gfmask Cyberwar Roundup

Panetta Sounds Alarm on Cyber-War Threat
Panetta came to the nation’s financial hub – New York City – to issue his battle cry. The city is the brightest bulls-eye on the American target for foes wishing to cripple the U.S. economy with computerized “worms” and “malware” that can infect computer networks via the Internet or insider sabotage. “It is the kind of capability that can basically take down a power grid, take down a water system, take down a transportation system, take down a financial system,” he told Time editors. “We are now in a world in which countries are developing the capability to engage in the kind of attacks that can virtually paralyze a country.”

MOFCOM GOV CN (Chinese Ministry of Commerce) PWNED
On October 11th, 2012, Anonymous gained access to the servers of the Chinese Ministry of commerce and extracted 374mb of documents. A lot of them contain details about deals with Russia, Ukraine and Belarus. The documents are partly in English, Russian and Chinese.
See also: Hackers claim to have cracked servers Chinese representation in Belarus

Is ‘cyberwar’ another harmless buzzword, or an impending threat of nuclear proportions?
Is the whole thing being overstated as a threat? When people like Richard Clarke, the former head of counterterrorism in the US, warn that the cyber war could already be lost you may want to unplug your PC and run for the hills. But you have to take it with a pinch of salt from a man who now runs a cyber-security company, which would no doubt love a big contract.

Cyber War? Bring It On!
We’ve been warned again. The USA and all its citizens are under threat of “a cyber-Pearl Harbor!” Find a desk to hide under. Look for cover. Make it a place where the whole family can meet up so you can do a head count and see who is missing. No seriously, a cyberattack is imminent and could happen any minute! I need to get in on some of this action by becoming a consultant.

U.S.: Hackers in Iran Responsible for Cyberattacks on Oil, Gas Companies
U.S. authorities believe that Iranian-based hackers were responsible for cyberattacks that devastated Persian Gulf oil and gas companies, a former U.S. government official said. Just hours later, Defense Secretary Leon Panetta said the cyberthreat from Iran has grown, and he declared that the Pentagon is prepared to take action if American is threatened by a computer-based assault.

So much outrage, so little time
This morning, hoping to get some discussion going (and somehow turning it into something blogworthy) I asked the question: Of all the missteps you see daily in infosec, what outrages you the most and why?

Hacking Google: The three Israeli white hats rooting out the web’s security holes
All three work at Israeli security company Avnet, which, among other things, tests enterprise websites in Israel for vulnerabilities. The Google work is a sideline for the three hackers – but a very lucrative one that has earned each several thousands of dollars, given that Google pays between $500 and $3,000 for each bug discovered. The three white hats have each earned that kind of money despite the fact that hundreds of hackers around the world participate in the programme – Google is so large, there are more than enough security lapses to go around.

Google rewards a hacker with $60,000 for breaking Chrome
Google confirmed that the winner of the contest – which was the second of its kind, part of the Hack In The Box conference in Kuala Lumpur, Malaysia – was a pwner named “Pinkie Pie”, who was the only participant with a successful entry.

U.S. Bank Hacks Expand; Regions Financial Hit
Still, the attacks have been notable because even with attackers’ prior warning, they’ve managed to disrupt the websites of some of the country’s largest financial firms, including Bank of America, JPMorgan Chase, PNC, U.S. Bank, and Wells Fargo. As that skill and sophistication suggest, the bank attacks haven’t been launched by just one individual, or using a single tool, but rather by multiple well-organized groups wielding a variety of tools, according to Prolexic.

Cyberwar, Cyberdouchery, and Where the Rubber Meets the CyberRoad
Well, so here we are, we are in the age of the “Cyberwars” as much as the term might stick in the craw of many in the community. I would put it to you that as a person with anything online, you are a target. Whether it be the cyberwarfare of the state, or the cyber machinations of the criminal gang seeking to steal your money or your data, we all are under the same threats. Infrastructure as well as your personal PC are targets within a larger game of digital Stratego. Face the fact, live with it a while, and then think about what you can do to insulate yourselves a bit better.



5 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>