CYBER SECURITY – WEEKLY REVIEW (22 March 2017)

0
38

Russia’s alleged interference in last year’s US Presidential elections continued to be the hot topic in Washington DC with several hearings at the Congress and various think-tanks. Directors of the FBI and NSA gave their testimonials at the House Select Intelligence Committee while experts, including a former Estonian President, shared their observations with the Senate Judiciary Subcommittee on Crime and Terrorism.  The Senate Intelligence Committee will also be holding its hearings.  These committees will take at least another two months to complete their investigations.  The heads of the two Agencies re-confirmed their reports of Russian interference in the elections but offered no timeline to complete the investigation.

In the meantime, German authorities have also begun accusing Russia of launching digital attacks and attempting to manipulate the political narrative through disinformation to compromise the reelection campaign of Chancellor Angela Merkel.

Amid these allegations, an influential British think tank and Ukraine Military disputed a report that a US cybersecurity firm used to buttress the claims of Russian involvement in the presidential election.  Reviewing these developments, a commentary in New Yorker warned that over politicization of cyber risks could jeopardize efforts to fight genuine hazards.

This week’s report also includes sections on new threats/vulnerabilities and technical research to improve cybersecurity.

Cyberwarfare

Comey Confirms Russia Inquiry, Rejects Trump Wiretap Claims

https://www.bloomberg.com/politics/articles/2017-03-20/trump-denies-russia-collusion-as-fbi-s-comey-to-testify-in-house?cmpid=BBD032017_BIZ  FBI Director James Comey confirmed the bureau is probing potential ties between President Donald Trump’s associates and Russia during the 2016 campaign and said there’s no evidence to support the president’s allegation that his predecessor “wiretapped” Trump Tower last year.  Comey told the House Intelligence Committee during a hearing that the Federal Bureau of Investigation is conducting a broad inquiry into Moscow’s efforts to “interfere” in the presidential election, an effort he said began in late July of last year.  “Putin hated Secretary Clinton so much that the flip side of that coin was that he had a clear preference for the person running against the person he hated so much.”

Related:  Video of the House Select Intelligence Committee Hearing –  https://www.c-span.org/video/?425087-1/fbi-director-says-hes-investigating-links-trump-campaign-russia&live  FBI Director James Comey and NSA Director Admiral Michael Rogers were among the witnesses at a House Select Intelligence Committee hearing on Russian interference in the 2016 presidential election.

Russian Interference in Democracies – Senate Judiciary Subcommittee Hearing

https://www.c-span.org/video/?425415-1/senators-press-fbi-answers-wiretapping-claim-hearing-russian-interference     The Senate Judiciary Subcommittee on Crime and Terrorism held a hearing on Russia’s attempts to influence democratic countries around the world by various means, including propaganda, military threats, cyber attacks, and money-laundering networks. Experts and those experienced with Russian aggression, including former Estonian president Toomas Hendrik Ilvis, shared their observations with the committee and offered recommendations for how the U.S. could best respond to Russian actions to support and reassure other democracies around the world. 

Is Russia Hacking Germany’s Elections? Amid US Investigation, Germans Fear Fake News, Moscow Meddling

http://www.newsweek.com/russia-hack-germany-elections-us-investigation-fake-news-571522  Germany’s upcoming federal elections have been shrouded in reports of hacking and so-called fake news, sparking concerns over the integrity of the nation’s cybersecurity and the integrity of online information, not unlike last year’s U.S. presidential race.  Like their U.S. counterparts, Germany authorities have pointed to Russia, accusing Moscow of launching digital attacks and attempting to manipulate the political narrative through disinformation in order to compromise the reelection campaign of Chancellor Angela Merkel. To counter these perceived threats, Germany has bolstered its cybersecurity practices and increased efforts to remove false content from social media websites, Politico Europe reported.  Germany’s IT commissioner Klaus Vitt told Politco Europe Tuesday that, while it was extremely difficult to identify where the cyber attacks originated, he believed that a number had come from Russia or China.

