Pacific / Oceania region (about 56 percent), with North and South America accounting for 18 percent.
On a much lighter note, global high-speed broadband adoption (defined as any speed equal or greater than 10Mbps) grew by 2.7 percent last quarter, with top honors going to South Korea where nearly half the population enjoys super fast internet access. For the mobile flipside, Akamai found that average global speeds hovered between 8Mbps to 345kbps down, with peak downlink speeds coming in at 44Mbps to 2.7Mbps. The bulk of mobile data requests sent to Akamai’s platform saw Android’s Webkit browser and Apple’s Mobile Safari come in nearly neck-and-neck at 35.3 percent and 32.6 percent. Although when you expand that to overall network traffic, Safari reigns supreme with a 58.7 percent share. If you’re keen to digest even more of these sobering statistics, we recommend you hit up the source for the full executive summary and even more infographics.
Source: Akamai
In recent months we have heard both U.S. and China bicker back and forth on cyber attacks originating from the other’s homeland, but now both of them will be collectively working on cybersecurity. U.S. Secretary of State John Kerry, during a visit to Beijing, revealed that both countries had agreed to speed up action on cybersecurity and had also agreed to form a working group for the purpose. This development should put an end to the hacking accusations from both sides, but it is not clear as of now what the collaboration will result in. China’s Foreign Minister has been quoted as saying that both China and U.S. should make joint efforts so as to safeguard cyberspace.
Back in February a security firm based in U.S. released a report stating that the military of China had a secret unit which behind many hacking attacks against the country. On the other hand, China says that the country had been victim of cyber attacks from the U.S. on a large scale. Both countries will also be forming a working group that will be focused towards climate change.
By Ubergizmo. Related articles: Land For Thirty Meter Telescope Finally Okayed By Hawaii, Bathroom Usage Monitor (BUM) Should Be Compulsory In Offices, 
| |
For the first time, the United States has officially disclosed plans to develop counterattack measures against foreign nations’ cyberattacks. General Keith Alexander, chief of the military’s Cyber Command and the NSA, told Congress yesterday the military is training 13 teams of programmers and computer experts to carry out offensive attacks. More »
Following revelations of hackers accessing files at companies including Apple and Facebook, Microsoft revealed today it also found evidence of intrusions. In a blog post on the Microsoft Security Response Center, general manager Matt Thomlinson indicated “a small number of computers, including some in our Mac business unit” were affected by malware of the type described in the other attacks. As he mentions, such cyberattacks are no surprise to a company with Microsoft’s profile, however one wonders if the folks in Redmond aren’t having a chuckle that Macs appear to have been exploited in this case. He continued to state that the investigation is ongoing, however it does not appear that any customer data was at risk.
Filed under: Software, Microsoft
Source: Technet Blogs, Reuters
This is site is run by Sascha Endlicher, M.A., during ungodly late night hours. Wanna know more about him? Connect via Social Media by jumping to about.me/sascha.endlicher.
