Hacking The High Ground

Not content to merely cyberattack our civilian and military computer systems every second of every day, the Chinese have now taken their hacking attacks to a whole new, higher level.

Chinese Military Suspected in Hacker Attacks on U.S. Satellites

Computer hackers, possibly from the Chinese military, interfered with two U.S. government satellites four times in 2007 and 2008 through a ground station in Norway, according to a congressional commission.

The intrusions on the satellites, used for earth climate and terrain observation, underscore the potential danger posed by hackers, according to excerpts from the final draft of the annual report by the U.S.-China Economic and Security Review Commission. The report is scheduled to be released next month.

“Such interference poses numerous potential threats, particularly if achieved against satellites with more sensitive functions,” according to the draft. “Access to a satellite‘s controls could allow an attacker to damage or destroy the satellite. An attacker could also deny or degrade as well as forge or otherwise manipulate the satellite’s transmission.”

See also:
Hackers Interfered With Two U.S. Satellites, Draft Report Says
Hackers Interfered With 2 US Government Satellites
Hackers reportedly behind U.S. government satellite disruptions
Hackers Targeted U.S. Government Satellites
Chinese military may have hacked US satellites
China may have hacked US satellites
Hackers Targeted U.S. Government Satellites
U.S. satellites tampered by hackers
Hackers interfered with two U.S. satellites, report says
Chinese hackers suspected of interfering with US satellites
New hacker target: Government satellites
Chinese hackers may have attacked U.S. satellites
China suspect in US satellite interference: report
US reportedly attacked by Chinese hackers linked with the military
US Satellites hacked by Chinese Military says Congressional Commission

Given their ongoing and constant obsession with conducting cyberwarfare, it’s hardly surprising that the Chinese would be interested in attacking satellites. After all, in the event of hostilities, taking out the enemy’s satellites would effectively render them “blind”. The U.S. military is particularly dependent on satellite technology for communication and navigation, so it would only be logical for the Chinese, either by hacking or with kinetic strikes, to attempt to neutralize our satellite network and with it our technological advantage. The question is, what are we doing to counter this extremely obvious and serious threat?

/does anyone still remember how to navigate using a map and compass?

Good Luck With That Guy Fawkes

You really want to piss off important, rich and powerful people and call down the almighty wrath of God upon yourself? [Expletive deleted] with their money. This is so much bull[expletive deleted]. The New York Stock Exchange is one of the most hardened, redundant,and secure computer systems on Earth, Anonymous doesn’t have a chance in Hell of crippling it or shutting it down. Anonymous does, however, have a 100% chance of attracting a massive law enforcement investigative effort. Be sure to lock Mom’s basement door script kiddies and don’t forget to ask to see the warrant when the FBI comes knocking, if they knock.

Hacker Group Anonymous Threatens to Attack Stock Exchange

The FBI is investigating threats purportedly from the hacking collective that calls itself Anonymous to bring down the New York Stock Exchange on Monday by hacking into its computer system.

Members of the notorious hacker group appear to be threatening to bring the Occupy Wall Street protests in New York to a dangerous new level, sounding a call to “declare war on the New York Stock Exchange” on Monday by “erasing” it from the Internet.

“The FBI is aware of these schemes and threats and is looking into the matter,” FBI spokesman Tim Flannelly told FoxNews.com.

The hackers say they plan to launch a DDoS (or distributed denial of service) attack on the NYSE’s computer systems — the same type of computer attack that brought down numerous websites last Spring, making them inaccessible.

See also:
Anonymous Vows to Attack NYSE in Support of Wall Street Protests
Anonymous Threatens New York Stock Exchange Attack
Anonymous Hack Attack on NYSE: Will They or Won’t They?
Anonymous Vows to Attack NYSE
Anonymous Vows to Attack NYSE in Support of Wall Street Protests
A Tree Falls In The Forest: Anonymous Threatens To “Erase” NYSE From Internet
Is NYSE Vulnerable to Cyber Attack? Anonymous Might Just Try
Anonymous Group Pledges Digital Raid on NYSE Next Week
Anonymous Threatens to ‘Erase NYSE from the Internet’
Anonymous to (Maybe) Attack NYSE on Monday, Unconfirmed
‘Anonymous threat’ plot to undermine Wall Street protest?
Anonymous declares war on Wall Street? (Updates)
‘Invade Wall Street’: Occupy Wall Street’s Evil (And Probably Fake) Twin

With a threat this serious, the FBI is likely to get some help in hunting down these Anonymous douche nozzles, namely the full spectrum of U.S. “national technical means”. If Anonymous actually tries to attack the NYSE, using anything that requires electricity, they’ll quickly find out that they’re not so anonymous.

/hey scumbags, you’re in over your heads here, remember what happened to your mascot Guy Fawkes?

Have We Attacked China Yet?

No sooner was it publicly revealed that the United States would now treat damaging cyberattacks by other nations as an act of war, threatening retaliation with conventional weapons, the new, bold, some say foolish, policy, was immediately put to the test.

China Google hackers’ goal: Spying on U.S. Govt.

It’s the second time Google has blamed a major computer hacking scheme on China, reports CBS News correspondent Wyatt Andrews.

