Archive for January 2011

Democrats Introduce Legislation For National Security Against Cyber Attacks

Cyber criminals and state adversaries pose a threat to both national security and our economy by threatening infrastructure, defense systems and global communications. Criminals and hackers probe U.S. government computer networks millions of times every day, about 9 million Americans have their identities stolen each year and cyber crime costs large American businesses $3.8 million a year. More than $1 trillion worth of and intellectual property has already been stolen from American businesses.

Yesterday Senate Democrats introduced a bipartisan bill to stop state actors, criminals and terrorists in cyberspace determined to harm America’s economy and national security by attacking our technology infrastructure. The bill is sponsored by Senate Majority Leader Harry Reid and the chairs of seven committees of jurisdiction, Chairs Joe Lieberman, Jay Rockefeller, Carl Levin, Patrick Leahy, Dianne Feinstein, John Kerry and Jeff Bingaman.

“Today we rely more heavily than ever on technology to run everything from power plants to missile systems to personal computers,” Sen. Reid said. “Cyber attack could, for example, bring down our nation’s air traffic control system in a matter of seconds, with devastating impact on the economic vitality of tourist destinations throughout Nevada and our country. We must strengthen security to ensure that never happens.”

The Lieberman-Collins measure isn’t designed or intended to give broad new authority to the executive branch (nor establish an “Internet Kill Switch”). Instead, it was designed to, with the help of the industry, to determine which infrastructure was actually critical and how to best protect it to prevent a catastrophic event and mitigate the fallout from one based on existing authority.

From the Democratic Senators website: http://democrats.senate.gov/newsroom/record.cfm?id=330568&

Man tries to work for CIA in order to spy for China

Glenn Duffie Shriver from Michigan was sentenced to 48 months in prison for conspiring to provide national defense information to intelligence officers of the People’s Republic of China (PRC).

On Oct. 22, 2010, Shriver pleaded guilty to a one-count criminal information charging him with conspiracy to communicate national defense information to a person not entitled to receive it.

“Mr. Shriver sold out his country and repeatedly sought a position in our intelligence community so that he could provide classified information to the PRC,” said U.S. Attorney MacBride.

According to a statement of facts filed with his plea agreement, Shriver is proficient in Mandarin Chinese and lived in the PRC both as an undergraduate student and after graduation.

While living in Shanghai in October 2004, Shriver developed a relationship with three individuals whom he came to learn were PRC intelligence officers. At the request of these foreign agents, Shriver agreed to return to the United States and apply for positions in U.S. intelligence agencies or law enforcement organizations.

Shriver admitted in court that he knew that his ultimate objective was to obtain a position with a federal department or agency that would afford him access to classified national defense information, which he would then transmit to the PRC officers in return for cash payments.

From 2005 to 2010, Shriver attempted to gain employment as a U.S. Foreign Service Officer with the Department of State and as a clandestine service officer with the Central Intelligence Agency.

Shriver admitted that, during this time, he maintained frequent contact with the PRC intelligence officers and received more than $70,000 in three separate cash payments for what the officers called his “friendship.”

From HelpNet Security: http://www.net-security.org/secworld.php?id=10484

Russian Espionage: The Bear Is Back!

The uncovering of a Russian spy ring in the U.S. demonstrates that while the Cold War may have thawed, international espionage continues to thrive.

Russia is fielding an army of spies in the U.S. that is at least equal in number to the one deployed by the old, much larger Soviet Union, security experts say. The Bear is indeed back without the restraints of the Cold War and it’s easier than ever for Russian intelligence officers to meet, develop and recruit Americans.

In a plot right out of a spy novel, the Russian “illegals” lived for more than a decade in American cities and suburbs where they seemed to be ordinary couples working ordinary jobs. Experts on Russian intelligence expressed astonishment at the scale, longevity, and dedication of the “sleeper” program.

None of this is a surprise for KGB veteran Major General Oleg Kalugin who will be among an impressive faculty of speakers from industry and government sharing their insights and expertise at NSI’s IMPACT ’11 Conference and Expo on April 4-6, 2011 in Chantilly, VA.

General Kalugin will discuss the state of Russia’s security and intelligence organization today explaining the shift in foreign intelligence emphasis to economic, military and technological espionage with the United States viewed officially as Priority #1 rather than Enemy #1. He will share his insights into today’s Russia, the resurgence of the KGB and how Russia is targeting our nation’s most valuable secrets.”

From the National Security Institute: http://nsi.org/Impact11/Info3.html

Two Arrested in Massive iPad Hacker Attack

Two men have been charged today with allegedly hacking AT&T’s servers to obtain the information of 120,000 iPad users, including some boldface names like Hollywood mogul Harvey Weinstein, New York Mayor Michael Bloomberg and President Obama’s former chief of staff.

File photo of an AT&T Wireless store July 23, 2008 in San Francisco, California. U.S. prosecutors accused two men of hacking AT&T Inc.â??s computer servers to steal e-mail addresses and personal data of about 120,000 Apple Inc. iPad users. Then they allegedly bragged about it.

The hack attack occurred during the initial release of Apple’s tablet computer, court documents state.

According to the complaint filed by the FBI in Newark, Spitler and Auernheimer allegedly used a “brute force” hack tactic over several days last June on AT&T servers to uncover email addresses related to iPad accounts.

