November 7th, 2016
Eric De Grasse
Chief Technology Officer
7 November 2016 – Last week two researchers at the Black Hat Europe security conference in London revealed a method of infecting industrial equipment with an undetectable rootkit component that can wreak havoc and disrupt the normal operations of critical infrastructure all over the world. The attack targets PLCs (Programmable Logic Controllers), devices that sit between normal computers that run industrial monitoring software and the actual industrial equipment, such as motors, valves, sensors, breakers, alarms, and others.
Researchers say they packed their attack as a loadable kernel module, which makes it both undetectable and reboot persistent. The attack goes after PLC pin configurations, meaning the PLC won’t be able to tell which are the actual input and output pins, allowing the attacker full-control to make up bogus sensor data, send fake commands, or block legitimate ones.
The researchers acknowledge that the attack is extremely complicated, but the article argues it would still be of interest to a state-sponsored actor.
… Read more
August 9th, 2016
Eric De Grasse
Chief Technology Officer
9 August 2016 – Just back from Black Hat and DEF CON in Las Vegas, to find a welcome story ….
It’s been just over a year since amateur aviation sleuths first revealed the FBI’s secret aerial surveillance of the civil unrest in Baltimore, Maryland. Now, in response to a FOIA request from the ACLU, the Bureau has released more than 18 hours of aerial footage from the Baltimore protests captured by their once-secret spy planes, which regularly fly in circles above major cities and are commonly registered to fake companies.
The cache is likely the most comprehensive collection of aerial surveillance footage ever released by a US law enforcement agency. The footage shows the crowds of protesters captured in a combination of visible light and infrared spectrum video taken by the planes’ wing-mounted FLIR Talon cameras … military-qualified and used by CIA drones in the Middle East; not available on Amazon … yet
While individual faces are not clearly visible in the videos, it’s frighteningly easy to imagine how cameras … Read more
August 6th, 2016
6 August 2016 – Every move you make. Every click you take. Every game you play. Every place you stay. They’ll be watching you. IDI, a year-old company in the so-called data-fusion business, is the first to centralize and weaponize all that information for its customers. The Boca Raton, Fla., company’s database service, idiCORE, combines public records with purchasing, demographic, and behavioral data.
Chief Executive Officer Derek Dubner says the system isn’t waiting for requests from clients — it’s already built a profile on every American adult, including young people who wouldn’t be swept up in conventional databases, which only index transactions. ‘We have data on that 21-year-old who’s living at home with mom and dad,’ he says.
… Read more
August 6th, 2016
6 August 2016 – U.S. intelligence agencies have assigned more than 1,000 spies to security at the Rio 2016 Summer Games. NBC News reports:
“The classified report outlines an operation that encompasses all 17 U.S. intelligence agencies, including those of the armed services, and involves human intelligence, spy satellites, electronic eavesdropping, and cyber and social media monitoring. Areas of cooperation include vetting 10,000-plus athletes and 35,000-plus security and police personnel and others; monitoring terrorists’ social media accounts; and offering U.S. help in securing computer networks, the review shows. ‘U.S. intelligence agencies are working closely with Brazilian intelligence officials to support their efforts to identify and disrupt potential threats to the Olympic Games in Rio,’ said Richard Kolko, a spokesman for National Intelligence Director James Clapper.”… Read more
August 1st, 2016
1 August 2016 – When the Republican presidential nominee Donald Trump asked Russia — wittingly or otherwise — to launch hack attacks to find Hillary Clinton’s missing emails, it stirred a commotion. Russia is allegedly behind the DNC’s leaked emails (see our boss’ take on all of this here).
