US Govt proposal to classify Security Tools as Weapons of War w/ Export Regulations.

This would be devastating to US business and security products.

In 2013, WA agreed to add the following to their list of dual-use goods: systems, equipment or components specially designed for the generation, operation or delivery of, or communication with, intrusion software; software specially designed or modified for the development or production of such systems, equipment or components; software specially designed for the generation, operation or delivery of, or communication with, intrusion software; technology required for the development of intrusion software; Internet Protocol (IP) network communications surveillance systems or equipment and test, inspection, production equipment, specially designed components therefor, and development and production software and technology therefor. BIS, the Departments of Defense and State, as well as other agencies have been discussing the best way to add these items, which we have named “cybersecurity items,” to the Commerce Control List (CCL) (Supplement No. 1 to part 774 of the Export Administration Regulations) without reducing encryption controls and while balancing the national security and foreign policy. For resource planning purposes, as well as license requirements, license exceptions, license submission requirements, and internal license reviews and processing planning purposes, this rule is published as a proposed rule.

https://www.federalregister.gov/articles/2015/05/20/2015-11642/wassenaar-arrangement-2013-plenary-agreements-implementation-intrusion-and-surveillance-items

Advertisements

Cyberattacks on Oil and Gas Firms Launched with no Malware at all

http://securityaffairs.co/wordpress/36843/cyber-crime/cyberattacks-on-oil-and-gas-firms.html

The attacks are ongoing for about two years.

A unique targeted attack being underway for about two consecutive years exploits Windows file functions that look legitimate and a couple of homemade scripts – but not malware – in order to infiltrate firm in the gas & oil maritime transportation sector.

I-R-C-H AAS Infrastructure, Research, Crimeware and Hacking as a Service

How a botnet works: 1. A botnet operator sends...

How a botnet works: 1. A botnet operator sends out viruses or worms, infecting ordinary users’ computers, whose payload is a malicious application — the bot. 2. The bot on the infected PC logs into a particular command and control (C&C) server (often an IRC server, but, in some cases a web server). 3. A spammer purchases access to the botnet from the operator. 4. The spammer sends instructions via the IRC server to the infected PCs, causing them to send out spam messages to mail servers. (Photo credit: Wikipedia)

If you have not heard of any of these it is not surprising but they are beginning to effect everyones daily lives. All of these have been purchasable in the past but never at the scale that is being exposed today. The advent of the cloud and the proliferation of the internet around the world has brought about a new level of willing hacker. It also has allowed the launching of DDoS attacks that are larger and as complex as the most complex systems in the world.

I recently did an example of an attack that launched 2000 different servers in the matter of minutes to completely flood a switching network shutting off the ability to get any communication out. This shut down everything that ran across an IP network; this included their pbx switch and their building security. It would have only taken a bit more to have caused their cell phones to not work as well leaving the building an island ready for a physical attack.

Crimeware is widely exploited by the criminal underground that seeks to improve its economy by the easiest means. The gist: “Criminals have started to use online cybercrime services instead of having to deal themselves with the technical challenges of running their own Crimeware server, installing Crimeware toolkits or compromising legitimate websites,” says Finjan.  In other words, it’s point, click and hack (Dignan, 2008).

Cybercrime thieves operate in a market that is sensitive to location and economic trends, they cannot use a “one-­‐scheme-­‐fits-­‐all” approach. The attacks must be customized for each geographic region and focus on a selected group of users and/or businesses. These attacks are often called “campaigns” and incorporate Crimeware toolkits, Trojans and Botnets to do their dirty work (Finjan, 2008).

http://hacksurfer.com/amplifications/247-cybercrime-is-for-sale-and-the-market-is-booming

Enhanced by Zemanta

Power surges cripple the NSA data center

National Security Agency Seal

The National Security Agency’s $2 billion mega data center is going up in flames. Technical glitches have sparked fiery explosions within the NSA’s newest and largest data storage facility in Utah, destroying hundreds of thousands of dollars worth of equipment, and delaying the facility’s opening by one year.

And no one seems to know how to fix it.

For a country that prides itself on being a technology leader, not knowing the electrical capacity requirements for a system as large as this is inexcusable. Within the last 13 months, at least 10 electric surges have each cost about $100,000 in damages, according to documents obtained by the Wall Street Journal. Experts agree that the system, which requires about 64 megawatts of electricity—that’s about a $1 million a month energy bill–isn’t able to run all of its computers and servers while keeping them cool, which is likely triggering the meltdowns.

http://mobile.bbc.co.uk/news/technology-24443266

Enhanced by Zemanta

Aadhaar-linked accounts to be basis for mobile payments

200 px

I do find it interesting that everyone in the development community is focused on mobile payments and yet the attachment of a higher level of verification using biometrics and a randomly generated 12 digit number and it is a target at every turn.

Over 30 million linked accounts to start DBT payments in most countries would be considered a resounding success. M-Pesa still only has 17 million accounts and a very very low level of security but is considered the gold standard for mobile payments. Praveen Chakravarty, chief executive, Anand Rathi Financial Services, says, the application sounds great conceptually and is in line with the government’s current thrust on financial inclusion. “Of the 600,000 villages in the country, banks are present in only 40,000.”

Now, Aadhaar-linked accounts to be basis for mobile payments | Business Standard.

Enhanced by Zemanta

Smart Grid Cybersecurity: Q&A With Andy Bochman

English version of a map showing the Regional ...

3500 utilities — With 3,500 different utility producers within the US electric grid and no common thread for technology implementation the entire grid is largely maintained by the theory of “security through obscurity.” NERC and more important the CIP (Critical Infrastructure Protection) working group has worked hard to build some of these standards but also as rotation of new equipment that confirm they adhere to standards.

This is a great Q&A with Andy Bochman, one of the energy industry’s top cybersecurity experts, has been saying for a long time that the utility industry and its regulators need to add cybersecurity to the list of long-established categories of risk — safety, reliability and financial security among them — that they attend to every day.

http://www.greentechmedia.com/articles/read/smart-grid-cybersecurity-qa-with-andy-bochman

Enhanced by Zemanta

1024 bit RSA key of certified smartcards hacked!

Cryptographically secure pseudorandom number g...

Most of your online traffic is encrypted through a protocol called SSL, or Secure Sockets Layer. Basically, when you access a website, what’s happening is your client (such as a Web browser) is accessing a server, the computer on which the website’s data is stored. Through the client-server connection, the server’s data comes over the Internet to your screen. This connection is encrypted so that eavesdroppers won’t be able to view sensitive information such as credit card info, IP addresses and account details.

SSL is the method by which many websites, including Amazon.com and Facebook, keep their users’ data secure. If you think of encryption as a lockbox in which your information is stored, the way to open that box is a complex string of ones and zeroes called a 1024- bit key.

Cybersecurity expert Robert David Graham of Errata Security speculates that the NSA is working on better, faster ways to crack 1024-bit keys for the encryption algorithms known as Rivest-Shamir-Adleman (RSA) and Diffie-Hellman (DH).

http://smartfacts.cr.yp.to/

Enhanced by Zemanta