From ABC News Media: http://abcnews.go.com/TheLaw/att-network-ipad-hack/story?id=12639585

Hackers Can Use Smart Keys To Steal Cars!

Modern smart keys use radio frequencies to let drivers unlock and start a vehicle without fumbling with a key fob. Now European researchers have found such systems can be hacked, letting thieves easily steal your car.

While many of the hacks require access to the car’s diagnostic port, one team was able to wirelessly set off faults through tire pressure sensors.

The research by the team from the Swiss Federal Institute of Technology targeted a new weakness; the smart key fobs common on luxury vehicles and spreading to mainstream models that allow a driver to unlock doors and start a vehicle without touching the fob. Using radio signals, the fob and vehicle send encrypted signals to each other over short distances, and while other researchers had suggested the fobs could be vulnerable, no one had put the idea to a test.  The research paper is here: http://eprint.iacr.org/2010/332.pdf

iPhone and Android apps are breaching the privacy of smartphone users (but nobody is saying where your personal data is going)

Any time Angry Birds or Yelp is opened on a smartphone, information is being sent to marketers — and app developers aren’t required to reveal it. Apps running on the iPhone, Android and BlackBerry platforms often collect personal information to be resold to marketing companies and initiatives such as Google’s AdMob. These apps and others work in conjunction with in-phone GPS chips to give marketers detailed information on smartphone users’ locations, gender, ages and, in some cases, personal contacts and use of other apps.

Marketers reselling personal information from smartphone apps are working with a massive market of often-unaware users. For instance, as of December 2010, an average of 300,000 Android phones were activated daily.

Although exact figures are not available, advertising and marketing resales have become one of the largest app revenue streams for developers, with a steady stream of financial incentives existing to encourage the sale of information.

From the Wall Street Journal Online: http://online.wsj.com/article/SB10001424052748704694004576020083703574602.html

DARPA launches “insider threat” detection effort

The Defense Advanced Research Projects Agency (DARPA) has launched a project for detecting and responding to insider threats on Department of Defense networks.

Under the Cyber Insider Threat (CINDER) Program, DARPA will explore new approaches for improving the speed and accuracy of insider threat detection. The agency last week sought proposals for ways to identity hostile insider activity by monitoring specific user and network behaviors.

In the initial stage of the project, the goal is not necessarily to develop new ways of detecting individual malicious insiders themselves. Instead, DARPA hopes to figure out the tell-tale signs and network activities that organizations should monitor to accurately detect malicious activity.

“If we were looking for the insider actor himself, we might not detect someone who performs a single, isolated task and we run the risk of being inundated with false positives from events being triggered without context of a mission,” DARPA said. “To this end, CINDER starts with the premise that most systems and networks have already been compromised by various types and classes of adversaries. These adversaries are already engaged in what appear to be legitimate activities, while actually supporting adversary missions.”

In the next two phases of the three-part CINDER effort, DARPA will develop systems that can monitor networks and user activity and spot malicious activity more quickly.

From ComputerWorld: http://www.computerworld.com/s/article/9183238/DARPA_launches_insider_threat_detection_effort_for_military

At any moment, your organization could be seriously compromised by the actions of a single employee – working in the office, on the road, or from home. While billions of dollars are spent each year on security hardware and software, most data breaches are based on the weak link in the security chain: people. Despite lip service paid to the importance of information security, major breaches are still occurring in organizations large and small. A report from consultants PriceWaterhouseCoopers says that organizations should make employees their first line of defense against potential information security breaches.

Kama Sutra presentation opens backdoor to hackers

A booby-trapped Kama Sutra-themed presentation will plant a backdoor when run on Windows machines, security watchers warn.

From the Register (UK): http://www.theregister.co.uk/2011/01/12/powerpoint_backdoor_trojan_wheeze/

The supposed PowerPoint presentation file – called Real kamasutra.pps.exe* – supposedly demonstrates different sexual positions. The file does include a NSFW slideshow of 13 different positions, but this is just a decoy.

The real purpose of the distribution is to install a Trojan called AdobeUpdater.exe, and identified by net security firm Sophos as Bckdr-RFM. Compromised machines might be used to send spam or spy on users, among other malicious purposes.

Hackers would be able to update compromised machines with other strains of malware, so all manner of badness might be possible, as explained in a blog entry by Sophos’s (appropriately monikered, especially in this case) Naked Security blog here. ®

*The malicious file uses the old double extension ruse, a mainstay of virus writing for many years. While a casual glance might fool users into thinking it is a PowerPoint document, the file is actually an executable.

Post 09

Miami-Dade police buy unmanned surveillance drone to watch over the city

The Miami-Dade Police Department is poised to become the first large metro force using drones in its aerial missions. The department finalized a deal to buy a drone called T-Hawk from defense firm Honeywell and officially applied for permission from the Federal Aviation Administration (FAA) last month to begin flying it around the county.

What’s not clear is how cops will sort out the raft of thorny privacy questions hovering around plans for using this powerful, new eye in the sky.

“At this point, it doesn’t really matter if you’re against this technology, because it’s coming,” says P. W. Singer, author of Wired for War and an expert on drones. “The precedent that is set in Miami could be huge.”

Miami New Times – 12/9/2010: http://www.miaminewtimes.com/2010-12-09/news/miami-dade-police-buy-drones/

Rest assured that citizens of Miami have nothing to fear though (so long as they don’t do anything out of the ordinary)