US Govt proposal to classify Security Tools as Weapons of War w/ Export Regulations.

This would be devastating to US business and security products.

In 2013, WA agreed to add the following to their list of dual-use goods: systems, equipment or components specially designed for the generation, operation or delivery of, or communication with, intrusion software; software specially designed or modified for the development or production of such systems, equipment or components; software specially designed for the generation, operation or delivery of, or communication with, intrusion software; technology required for the development of intrusion software; Internet Protocol (IP) network communications surveillance systems or equipment and test, inspection, production equipment, specially designed components therefor, and development and production software and technology therefor. BIS, the Departments of Defense and State, as well as other agencies have been discussing the best way to add these items, which we have named “cybersecurity items,” to the Commerce Control List (CCL) (Supplement No. 1 to part 774 of the Export Administration Regulations) without reducing encryption controls and while balancing the national security and foreign policy. For resource planning purposes, as well as license requirements, license exceptions, license submission requirements, and internal license reviews and processing planning purposes, this rule is published as a proposed rule.

https://www.federalregister.gov/articles/2015/05/20/2015-11642/wassenaar-arrangement-2013-plenary-agreements-implementation-intrusion-and-surveillance-items

Cyberattacks on Oil and Gas Firms Launched with no Malware at all

http://securityaffairs.co/wordpress/36843/cyber-crime/cyberattacks-on-oil-and-gas-firms.html

The attacks are ongoing for about two years.

A unique targeted attack being underway for about two consecutive years exploits Windows file functions that look legitimate and a couple of homemade scripts – but not malware – in order to infiltrate firm in the gas & oil maritime transportation sector.

I-R-C-H AAS Infrastructure, Research, Crimeware and Hacking as a Service

How a botnet works: 1. A botnet operator sends out viruses or worms, infecting ordinary users’ computers, whose payload is a malicious application — the bot. 2. The bot on the infected PC logs into a particular command and control (C&C) server (often an IRC server, but, in some cases a web server). 3. A spammer purchases access to the botnet from the operator. 4. The spammer sends instructions via the IRC server to the infected PCs, causing them to send out spam messages to mail servers. (Photo credit: Wikipedia)

If you have not heard of any of these it is not surprising but they are beginning to effect everyones daily lives. All of these have been purchasable in the past but never at the scale that is being exposed today. The advent of the cloud and the proliferation of the internet around the world has brought about a new level of willing hacker. It also has allowed the launching of DDoS attacks that are larger and as complex as the most complex systems in the world.

I recently did an example of an attack that launched 2000 different servers in the matter of minutes to completely flood a switching network shutting off the ability to get any communication out. This shut down everything that ran across an IP network; this included their pbx switch and their building security. It would have only taken a bit more to have caused their cell phones to not work as well leaving the building an island ready for a physical attack.

Crimeware is widely exploited by the criminal underground that seeks to improve its economy by the easiest means. The gist: “Criminals have started to use online cybercrime services instead of having to deal themselves with the technical challenges of running their own Crimeware server, installing Crimeware toolkits or compromising legitimate websites,” says Finjan.  In other words, it’s point, click and hack (Dignan, 2008).

Cybercrime thieves operate in a market that is sensitive to location and economic trends, they cannot use a “one-­‐scheme-­‐fits-­‐all” approach. The attacks must be customized for each geographic region and focus on a selected group of users and/or businesses. These attacks are often called “campaigns” and incorporate Crimeware toolkits, Trojans and Botnets to do their dirty work (Finjan, 2008).

http://hacksurfer.com/amplifications/247-cybercrime-is-for-sale-and-the-market-is-booming

Related articles

• 2013 – The Impact of Cybercrime
• Prolexic DDoS
• Only 2 countries have been hit with DDoS attacks every day since May. The U.S. is one.

Power surges cripple the NSA data center

The National Security Agency’s $2 billion mega data center is going up in flames. Technical glitches have sparked fiery explosions within the NSA’s newest and largest data storage facility in Utah, destroying hundreds of thousands of dollars worth of equipment, and delaying the facility’s opening by one year.

And no one seems to know how to fix it.

For a country that prides itself on being a technology leader, not knowing the electrical capacity requirements for a system as large as this is inexcusable. Within the last 13 months, at least 10 electric surges have each cost about $100,000 in damages, according to documents obtained by the Wall Street Journal. Experts agree that the system, which requires about 64 megawatts of electricity—that’s about a $1 million a month energy bill–isn’t able to run all of its computers and servers while keeping them cool, which is likely triggering the meltdowns.

http://mobile.bbc.co.uk/news/technology-24443266

Related articles

• NSA’s Utah Spy Supercenter Crippled By Power Surges
• NSA’s Utah Spy Supercenter Crippled By Power Surges

Aadhaar-linked accounts to be basis for mobile payments

I do find it interesting that everyone in the development community is focused on mobile payments and yet the attachment of a higher level of verification using biometrics and a randomly generated 12 digit number and it is a target at every turn.

Over 30 million linked accounts to start DBT payments in most countries would be considered a resounding success. M-Pesa still only has 17 million accounts and a very very low level of security but is considered the gold standard for mobile payments. Praveen Chakravarty, chief executive, Anand Rathi Financial Services, says, the application sounds great conceptually and is in line with the government’s current thrust on financial inclusion. “Of the 600,000 villages in the country, banks are present in only 40,000.”

Now, Aadhaar-linked accounts to be basis for mobile payments | Business Standard.

