Can You Hack It?

Calling all hackers, do you pack what it takes?

NSA is looking for a few good hackers

The National Security Agency has a challenge for hackers who think they’re hot stuff: Prove it by working on the “hardest problems on Earth.”

Computer hacker skills are in great demand in the U.S. government to fight the cyberwars that pose a growing national security threat — and they are in short supply.

For that reason an alphabet soup of federal agencies — DOD, DHS, NASA, NSA — are descending on Las Vegas this week for Defcon, an annual hacker convention where the $150 entrance fee is cash only — no registration, no credit cards, no names taken. Attendance is expected to top 10,000.

The NSA is among the keen suitors. The spy agency plays offense and defense in the cyberwars. It conducts electronic eavesdropping on adversaries, and it protects U.S. computer networks that hold super-secret material — a prime target for America’s enemies.

See also:
NSA Wants to Hire Hackers at DefCon
US gov’t building hacker army for cyber war
U.S. government hankers for hackers
U.S. Federal Agencies Look to Hire Hackers at Defcon; Cyber Criminals Offer Services to the Public
US government agencies scouting for computer hackers: report
Federal Agencies to Recruit Hackers at Defcon
R u h4X0R? n33d @ jo8? NSA wants you (locked up in a cubicle, not a cell)
The NSA Wants More Hackers for Their ‘Collection of Geeks’
Welcome to the National Security Agency – NSA/CSS
National Security Agency
Defcon
DEF CON

Would you rather work for them or be hunted down by them? If you’re good enough, it probably pays pretty well and beats sitting in a prison cell.

/don’t forget to bring your white hat

Advertisements

They Got Fooled Again

Much like the United States, Iran seems to have a real problem protecting its computer networks. Someone seems to be obsessed with sabotaging their nuclear program. I wonder who that might be?

Second computer virus infiltrates Iran’s computer systems

Iran has discovered a second computer virus designed to damage government computer systems.

The discovery of the virus, called Stars, was announced Monday by a senior Iranian official, Gholam-Reza Jalali, head of an Iranian cyberdefense agency, according to reports.

Jalali said in a statement that the damage from the virus, which looks like a regular government computer file, has been minimal and that Iranian scientists are currently studying the virus.

The virus was aimed at nuclear facilities, according to the Washington Post, and seems to suggest “a broader campaign by foreign saboteurs to undermine Iran’s atomic energy program.”

See also:
New Computer Strike Could Target Iranian Atomic Sites
Fresh Virus Outbreak Affects Iran’s Computer Systems
Iran discovers 2nd virus attack
New cyber attack targets Iran
Iran Claims Stars Virus a Second Cyber-Attack
Iranian official: New computer worm discovered
Iran investigates Stars virus
Iran Says It Was Targeted With Second Worm, Stars
As the Worm Turns: Iran Sees Stars
Iran says is uncovers second cyber attack
Iran Under Fresh Malware Attack
Security experts can’t verify Iran’s claims of new worm
Is the Stars Worm Just a Hoax?

Well, I certainly hope the Stars virus attack on Iran’s nuclear program isn’t a hoax and does as much damage as the Stuxnet worm, which was apparently wildly more effective than Iran is admitting to.

/you’ll note that Iran still hasn’t managed to power up the Bushehr reactor, which is as good a yardstick as any that their nuclear program has been ground to a halt

Weakest Link In The Chain

Who’s running the show here, Microsoft?

Cyber Command chief suggests Pentagon networks are vulnerable

In his first hearing before the House Armed Services Committee, new US Cyber Command head Gen. Keith Alexander offered a troubling window into the threats that Pentagon networks face at the hands of terrorist and criminal syndicates, foreign intelligence organizations, and “hacktivists” intent on infiltrating power grids and financial networks.

These are threats that could hamper the US war effort in Afghanistan. Though the command recently deployed an “expeditionary cybersupport” unit to help to defend US networks in Afghanistan, Alexander on Thursday told the committee: “We’re not where we need to be” in ensuring the security of US military networks there.

In the past, cyberattackers have been able to steal key information from the US troops who rely on sophisticated equipment, including data on convoy supply routes, according to senior US officials.

Every hour, there are some 250,000 attempted attacks on Defense Department networks worldwide, Alexander told the committee. Throughout the Department of Defense, there are more than 15,000 different computer networks, including 7 million computers on some 4,000 military installations, committee chairman Rep. Ike Skelton (D) of Missouri pointed out.

