Cyber Security

WEEKLY REPORT ON CYBER SECURITY

March 8, 2017

New leaks this week further demonstrate massive capacities being built by major countries for Cyber Warfare and how they are being used to attack other countries, both friends and foe.  One can see “double standards” in their statements that while they can use these new warfare tools to cripple adversaries, they warn others against using them. Those who cannot catch up with these new technologies will lose their battles even before they start. 

*****

WikiLeaks says it has obtained trove of CIA hacking tools

https://wikileaks.org/ciav7p1/ – WikiLeaks said March 7 that it has obtained a vast portion of the CIA’s computer hacking arsenal, and began posting the files online in a breach that may expose some of the U.S. intelligence community’s most closely guarded cyber weapons. These exceed in scale and significance the massive collection of NSA documents exposed by Edwar Snowden. WikiLeaks indicated that it planned to post nearly 9,000 files describing code developed in secret by the CIA to steal data from targets overseas and turn ordinary devices including cellphones, computers and even television sets into surveillance tools.  The digital files are designed to exploit vulnerabilities in consumer devices including Apple’s iPhone, Google’s Android software and Samsung television sets, according to WikiLeaks, which labeled the trove “Year Zero.” They even enable the agency to bypass encryption-enabled applications, including WhatsApp, Signal and Telegram. As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks which would permit the CIA to engage in nearly undetectable assassinations.

North Korea’s Missile Launches Were Failing Too Often – Could Cyber Attacks Defeat these Missle Tests

https://www.nytimes.com/2017/03/06/insider/a-eureka-moment-for-two-times-reporters-north-koreas-missile-launches-were-failing-too-often.html?hp&action=click&pgtype=Homepage&clickSource=story-heading&module=second-column-region&region=top-news&WT.nav=top-news   Two New York Times reporters conducted an eight-month-long investigation into evidence that the US was experimenting with a new form of missile defense through Cyber tools. They found documents from Pentagon testimony and companies like Raytheon describing a program called “left of launch” that allows for the sabotage of an adversary’s systems before anyone presses the big red button.  They found evidence that North Korea was a target. These blended old-style electronic warfare and new-style cyber attacks, with some loud echoes of the techniques used in “Olympic Games,” the code name for the Iran sabotage.

Related Story:https://www.nytimes.com/2017/03/04/world/asia/north-korea-missile-program-sabotage.html?hp&action=click&pgtype=Homepage&clickSource=story-heading&module=second-column-region&region=top-news&WT.nav=top-news&_r=0 – Trump Inherits a Secret Cyberwar Against North Korean Missiles –  An examination of the Pentagon’s disruption effort, based on interviews with officials of the Obama and Trump administrations as well as a review of extensive but obscure public records, found that the United States still does not have the ability to effectively counter the North Korean nuclear and missile programs. Those threats are far more resilient than many experts thought, The New York Times’s reporting found, and pose such a danger that Mr. Obama, as he left office, warned President Trump they were likely to be the most urgent problem he would confront.

http://nautilus.org/napsnet/napsnet-policy-forum/could-cyber-attacks-defeat-north-korean-missile-tests/
– This essay by Markus Schiller and Peter Hayes suggests that it is improbable that US cyber attacks were the cause of DPRK intermediate range missile failure as was suggested in the New York Times story. They claim that the assertion that cyber attacks could cause a higher rate of faiure than wold otherwise have occurred is, to put it mildly, a stretch.  

Russia’s interference in US, European elections could be “act of war”: NATO commander

http://www.homelandsecuritynewswire.com/dr20170303-russias-interference-in-u-s-european-elections-could-be-act-of-war-nato-commander?page=0,1 – General Sir Adrian Bradshaw, the Deputy Supreme Allied Commander Europe, has said that Russian cyberattacks on NATO member states could be deemed an act of war and trigger the principle of the military alliance’s collective defense.   Bradshaw said reports of Russian interference in American and European elections and Russian international disinformation campaign could lead alliance leaders to broaden the definition of an “attack.”

South Korea’s Lotte Duty Free says website crashed after attack from Chinese IPs

http://www.reuters.com/article/us-lotte-china-idUSKBN1690HR
Lotte Duty Free on Thursday said a cyber attack using Chinese internet protocol (IP) addresses has crashed its website, the latest report of irregularity from a South Korean firm in China since Seoul decided to deploy a U.S. missile defense system.  The attack comes after affiliate Lotte International Co Ltd on Monday approved a land swap to allow the U.S. Terminal High Altitude Area Defence (THAAD) system on what was once its property, in response to the North Korean missile threat. Neighboring China objected to the deployment of the system, which has a radar capable of penetrating Chinese territory, saying it will destabilize regional security while doing little to contain heightened security risk on the Korean peninsula.

China warns against cyber “battlefield” in internet strategy

http://in.reuters.com/article/china-internet-idINKBN16849B  – “The building of national defence cyberspace capabilities is an important part of China’s military modernisation,” the Foreign Ministry and the Cyberspace Administration of China, the country’s internet regulator, said in a strategy paper on the ministry’s website. China will help the military in its important role of “safeguarding national cyberspace sovereignty, security and development interests” and “hasten the building of cyberspace capabilities”, they said, but also called on countries to “guard against cyberspace becoming a new battlefield”.