Related articles

• The Mobile Payments Rush Is On, And The Winners Will Shape The Future Of Transactions And Commerce
• Now, Aadhaar-linked accounts to be basis for mobile payments

Smart Grid Cybersecurity: Q&A With Andy Bochman

3500 utilities — With 3,500 different utility producers within the US electric grid and no common thread for technology implementation the entire grid is largely maintained by the theory of “security through obscurity.” NERC and more important the CIP (Critical Infrastructure Protection) working group has worked hard to build some of these standards but also as rotation of new equipment that confirm they adhere to standards.

This is a great Q&A with Andy Bochman, one of the energy industry’s top cybersecurity experts, has been saying for a long time that the utility industry and its regulators need to add cybersecurity to the list of long-established categories of risk — safety, reliability and financial security among them — that they attend to every day.

http://www.greentechmedia.com/articles/read/smart-grid-cybersecurity-qa-with-andy-bochman

Related articles

• Enhancing International Cybersecurity: Will The UN Reach A Deal? – Analysis

1024 bit RSA key of certified smartcards hacked!

Most of your online traffic is encrypted through a protocol called SSL, or Secure Sockets Layer. Basically, when you access a website, what’s happening is your client (such as a Web browser) is accessing a server, the computer on which the website’s data is stored. Through the client-server connection, the server’s data comes over the Internet to your screen. This connection is encrypted so that eavesdroppers won’t be able to view sensitive information such as credit card info, IP addresses and account details.

SSL is the method by which many websites, including Amazon.com and Facebook, keep their users’ data secure. If you think of encryption as a lockbox in which your information is stored, the way to open that box is a complex string of ones and zeroes called a 1024- bit key.

Cybersecurity expert Robert David Graham of Errata Security speculates that the NSA is working on better, faster ways to crack 1024-bit keys for the encryption algorithms known as Rivest-Shamir-Adleman (RSA) and Diffie-Hellman (DH).

http://smartfacts.cr.yp.to/

Related articles

• Fatal crypto flaw in some government-certified smartcards makes forgery a snap
• RSA Security tells customers to drop NSA-related encryption algorithm

Mean streets of New York or Sharks?

• The likelihood of being involved in a shark accident is considerably smaller than winning the top prize in lottery.

• Between 1959 and 2003 1,857 people were struck and killed by lightening alone in the coastal states of the USA. In the same time frame there were 740 shark accidents, 22 of which were fatal.
  

• Probability of accidents in water sports activities (USA coastal states, 2000)
  

  Number of water sports activities	264,156,728
  Deaths caused by drowning	74
  Shark accidents	23
  Deaths caused by shark accidents	0
  Drowning	1 case out of 3.5 millionen water sports activities
  Shark accidents	1 case out of 11.5 millionen water sports activities
  Deaths caused by shark accidents	0 out of 264.2 millionen water sports activities

• Alone in the USA and Canada approximately 40 people are killed each year by pigs – six times more than by sharks worldwide.

• In Australia the possibility of drowning is 20 times higher than being bitten by a shark.

• In the USA the probability is 16 times higher of being hit by lightning than being bitten by a shark.

• Around the world, considerably more people are killed by falling coconuts than are bitten by sharks.

• Alone in New York people are bitten 10 times more each year by other people than worldwide by sharks.

http://www.shark.ch/Information/Accidents/index.html

Related articles

• Shark takes bite out of local surfer
• Sharks: Tara Reid ‘Sharknado’ Star Explains Whale Sharks? Watch Her Explanation on Discovery Channel ‘Shark After Dark’ [VIDEO]

Nairobi Mall Massacre

Incredible pictures (pretty graphic) from the Nairobi mall massacre. http://t.co/tUO3C3RUOg #Westgate

— Kadambari Murali (@KadambariM) September 22, 2013

Related articles

• Kenyan Officials Reporting 59 Dead; 175 Injured in Nairobi Mall Massacre
• Massacre at a Nairobi mall
• Kenya declares end to Nairobi terror attack after seized mall burns

Brazilian Hackers Mistakenly Attack NASA As Payback For NSA Spying.

NASA got an interesting surprise when 14 of their websites were taken down by an experienced Brazilian hacker. The cyberattack targeted pages by NASA’s Ames Research Center, including one which contained information about the Kepler Space telescope.

Although he was successful in bringing the sites down, the hacker may have accidentally targeted the wrong organization. The intended recipient would appear to be the NSA, but somehow an extra letter was incorrectly inserted into the domain name.

The hacker left this passionate response on the NASA domain on Friday, explaining his motivation behind the attack:

“NASA HACKED! BY #BMPoCWe! Stop spy on us! The Brazilian population do not support your attitude! The Illuminati are now visibly acting! Obama heartless! Inhumane! you have no family? the point in the entire global population is supporting you. NOBODY! We do not want war, we want peace!!! Do not attack the Syrians.”

Despite a misplaced letter providing us with a somewhat reasonable explanation, other evidence would suggest that the mistake was intentional. This isn’t the first time that the accused hacker has targeted NASA, going after 4 more of the space program’s pages in April. Furthermore, unlike the NSA’s domains which are heavily protected, NASA is known for its relatively relaxed security measures, making it a popular destination among the hacking community.

http://www.businessinsider.com/brazil-hackers-nasa-nsa-mixup-2013-9

Related articles

• NASA Websites Taken Down by Brazilian Hackers with Social Message on Syria
• 14 Official NASA Domains Hacked Displaying Messages About NSA, Syria and “Illuminati”