See also:
Cybercom Chief Details Cyberspace Defense
Pentagon Faces Massive Cyber Threats
Military’s cyber defense limited in protection of US, top general says
Gaps in authority hamper military against cyber-attacks
Pentagon: Military networks vulnerable
Cyber Command chief proposes secure network for government, key industries
US reviewing ways to fight cyber attacks: general
Cyberwar Chief Calls for Secure Computer Network
An army of tech-savvy warriors has been fighting its battles in cyberspace
NSA chief envisions ‘secure zone’ on Internet to guard against attacks
White House reviews nation’s cybersecurity

Well, obviously, for starters, you could solve most of these problems by severing all connections between critical defense and infrastructure networks and the public internet. I’m pretty sure they already know that, so I’m not sure why this basic step has yet to be completed.

/today’s U.S. warfighters are so dependent on electronics that I sometimes wonder what would happen if, say an EMP attack disabled all their electronic gear, are they even trained to fight the old fashioned way anymore or would they be helpless?

The Cyberwar Rages 24/7

Corporations’ cyber security under widespread attack, survey finds

Around the world, corporations’ computer networks and control systems are under “repeated cyberattack, often from high-level adversaries like foreign nation-states,” according to a new global survey of information technology executives.

The attacks include run-of-the-mill viruses and other “malware” that routinely strike corporate defenses, but also actions by “high-level” adversaries such as “organized crime, terrorists, or nation states,” a first-time global survey by the Center for Strategic and International Studies (CSIS) in Washington has found. More than half of the 600 IT managers surveyed, who operate critical infrastructure in 14 countries, reported that their systems have been hit by such “high-level” attacks, the survey concludes.

A large majority, 59 percent, said they believed that foreign governments or their affiliates had already been involved in such attacks or in efforts to infiltrate important infrastructure – such as refineries, electric utilities, and banks – in their countries.

Such attacks, the survey said, include sophisticated denial-of-service attacks, in which an attacker tries to so overwhelm a corporate network with requests that the network grinds to a halt.

But they also include efforts to infiltrate a company. Fifty-four percent of the IT executives said their companies’ networks had been targets of stealth attacks in which infiltration was the intent. In two-thirds of those cases, the IT managers surveyed said company operations had been harmed.

The IT managers also believed that these “stealthy” attacks were conducted by “nation states” targeting their proprietary data, says the survey’s main author, CSIS fellow Stewart Baker, in a phone interview. Mr. Baker is a cybersecurity expert formerly with the Department of Homeland Security and National Security Agency.

“It’s all the same kind of stuff – spear-phishing, malware, taking over the network and downloading-whatever-you-want kind of attack,” he says. “Over half of these executives believe they’ve been attacked with the kind of sophistication you’d expect from a nation state.”

The CSIS report describes such attacks as “stealthy infiltration” of a company’s networks by “a high-level adversary” akin to a “GhostNet,” or large spy ring featuring “individualized malware attacks that enabled hackers to infiltrate, control and download large amounts of data from computer networks.” The GhostNet attacks, which Canadian researchers attributed to Chinese state-run agencies, bear similarities to recent attacks on Google and other high-tech companies, Baker says. Google attributed attacks on it to entities in China.

Read the report:
In the Crossfire: Critical Infrastructure in the Age of Cyber War

See also:
In the Crossfire: Critical Infrastructure in the Age of Cyber War
Report: Critical Infrastructures Under Constant Cyberattack Globally
Utilities, Refineries and Banks Are Victims of Cyber Attacks, Report Says
Critical Infrastructure under Siege from Cyber Attacks
Critical Infrastructure Vulnerable To Attack
Critical Infrastructure Security a Mixed Bag, Report Finds
Report shows cyberattacks rampant; execs concerned
Key infrastructure often cyberattack target: survey
Critical infrastructure execs fear China
SCADA system, critical infrastructure security lacking, survey finds

Ironically, the more dependent we become on interconnected network technology, the more vulnerable we become too.

/so keep your fingers crossed and your computers patched against hacking and intrusion, at least you can do your part to avoid being part of the problem

Microsoft Cleans Up After Chinese Hack Of Google, Obama Turns The Other Cheek

Microsoft to release patch for IE hole on Thursday

Microsoft said on Wednesday that it will release on Thursday a patch to fix the latest hole in Internet Explorer that was used in the China-based attack on Google and for which an exploit has been released on the Internet since last week.

The company plans to release the patch as close to 10 a.m. PST on Thursday as possible and host a public Webcast at 1 p.m. PST, according to the security advisory.

Microsoft continues to see limited attacks and has only seen evidence of successful attacks against Internet Explorer 6, according to Jerry Bryant, senior security program manager at Microsoft.