Cyber Firm at Center of Russian Hacking Charges Misread Data

http://www.voanews.com/a/crowdstrike-comey-russia-hack-dnc-clinton-trump/3776067.html   An influential British think tank and Ukraine’s military are disputing a report that the U.S. cybersecurity firm CrowdStrike has used to buttress its claims of Russian hacking in the presidential election. The CrowdStrike report, released in December, asserted that Russians hacked into a Ukrainian artillery app, resulting in heavy losses of howitzers in Ukraine’s war with Russian-backed separatists.  But the International Institute for Strategic Studies (IISS) told VOA that CrowdStrike erroneously used IISS data as proof of the intrusion. IISS disavowed any connection to the CrowdStrike report. Ukraine’s Ministry of Defense also has claimed combat losses and hacking never happened.  The challenges to CrowdStrike’s credibility are significant because the firm was the first to link last year’s hacks of Democratic Party computers to Russian actors, and because CrowdStrike co-founder Dimiti Alperovitch has trumpeted its Ukraine report as more evidence of Russian election tampering.

Scotland Yard accused of hacking campaigners’ email accounts

http://www.bbc.com/news/uk-39341020   Greenpeace activist Colin Newman is one of those allegedly hacked by Scotland Yard.  The police watchdog is investigating whether Scotland Yard detectives used hackers in India to target campaigners, including Greenpeace organisers.  The claim was made in a letter from a purported whistleblower who says hundreds of email accounts were monitored without legal authority.  The letter claims officers shredded documents to cover up the monitoring, despite being ordered to preserve them.  Scotland Yard says the allegations in the letter are “deeply troubling”. 

China’s Pursuit of Next Frontier Tech:  Computing, Robotics, and Biotechnology – A Hearing by US-China Economic and Security Review Commission 

https://www.uscc.gov/Hearings/hearing-china%E2%80%99s-pursuit-next-frontier-tech-computing-robotics-and-biotechnology-video   Industrial policies outlined in the 13th Five-Year Plan (2016-2020) and related policy announcements seek to move Chinese manufacturing up the value-added chain, establish China as a global center of innovation and technology, and ensure China’s long-term productivity in critical dual-use technologies such as computing, robotics, and biotechnology. Advancements in these sectors have previously driven U.S. technological and military superiority, and the Chinese government is looking to develop its own technological leaders and reduce its dependence on foreign technology. This hearing examined what steps the Chinese government has taken to support these sectors, compare U.S. and Chinese technological leadership in these sectors, and consider the broader implications of these policies for U.S. economic and national security interests

How Not to Freak Out About Cyber War

http://www.newyorker.com/news/daily-comment/how-not-to-freak-out-about-cyber     One of the most persistent challenges in this new era is, to put it bluntly, deciding how much to freak out. The temptation to overreact to a sudden threat—by passing hasty laws, intruding on civil liberties, or spending money on the wrong defenses—is profound. Reflecting the profusion of recent headlines about the risk of hacking, a joke making the rounds in Washington these days is that the best way to guarantee funding for your project is to add “cyber” to the title.  When the risks of cyber attacks and surveillance are politicized and exploited, it’s easy to overlook genuine hazards.  Bruce G. Blair, a former missile-launch control officer and now a research scholar in the Program on Science and Global Security, at Princeton, warned of the risks that hacking pose to America’s nuclear arsenal.

Minister in Indian Home Ministry admits of increasing hacker attacks on Govt websites

http://www.newindianexpress.com/nation/2017/mar/22/india-working-with-15-countries-for-cooperation-in-information-exchange-on-cyber-crimes-1584140.html   “As per the information provided by Ministry of Electronic and Information Technology, a total number of 155, 164, 199 and 39 websites of central ministries/departments and state overnments were hacked during the year 2014, 2015, 2016 and 2017 (up to February) respectively,” the Minister said.  In response to a question, Minister of State for Home Hansraj Gangaram Ahir told the Lok Sabha, “India is working for bilateral cooperation with around 15 countries for exchange of information and data pertaining to cyber crimes and related cooperation in law enforcement.”

Hacked websites on the rise: Google

http://www.channelnewsasia.com/news/business/hacked-websites-on-the-rise-google/3611772.html    Google painted a bleak picture of cybersecurity trends saying the number of websites hacked rose 32 per cent last year, with little relief in sight.  “We don’t expect this trend to slow down. As hackers get more aggressive and more sites become outdated, hackers will continue to capitalise by infecting more sites,” Google said in a post on its webmaster blog.  Google, which inserts security warnings when it detects hacked sites, said most of those warned can clean up their pages, but that 61 per cent are not notified because their sites are not verified by the search engine.