Related story: http://news.xinhuanet.com/english/china/2017/03/01/c_136094371.htm?utm_source=The+Sinocism+China+Newsletter&utm_campaign=809d0ed4ba-EMAIL_CAMPAIGN_2017_03_02&utm_medium=email&utm_term=0_171f237867-809d0ed4ba-29622273&mc_cid=809d0ed4ba&mc_eid=a080463883 – Full Text: International Strategy of Cooperation on Cyberspace – Xinhua :  provides a comprehensive explanation of China’s policy and position on cyber-related international affairs as well as the basic principles, strategic goals and plan of action in its external relations on that front.

Russian Hackers said to seek Hush money from US Liberal Groups

https://www.bloomberg.com/news/articles/2017-03-06/russian-hackers-said-to-seek-hush-money-from-liberal-u-s-groups – Russian hackers are targeting U.S. progressive groups in a new wave of attacks, scouring the organizations’ emails for embarrassing details and attempting to extract hush money, according to two people familiar with probes being conducted by the FBI and private security firms.  At least a dozen groups have faced extortion attempts since the U.S. presidential election, said the people, who provided broad outlines of the campaign. The ransom demands are accompanied by samples of sensitive data in the hackers’ possession.

8.5 mn malicious malware threats were identified in 2016

http://economictimes.indiatimes.com/articleshow/57450432.cms?utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst
– Last year saw a near-threefold rise in mobile malware detections as compared to 2015, with 8.5 million malicious installations being identified and advertising Trojans leading the way, a new report said on Friday.  According to a report by the Russian cyber security company Kaspersky Lab, in the space of just one year, a volume equivalent to 50 per cent of all the malware detected in the previous 11 years (15.77 million from 2004-2015) was released. Russia, Australia and Ukraine are the top three countries affected in terms of the percentage of users attacked by mobile banking Trojans relative to all users hit by mobile malware. 

Uber used Cyber tool, Greyball, to avoid Law Enforcement

https://www.nytimes.com/2017/03/03/technology/uber-greyball-program-evade-authorities.html?_r=2&cmpid=BBD030617_TECH    – Uber has for years engaged in a worldwide program to deceive the authorities in markets where its low-cost ride-hailing service was resisted by law enforcement or, in some instances, had been banned.  The program, involving a tool called Greyball, uses data collected from the Uber app and other techniques to identify and circumvent officials who were trying to clamp down on the ride-hailing service. Uber used these methods to evade the authorities in cities like Boston, Paris and Las Vegas, and in countries like Australia, China and South Korea.

Hacker reveals simple loophole to get free Uber rides for life

http://www.telegraph.co.uk/technology/2017/03/03/hacker-reveals-simple-loophole-get-free-uber-rides-life/A hacker has discovered a genius way to get free Uber rides by uncovering a security bug for the popular taxi service.  Users can create their account on Uber.com and can start riding. When a ride is completed, a user can either pay cash or charge it to their credit/debit card.  But, by specifying an invalid payment method for example: abc, xyz etc, one could ride Uber for free. This has now been resolved.

Amazon Web Services Errors Disrupt Big Part of the Internet

https://www.bloomberg.com/news/articles/2017-02-28/amazon-web-services-reports-high-error-rates-with-data-storage?cmpid=BBD030117_TECH – Amazon Web Services reported “high error rates” with its S3 service, which it describes as a “simple storage solution” that can be used to house data, manage web applications and host software that customers can download via the interenet.  S3 is used by nearly 150,000 websites, including ESPN.com and aol.com, SoundClud, Quora, Giphy and Slack. Amazon said the problem is rectified. 

Serious security vulnerabilities found in home, business, industrial robots

http://www.homelandsecuritynewswire.com/dr20170306-serious-security-vulnerabilities-found-in-home-business-industrial-robots – Seattle, Washington-based IOActive, Inc. last week released a new paper identifying numerous vulnerabilities found in multiple home, business, and industrial robots available on the market today. The vulnerabilities identified in the systems evaluated included many graded as high or critical risk, leaving the robots susceptible to cyberattack. Attackers could employ the problems found maliciously to spy via the robot’s microphone and camera, leak personal or business data, and in some cases, cause serious physical harm or damage to people and property in the vicinity of a hacked robot.

Game Theory insights could improve cyberwarfare strategy

http://www.homelandsecuritynewswire.com/dr20170302-game-theory-insights-could-improve-cyberwarfare-strategy – Whether a nation should retaliate against a cyberattack is a complicated decision, and a new framework guided by game theory could help policymakers determine the best strategy.  A new study examines when a victim should tolerate a cyberattack, when a victim should respond – and how. The researchers use historical examples to illustrate how the Blame Game applies to cases of cyber or traditional conflict involving the United States, Russia, China, Japan, North Korea, Estonia, Israel, Iran, and Syria.