“This is a standard cumulative update, accelerated from our regularly scheduled February release, for Internet Explorer with an aggregate severity rating of Critical,” he said in a statement.

“It addresses the vulnerability related to recent attacks against Google and a small subset of corporations, as well as several other vulnerabilities. Once applied, customers are protected against the known attacks that have been widely publicized,” Bryant said. “We recommend that customers install the update as soon as it is available. For customers using automatic updates, this update will automatically be applied once it is released.”

Vulnerable software is IE 6 on Microsoft Windows 2000 and IE 6, 7, and 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2, Microsoft said.

So, while China continues its relentless, covert cyberwar against U.S. and other Western commercial, government, and military targets, stealing information and secrets and causing economic and national security damage to our computer networks, guess what the Obama administration has decided to do, against the advice of U.S. intelligence officials and experts?

China removed as top priority for spies

The White House National Security Council recently directed U.S. spy agencies to lower the priority placed on intelligence collection for China, amid opposition to the policy change from senior intelligence leaders who feared it would hamper efforts to obtain secrets about Beijing’s military and its cyber-attacks.

The downgrading of intelligence gathering on China was challenged by Director of National Intelligence Dennis C. Blair and CIA Director Leon E. Panetta after it was first proposed in interagency memorandums in October, current and former intelligence officials said.

The decision downgrades China from “Priority 1” status, alongside Iran and North Korea, to “Priority 2,” which covers specific events such as the humanitarian crisis after the Haitian earthquake or tensions between India and Pakistan.

The National Security Council staff, in response, pressed ahead with the change and sought to assure Mr. Blair and other intelligence chiefs that the change would not affect the allocation of resources for spying on China or the urgency of focusing on Chinese spying targets, the officials told The Washington Times.

White House National Security Council officials declined to comment on the intelligence issue. Mike Birmingham, a spokesman for Mr. Blair, declined to comment. A CIA spokesman also declined to comment.

But administration officials, speaking on the condition of anonymity, said the new policy is part of the Obama administration’s larger effort to develop a more cooperative relationship with Beijing.

See also:
Microsoft Security Bulletin Advance Notification for January 2010
New IE hole exploited in attacks on U.S. firms
Microsoft Scrambles to Patch Browser
Microsoft patching “Google hack” flaw in IE tomorrow
Microsoft Security Bulletin MS10-002 Coming Thursday for IE Zero-Day
Microsoft to issue “Google attack” browser patch
Microsoft to issue emergency IE patch Thursday
Microsoft will issue emergency IE patch on Thursday
China removed as top priority for spies
China no longer top priority for intelligence gathering: White House
‘China no longer top priority for intelligence gathering’
China: Still an Intelligence Priority

Relax, don’t worry, the country is in the very best of hands.

/Obama’s NSC, more than a dozen morons stuffed in a four passenger clown car

Al Gore Wasn’t Even There 40 Years Ago

Internet Turns 40 Today: First Message Crashed System

Everyone surfing for last-minute Halloween costumes and pictures of black Lolcats today—what you might call the 40th anniversary of the Internet—can give thanks to the simple network message that started it all: “lo.”

On October 29, 1969, that message became the first ever to travel between two computers connected via the ARPANET, the computer network that would become the Internet.

The electronic dispatch was supposed to be the word “login,” but only the first two letters were successfully sent before the system crashed.

Still, that humble greeting marked the start of a phenomenon that has become such an important part of modern life that many experts argue access to it should be a right rather than a privilege.

ARPANET — The First Internet

The ARPANET was the first wide area packet switching network, the “Eve” network of what has evolved into the Internet we know and love today.

The ARPANET was developed by the IPTO under the sponsorship of DARPA, and conceived and planned by Lick Licklider, Lawrence Roberts, and others as described earlier in this section.

The ARPANET went into labor on August 30, 1969, when BBN delivered the first Interface Message Processor (IMP) to Leonard Kleinrock’s Network Measurements Center at UCLA. The IMP was built from a Honeywell DDP 516 computer with 12K of memory, designed to handle the ARPANET network interface. In a famous piece of Internet lore, on the side of the crate, a hardware designer at BBN named Ben Barker had written “Do it to it, Truett”, in tribute to the BBN engineer Truett Thach who traveled with the computer to UCLA on the plane.

The UCLA team responsible for installing the IMP and creating the first ARPANET node included graduate students Vinton Cerf, Steve Crocker, Bill Naylor, Jon Postel, and Mike Wingfield. Wingfield had built the hardware interface between the UCLA computer and the IMP, the machines were connected, and within a couple of days of delivery the IMP was communicating with the local NMC host, an SDS Sigma 7 computer running the SEX operating system. Messages were successfully exchanged, and the one computer ARPANET was born.