New Threats, Vulnerabilities and Patches

Cisco Finds Critical Vulnerability in WikiLeaks Docs

http://www.tomshardware.com/news/cisco-finds-vulnerability-wikileaks-docs,33941.html   Cisco learned of a vulnerability in its software from the CIA documents published by WikiLeaks on March 7. But the security flaw wasn’t included in the problems highlighted by WikiLeaks–Cisco’s security team discovered the problem themselves while digging through the “Vault 7” document trove. The company said in a security advisory that the vulnerability could “allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.” The problem was in the Cisco Cluster Management Protocol (CMP) processing code used by the Cisco IOS and Cisco IOS XE software. Cisco provided a list of 318 products affected by the vulnerability.

Related:  More than 300 Cisco switch models vulnerable to CIA attack https://www.extremetech.com/internet/246203-300-cisco-switches-models-vulnerable-cia-hack   Cisco has said its examination of the CIA documents released by WikiLeaks points to a gaping security hold in more than 300 models of its switches.  There is no patch of this critical vulnerability, but it is possible to mitigate the risk with some seeings changes.  Cisco’s security arm sent out an advisory alerting customs that the IOS and IOS XE Software Cluster were vulnerable to hacks based on the leaked documents.  The 318 affected sitch models are most inly in the Catalyst series, but thee are also some embedded systems and IE-series switches on the list.  These are enterprise devices that cost a few thousand dollars at least.  So, nothing in your house is affected by this particular attack.

QR code scams rise in China, putting e-payment security in spotlight

http://www.scmp.com/business/china-business/article/2080841/rise-qr-code-scams-china-puts-online-payment-security   A recent spate of scams involving QR codes – or quick response codes – has shone a spotlight on the issue of security in mobile payments and sparked calls for the authorities to do more to protect consumers.  In Guangdong province, about 90 million yuan (US$13 million) has reportedly been stolen via QR code scams, according to a report this month in the Southern Metropolis Daily.  According to other Chinese news reports, policemen in Foshan, a city in the same province, recently arrested a man on suspicion of pocketing 900,000 yuan through QR code frauds.  The suspect had replaced legitimate codes created by merchants with fake ones embedded with a virus programmed to steal the personal information of consumers.

Crafty Phishing Technique Can Trick Even Tech-Savvy Gmail Users

http://www.technewsworld.com/story/Crafty-Phishing-Technique-Can-Trick-Even-Tech-Savvy-Gmail-Users-84386.html  Gmail users in recent months have been targeted by a sophisticated series of phishing attacks that use emails from a known contact whose account has been compromised. The emails contain an image of an attachment that appears to be legitimate, according to Wordfence.  The sophisticated attack displays “accounts.gmail.com” in the browser’s location bar and leads users to what appears to be a legitimate Google sign-in page where they are prompted to supply their credentials, which then become compromised.  The technique works so well that many experienced technical users have fallen prey to the scam, noted Mark Maunder, CEO of Wordfence. Many have shared warnings on Facebook to alert family and friends, given that the technique has exploited otherwise trusted contacts so successfully.

Hacker attacks from an adversary nation getting more daring, says NSA Deputy Director

http://www.reuters.com/article/us-usa-intelligence-nsa-idUSKBN16T034  NSA Deputy Director Richard Ledgett, in an interview, gave a small insight into the secret cyber battles playing out globally, around-the-clock.  In late 2015, he said, an unclassified U.S. government computer network was penetrated by another nation, and the NSA was called in to help.  In the past, when an adversary realized they had been discovered, they would withdraw.  “What happened here was, they fought back. So it became a hand-to-hand combat thing,” he said. “We’d remove their malware. They would deploy new malware, even though they knew we were in the system. They were just trying to get around us.”

War in space is becoming a real threat

https://www.washingtonpost.com/opinions/war-in-space-is-becoming-a-real-threat/2017/03/16/af3c35ac-0a8f-11e7-a15f-a58d4a988474_story.html?utm_term=.726322914ff7  Today’s digital world hangs on the satellite networks that invisibly circle the globe. They’re the wiring system for many commercial and military operations down below, and they’re highly vulnerable to attack. Russia has jammed GPS reception in Ukraine; China has hacked U.S. weather satellites; North Korea has jammed signals over the demilitarized zone.  As on Earth, the hidden danger is hacking, official or otherwise. Orbits can be changed; sensors can be blinded; data can be corrupted. Facts could become as fragile in space as on Earth, if systems aren’t protected. But first, suspicious space mavens must learn to talk with each other.

