Tag Archives: nsa

Cybersecurity is threatening America’s military supremacy

The sparsely populated Spratly Islands, a collection of hundreds of islands and reefs spread over roughly 165,000 square miles in the South China Sea, are very quickly becoming the center of one of the most contentious international disputes between world powers since the fall of the Soviet Union. Alarmingly, the use of cyber attacks in this dispute suggests we might already be in the midst of a new Cold War playing out in cyberspace — where America’s advantage is not as clear as it is with conventional armies and navies. The Spratly Islands are of economic and strategic importance. All of the countries in the region — including China, Vietnam and the Philippines — have made competing territorial claims to the region. In recent years, China has become increasingly aggressive in its claim, rapidly building artificial islands while also conducting military operations in the area. Beyond this conventional military build up, however, are complex and brazen cyber attacks by China that are leaving America and its allies increasingly concerned. A massive distributed denial of service (DDoS) attack knocked offline at least 68 Philippine government websites in July, apparently in response to an international court ruling that denied China’s territorial claims in the region. Just days later, Vietnam’s national airline and major airports were targeted in a series of attacks by the Chinese hacking group 1937CN. Those are just the latest examples of China’s years long cyber campaign related to the Spratly Islands. (In another attack, the website of the aforementioned international court was infected with malware and taken offline last year.) While these “nuisance” attacks — and continued cyber espionage by China — are serious, targeted Chinese cyber attacks designed to impact America’s physical military systems in the South China Sea are the most substantial evidence that we may be on the brink of a more tangible cyber threat to American military power. China appears to be moving forward with plans to use electronic attacks designed to either disrupt or take control of American drones. With reports that the Chinese attempted to interfere with U.S. military drones at least once in recent years, the country has shown a willingness to use GPS jamming to prevent U.S. aircraft from conducting surveillance missions in the Spratly Islands. That 2015 instance appears to fit China’s public posturing on the ways it says it could use electronic GPS jamming to disrupt U.S. drone networks. One 2013 report in the Chinese journal  Aerospace Electronic Warfare  notes in technical detail how its military can “use network warfare to attack and even control America’s network” by disrupting the connection between satellites and aircraft. This sort of GPS jamming could be the largest electronic threat to the U.S. drone program. In fact, it has been widely speculated that Iran used a similar GPS “spoofing” technique to take control of a U.S. surveillance drone in 2011. The American military says it is preparing for these sorts of attacks with its new cyber strategy released last year. In addition to outlining how cyber will be included in military planning, the report calls for a hardening of the military’s cyber defenses to prevent the theft of military technology or cyber attacks against military infrastructure and weaponry. The challenge, as any expert in the cybersecurity world would tell you, is that the capabilities and sophistication of the Chinese, Russians and other state-sponsored and non-state hackers are increasing exponentially. One only has to read the news to see nearly daily evidence of this (e.g. the recent suspected NSA breech, hacks targeting Democratic political organizations, the attack against the State Department’s email system or the theft of military intel in the OPM hack). The relatively inexpensive cyber options being employed today by both state and non-state hacking groups make it an incredibly efficient “leveler” of power. A small group of hackers using simple spear-phishing tactics, for example, can have massive impact on military installations, government operations, critical infrastructure and potentially even weapons systems. The unconventional battle playing out in the South China Sea — where cyber attacks are taking the place of conventional fighting and other forms of diplomacy — is a new model of warfare. The growing cyber threat from China may pose the most immediate threat to America and its allies because, while the U.S. continues to have a clear conventional military advantage, our advantage in cyber is not as clear. Source: https://techcrunch.com/2016/09/21/cybersecurity-is-threatening-americas-military-supremacy/

Link:
Cybersecurity is threatening America’s military supremacy

FastMail falls over as web service extortionists widen attacks and up their prices

Concerted assaults on five providers and counting FastMail has become the latest web services company to get taken down by distributed denial of service (DDoS) raiders who are trying to extort Bitcoins in exchange for internet access.…

Visit site:
FastMail falls over as web service extortionists widen attacks and up their prices

Unexpectedly benevolent malware improves security of routers, IoT devices

At this point in time, the existence of a botnet comprising of tens of thousands of compromised routers and other IoT devices is not news. Nevertheless, this latest one mapped by researchers is a spec…

Read this article:
Unexpectedly benevolent malware improves security of routers, IoT devices

Why a Dyre infection leads to more than just stolen banking credentials

The Dyre/Dyreza information-stealer has without a doubt filled the vacuum generated by the 2014 and 2015 law enforcement takedowns of botnet infrastructure of several prominent financial Trojan groups…

Follow this link:
Why a Dyre infection leads to more than just stolen banking credentials

How Google saw the DDoS attack against Github and GreatFire

The recent DDoS attacks aimed at GreatFire, a website that exposes China's internet censorship efforts and helps users get access to their mirror-sites, and GitHub, the world's largest code hosting se…

Taken from:
How Google saw the DDoS attack against Github and GreatFire

New DDoS attack and tools use Google Maps plugin as proxy

Attackers are using Joomla servers with a vulnerable Google Maps plugin installed as a platform for launching DDoS attacks. A known vulnerability in a Google Maps plugin for Joomla allows the plugi…

More:
New DDoS attack and tools use Google Maps plugin as proxy

Read() or alive, you’re coming with me: Feds offer $3m reward for ‘CryptoLocker baron’

Evgeniy Bogachev accused of GameOver ZeuS botnet crimes The US State Department and the FBI, have stumped up $3m in reward money for the arrest of Evgeniy Mikhailovich Bogachev, the 30-year-old Russian man accused of stealing over $100m with his malware.…

View post:
Read() or alive, you’re coming with me: Feds offer $3m reward for ‘CryptoLocker baron’

Google unleashes tame botnet to hunt XSS in cloudy code

Security scanner spawns hordes of attackers to probe you in all sorts of ways … Google has unleashed its own application security scanner, potentially rescuing admins from ‘fiddly’ existing offerings.…

See more here:
Google unleashes tame botnet to hunt XSS in cloudy code