But The Washington Post is reminding us that U.S.’s efforts in the cyber-security world aren’t much different. From the report:
The U.S. approach to this digital battleground is pretty advanced. For example: Did you know that the military uses its submarines as underwater hacking platforms? In fact, subs represent an important component of America’s cyber strategy. They act defensively to protect themselves and the country from digital attack, but — more interestingly — they also have a role to play in carrying out cyberattacks, according to two U.S. Navy officials at a recent Washington conference. “There is a — an offensive capability that we are, that we prize very highly,” said Rear Adm. Michael Jabaley, the U.S. Navy’s program executive officer for submarines. “And this is where I … Read more
June 5th, 2016
5 June 2016 – Traditional companies continue to score a huge number of patents, reports Quartz. The publication deep dived into the patent filings to find which company has been awarded the most number of patents this year. According to its finding, IBM has been awarded 3,617 patents so far this year, whereas Samsung comes close with 3,032 patents during the same period. Behind these giants sit Google with 1,530 patents, Intel with 1,293, Qualcomm with 1,262, Microsoft with 1,232, and Apple with 1,060 patents. From the report:
Although IBM’s patent-producing power slowed somewhat in 2015, the number of patents it’s received so far this year is up more than 13% compared to a year earlier. The company is in the middle of a painful reinvention, that sees the company shifting further away from hardware sales into cloud computing, analytics, and AI services. It’s also plugging away on a myriad of fundamental scientific research projects — many of which could revolutionize the world if they can come to fruition — which is where many of its patent applications … Read more
May 1st, 2016
Predator drone at the ready in a hangar
1 May 2016 – From this weekend’s Sunday Times of London:
Islamic State hackers have published a “hit list” of dozens of US military personnel purportedly involved in drone strikes against terrorists in Syria and Iraq.
At the weekend, a group calling itself the “Islamic State Hacking Division” circulated online the names, home addresses and photographs of more than 70 US staff, including women. It urged supporters: “Kill them wherever they are, knock on their doors and behead them, stab them, shoot them in the face or bomb them.”
The group also claimed that it might have a mole in Britain’s Ministry of Defence and threatened to publish “secret intelligence” in the future that could identify RAF drone operators. The claim could not be verified.
The hacking division was previously led by Junaid Hussain, a computer hacker from Birmingham who was killed by a US drone strike in Syria last August after he was discovered to be orchestrating attacks against the West.
Inquiries made by The Sunday Times suggested that the … Read more
February 2nd, 2016
2 February 2016 – Super Bowl 50 will be big in every way. A hundred million people will watch the game on TV. Over the next ten days, 1 million people are expected to descend on the San Francisco Bay Area for the festivities.
And, according to the FBI, 60 federal, state, and local agencies are working together to coordinate surveillance and security at what is the biggest national security event of the year.
Previous year’s Superbowl security measures have included WMD sensors, database-backed facial recognition, and gamma-ray vehicle scanners. Given the fears and cautions in the air about this year’s contest, it’s easy to guess that the scanning and sensing will be even more prevalent this time.… Read more
January 27th, 2016
27 January 2016 – So the latest in the laid off Disney IT worker saga. According to ComputerWorld:
“Disney IT workers laid off a year ago this month are now accusing the company and the outsourcing firms it hired of engaging in a ‘conspiracy to displace U.S. workers.’ The allegations are part of two lawsuits filed in federal court in Florida on Monday. Between 200 and 300 Disney IT workers were laid off in January 2015. Some of the workers had to train their foreign replacements — workers on H-1B visas — as a condition of severance. The lawsuits represent what may be a new approach in the attack on the use of H-1B workers to replace U.S. workers.
They allege violations of the Federal Racketeer Influenced and Corrupt Organizations Act (RICO), claiming that the nature of the employment of the H-1B workers was misrepresented, and that Disney and the contractors knew the ultimate intent was to replace U.S. workers with lower paid H-1B workers.”… Read more
January 23rd, 2016
23 January 2016 – There is growing evidence that intrusions into the power grid and other critical infrastructure by hostile foreign nation states are real and happening. But there’s “much less agreement over how much of a threat hackers are,” writes Taylor Armerding. “On one side are those – some of them top government officials – who have warned that a cyber attack on the nation’s critical infrastructure could be catastrophic,”writes Armerding.
Others are crying FUD, including C. Thomas, a strategist at Tenable Network Security, who got some attention when he argued in an op-ed that the biggest threat to the U.S. power grid not a skilled hacker, but squirrels, are crying FUD.
Who has it right? Agreement seems to coalesce around two points:
1) the cyber security of industrial control systems remains notoriously weak, and
2) hostile hackers will improve their skills over time.
So, while we haven’t reached “catastrophe” yet, a properly motivated terrorist group could become a cyber threat.
… Read more