U.K. industry warned that cybercriminals are imitating nation state attacks

http://www.homelandsecuritynewswire.com/dr20170315-u-k-industry-warned-that-cybercriminals-are-imitating-nation-state-attacks    The annual assessment of the biggest cyberthreats to U.K. businesses has been published the other day, after being produced jointly for the first time by the National Crime Agency (NCA), National Cyber Security Center (NCSC). and industry partners from multiple sectors.  The NCA notes that the report discusses the trend of criminals imitating the way suspected nation state actors attack organizations such as financial institutions, and the risk posed by the ever-increasing number of connected devices, many of which are not always made secure by manufacturers or users.

International Efforts to Strengthen Cybersecurity

Australia creates $730 million Fund for defence cyber research effort

http://navalinstitute.com.au/7056-2/    The Australian Government’s $730 million Next Generation Technologies Fund is designed to provide the creative solutions Defence needs and at the same time benefiting Australian industry. This is the first time ever any Australian Government has used defence dollars to drive innovation in this way.  “This fund will draw on the collective scientific expertise of the nation across both industry and university sectors, to give the ADF a winning edge with advanced technologies.”  The Fund would also establish Defence Cooperative Research Centres, university research networks, a Defence research accelerator scheme, an innovation research initiative for small business, and expanded technology foresighting activities.

Trump’s cyber plan includes modernization, risk management and reaching out to private sector

http://federalnewsradio.com/management/2017/03/1316664/   Tom Bossert, assistant to President Trump on homeland security and counterterrorism, outlined government’s priorities on cybersecurity at Cyber Disrupt 2017 event at a think tank.  “The most directly controllable things… are federal networks and their data. Federal networks and data is the first priority for us. Priority two … is critical infrastructure, but not all critical infrastructure is equally critical, so we will focus in on the most critical of those things. We need to tackle the notion of the security of our nation and the American people. Cybersecurity is an area we talk about quite a bit but we have not yet gotten serious about a serious deterrent strategy.”

Related:  Trump’s cyber job #1: protecting federal networks and data  https://fcw.com/articles/2017/03/15/trump-cyber-priority-carberry.aspx As the White House continues to fine-tune an executive order on cybersecurity, a top official said that protecting federal networks and data as well as the critical infrastructure are the Trump administration’s top two cyber priorities. Tom Bossert, the White House homeland security and counterterrorism advisor, told an audience at the Center for Strategic and International Studies’ Cyber Disrupt Summit that the administration’s third priority is to protect the nation and the American people in cyberspace. The U.S. lacks a cyber deterrence policy, and the administration will sit the cabinet down to determine how to share information with allies and deter adversaries, Bossert said.

German Chancellor calls for standardized European rules on using data

http://www.reuters.com/article/us-germany-merkel-idUSKBN16P0EO   German Chancellor Angela Merkel called for Europe to set about standardizing rules on using data in Europe, ahead of a visit to the CeBIT technology fair in Hanover where digitalization is expected to be in focus.”We want to create a digital single European market. That means we need to have legal situations that are as similar as possible in all European countries,” Merkel said in her weekly video podcast.  A key issue is determining who owns the data and the related copyright issues, Merkel said, adding: “We’re still discussing that.”

Pentagon sees more AI involvement in cybersecurity 

https://defensesystems.com/articles/2017/03/16/cio.aspx   As the Pentagon’s Joint Regional Security Stacks moves forward with efforts to reduce the server footprint, integrate regional data networks and facilitate improved interoperability between previously stove-piped data systems, IT developers see cybersecurity efforts moving quickly toward increased artificial intelligence (AI) technology.  

Research & Development in Cybersecurity Tools 

Making mobile transactions more secure with a quantum key system

http://www.homelandsecuritynewswire.com/dr20170317-making-mobile-transactions-more-secure-with-a-quantum-key-system   With the growing popularity of mobile phone apps to pay for purchases at cash registers and gas pumps, users would like to know their personal financial information is safe from cyber-attacks. For the first time, researchers have demonstrated a prototype device that can send unbreakable secret keys from a handheld device to a terminal. If integrated into a cell phone, for example, the device could allow secure links to near-field communications mobile payment systems and indoor Wi-Fi networks. It also could improve the security of ATMs and help prevent ATM skimming attacks, which are estimated to cost the industry more than $2 billion annually.