. . .

The first full ARPANET network connection was next, planned to be with Douglas Engelbart’s NLS system at the Stanford Research Institute (SRI), running an SDS-940 computer with the Genie operating system and connected to another IMP. At about 10:30 PM on October 29’th, 1969, the connection was established over a 50 kbps line provided by the AT&T telephone company, and a two node ARPANET was born. As is often the case, the first test didn’t work flawlessly, as Kleinrock describes below:

At the UCLA end, they typed in the ‘l’ and asked SRI if they received it; ‘got the l’ came the voice reply. UCLA typed in the ‘o’, asked if they got it, and received ‘got the o’. UCLA then typed in the ‘g’ and the darned system CRASHED! Quite a beginning. On the second attempt, it worked fine!

– Leonard Kleinrock, The Birth of the Internet.

Below is a record of the first message ever sent over the ARPANET.

internet

See also:
Internet’s 40th anniversary marked in U.S.
Internet turns 40 with birthday party
How 40 years of the Internet changed the world
Internet Pioneer Celebrates 40th Birthday Of Brainchild
Internet Celebrates Its 40th Anniversary
DARPA Celebrates Internet’s 40th Anniversary With Balloon Hunt
DARPA Celebrates Internet Anniversary with Bizarre Balloon Challenge
DARPA issues balloon-hunting $40k ‘Network Challenge’
ARPANET
History of ARPANET
DARPA
DARPA

Thank God for military research, it not only keeps us safe, it improves our lives, money well spent.

/we’ve come a long way from 50 kbps phone lines baby!

Peek A Boo, China Is Waging Undeclared War On You

Is your computer acting squirrelly, your internet connection spotty? It might not be Microsoft after all, it could be Chinese military sponsored hackers.

Congressional commission focuses on China’s cyberwar capability

In war and possibly in peace, China will wage cyberwar to control the information flow and dominate the battle space, according to a new report compiled for a congressional commission.

Chinese military strategists see information dominance as the key to overall success in future conflicts and will continue to expand the country’s computer network exploitation capabilities, according to the report, titled “Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation.” The report was prepared for the U.S.-China Economic and Security Review Commission under contract by Northrop Grumman’s Information Systems Sector.

In a conflict, China will likely target the U.S. government and private industry with long-term, sophisticated computer network exploitation and intelligence collection campaigns, the report concludes. U.S. security agencies can expect to face disciplined, standardized operations; sophisticated techniques; high-end software; and a deep knowledge of the U.S. networks, according to the report (PDF).

The strategy employed by the People’s Liberation Army–China’s military organization–is to consolidate computer network attacks with electronic warfare and kinetic strikes, creating “blind spots” in enemy systems to be exploited later as the tactical situation warrants, according to the report. The strategy, which has been adopted by the world’s other technologically inclined armies, is referred to by the PLA as “Integrated Network Electronic Warfare,” the report stated.

The emphasis on information warfare has forced the PLA to recruit from a wide swath of the civilian sector, according to the report. As is the case with the U.S. military and its new Cyber Command, the PLA looks to commercial industry and academia for people possessing the requisite specialized skills and pasty pallor to man the keyboards. And although it hints broadly at it, the report offers no evidence of ties between the PLA and China’s hacker community.

The U.S.-China Economic and Security Review Commission reports and provides recommendations to Congress on the national security implications of the bilateral trade and economic relationship between the United States and the People’s Republic of China.

China Expands Cyberspying in U.S., Report Says

The Chinese government is ratcheting up its cyberspying operations against the U.S., a congressional advisory panel found, citing an example of a carefully orchestrated campaign against one U.S. company that appears to have been sponsored by Beijing.

The unnamed company was just one of several successfully penetrated by a campaign of cyberespionage, according to the U.S.-China Economic and Security Review Commission report to be released Thursday. Chinese espionage operations are “straining the U.S. capacity to respond,” the report concludes.

See also:
Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation
Evidence Points To China In Cyber Attacks
Report: China building cyberwarfare capabilities
Security report finds Chinese cyberspying threat growing
U.S. report says China engages in cyber warfare
China fingered in cyberattack on mystery high tech co.
‘Huawei continues to receive preferential funding from China’s army’, says US Commission
United States-China Economic and Security Review Commission

/I sure hope Obama and company are putting at least as much time and energy into fighting this undeclared cyberwar with China as they are prosecuting their childish, whiny, crybaby media war against Fox News