Protecting internet video and pictures from cyberattacks

http://www.homelandsecuritynewswire.com/dr20170315-protecting-internet-video-and-pictures-from-cyberattacks  A Ben-Gurion University of the Negev (BGU) researcher has developed a new technique that could provide virtually 100 percent protection against cyberattacks launched through internet videos or images, which are a growing threat.  “Hackers like videos and pictures because they bypass the regular data transfer systems of highly secure systems, and there is significant space in which to implant malicious code.”   Internet video will comprise 82 percent of all global consumer internet traffic by 2020, according to the 2016 Cisco Visual Networking Index research report. As a result, downloaded and shared videos and images are a growing target for cyberattackers.

New brain-inspired cybersecurity system detects “bad apples” 100 times faster

http://www.homelandsecuritynewswire.com/dr20170322-new-braininspired-cybersecurity-system-detects-bad-apples-100-times-faster  Sophisticated cybersecurity systems excel at finding “bad apples” in computer networks, but they lack the computing power to identify the threats directly. These limits make it easy for new species of “bad apples” to evade modern cybersecurity systems.. The Neuromorphic Cyber Microscope, designed by Lewis Rhodes Labs in partnership with Sandia National Laboratories, directly addresses this limitation. Due to its brain-inspired design, it can look for the complex patterns that indicate specific “bad apples,” all while using less electricity than a standard 60-watt light bulb.

Even emergency call centers are vulnerable to DDoS attack

http://www.homelandsecuritynewswire.com/dr20170321-early-warning-system-for-ddos-cyberattacks ,

www.theconversation.com    Researchers from the Competence Center for IT Security, CISPA, at the Saarland University have developed a kind of early warning system for mass cyberattacks. Details and first results will be presented by the scientists at the computer fair Cebit in Hannover. These mass cyberattacks, known as Distributed Denial of Service (DDoS) attacks, are considered to be one of the scourges of the Internet. Because they are relatively easy to conduct, they are used by teenagers for digital power games, by criminals as a service for the cyber mafia, or by governments as a digital weapon. According to the software enterprise Kaspersky, some eighty countries were affected in the last quarter of 2016 alone, and counting.

Sonic cyberattacks expose security holes in ubiquitous sensors

http://www.homelandsecuritynewswire.com/dr20170320-sonic-cyberattacks-expose-security-holes-in-ubiquitous-sensors   Sound waves could be used to hack into critical sensors used in broad array of technologies including smartphones, automobiles, medical devices and the Internet of Things, Michigan Engineering research shows. The work calls into question the longstanding computer science tenet that software can automatically trust hardware sensors, which feed autonomous systems with fundamental data they need to make decisions. “Our findings upend widely held assumptions about the security of the underlying hardware. If you look through the lens of computer science, you won’t see this security problem. If you look through the lens of materials science, you won’t see this security problem. Only when looking through both lenses at the same time can one see these vulnerabilities.”

YouTube users beware: Your viewing habits can be tracked

http://www.homelandsecuritynewswire.com/dr20170320-youtube-users-beware-your-viewing-habits-can-be-tracked   Despite YouTube’s attempts to safeguard user anonymity, intelligence agencies, hackers, and online advertising companies can still determine which videos a user is watching. Researchers developed an algorithm to determine if someone had watched a specific video from a set of suspicious, terror-related videos. Intelligence agencies could access this technology for tracking terrorists or other suspicious individuals. Internet marketing companies could track the number and make-up of viewers watching an ad.  Ran Dubin, a doctoral student in the BGU Department of Communication Systems Engineering, an expert in cyber security, presented this research at the Black Hat Europe meeting in London.

Books

e-book – Cyber Warfare: The Evolving Battlefield

http://www.defenseone.com/assets/cyber-warfare/portal/    The Information Age is fast becoming the age of the zero-day vulnerability, the kind of holes in software that allow attackers get into steal, destroy, or manipulate data. As a measure of global Internet security, the number of zero days is perhaps a better metric than attempted attacks on a target, and the trend line is worrisome.  This eBook examines the Pentagon’s cutting edge cyber tools and capabilities for defending and attacking networks in the age of the zero day. It will explore how new tactics and hacks are changing defense for leaders and even soldiers in conflict zones. This collection of articles will also look at tough policy, acquisition and management choices ahead for defense leaders and policymakers working to secure the U.S. edge in cyber security in the new landscape of insecurity.  The e-book can be downloaded from above link.

 

————End———–

LEAVE A REPLY