This time Google says unknown hackers from Jinan, China, a city with a military command center, stole the personal Gmail passwords of hundreds of senior U.S .government officials.

Google said the hackers’ “goal” was to eavesdrop on the officials — “to monitor the content of the users’ emails.”

That suggestion — of spying — rang alarm bells in the Administration.

“These allegations are very serious,” said Secretary of State Hillary Clinton. “We take them seriously. We’re looking into them.”

See also:
Clinton: Google’s China Hacking Claims ‘Very Serious’
Hillary Clinton says FBI will probe Gmail hacker attack
US Investigating Google Claim of China Hacking
FBI Investigating Google Claim that China Hacked Them
Google breach gives way to diplomatic, high-tech tensions
China Denies Accessing High Profile Gmail Accounts
Google’s groundless accuses hurt global trust on Internet
The Google-China Saga Continues
Admin: Gmail phishers stalked victims for months
Gmail Hack Targeted White House
Cyber war: Google, China in fresh spat over email hacking
Google, what exactly is the China connection for the phishing scare?
Is Google an agent of the US Government? It certainly gives that impression

So far, the U.S. has uncovered a successful espionage phishing expedition, against top level U.S. Government officials, tracked back to a specific Chinese city. Why aren’t we bombing China, isn’t this a perfect situation to show how our new military policy will treat hacking intrusions like this as acts of war? Unfortunately for us, China denies the attack and, as I pointed out yesterday, it’s extremely difficult to be absolutely sure as to the origins of cyberattacks like this, so we do nothing and our brand new policy looks foolish and radiates national weakness.

/instead of making toothless threats to send missile strikes in response to hack attacks, why don’t we just send the Chinese back a nice Stuxnet worm or take down Baidu with a complimentary DoS attack

Do You Own A Sony HackStation?

You’ve probably already noticed that your Sony PlayStation won’t connect to the online network, but do you know that hackers probably stole all your personal data, including your credit card number, too?

User data stolen in Sony PlayStation Network hack attack

Sony is warning its millions of PlayStation Network users to watch out for identity-theft scams after hackers breached its security and plundered the user names, passwords, addresses, birth dates, and other information used to register accounts.

The stolen information may also include payment-card data, purchase history, billing addresses, and security answers used to change passwords, Sony said on Tuesday. The company plans to keep the hacked system offline for the time being, and to restore services gradually. The advisory also applies to users of Sony’s related Qriocity network.

See also:
Sony Warns Online Hacker May Have Stolen Credit Card Data
Sony’s PlayStation Network and Qriocity hacked
77million PlayStation accounts hacked
Breach at Sony may include profiles
Massive data breach suspected in Sony PlayStation hacker attack
Sony: Card details may be compromised
Millions of PlayStation user’s information hacked
PlayStation Network hacked, data stolen: how badly is Sony hurt?
Sony’s PlayStation Network Hacked, User Data Stolen
Sony Explains Delayed Response to Hacked PSN Accounts
Sony’s PlayStation Network Is Hacked

With 77 million potential victims, this could wind up being the largest data theft in history. If you own a PlaySyation, make sure you keep an eye on your credit card account for any unusual activity and change your passwords and probably as much other PlayStation Network account information as you can as soon as the system goes back online.

/and watch out for phishing attacks, if Sony contacts you, make damn sure it’s actually Sony

If It’s Thursday, It Must Be Time To Patch Flash

If you watch YouTube videos or read PDF files, you’re gonna want to pay attention.

After attacks, Adobe fixes Flash bug

Less than a week after fielding reports that hackers were targeting a bug in its Flash Player software, Adobe Systems has rushed out a fix for the problem.

Adobe’s new 10.1 Flash update, released Thursday, fixed a bug that was first spotted via a small number of targeted attacks late last week.

According to Symantec, these Flash attacks are still not widespread, but users should update their Flash software as soon as possible. “We have been seeing a small but steady rise in detections of related malicious PDFs and we expect to continue to see these numbers increase over the coming hours and days,” the security vendor said in a statement.

Criminals have been exploiting the flaw using malicious Flash swf files, which are typically opened by the Web browser’s Flash Player plugin, or via PDFs that have maliciously encoded Flash components embedded inside them, Adobe said Thursday. Those malicious PDFs are typically opened by Reader or Acrobat, which include their own versions of Flash Player that have not yet been patched. That fix is due June 29.

Thursday’s update includes an unusually large number of security bug-fixes, 32 in all. “It’s a huge number of bugs fixed, something along the lines of what we’d expect of Apple,” said Andrew Storms, director of security operations with nCircle Network Security.

Adobe’s Flash and Reader software have emerged as prime hacking targets in the past year, and the company is toying with the idea of releasing more frequent security updates to keep pace.

See also:
Adobe Flash Player version 10.1
Exploit for new Flash vulnerability spreading fast
Adobe releases Flash 10.1 and patch bundle
Adobe Issues Massive Flash Security Update
Adobe plugs 32 security holes in ‘critical’ Flash Player patch
Adobe Issues Security Patch
Adobe Flash Player 10.1 released for Windows, Mac, Linux
Adobe debuts What Jobs Hates™ v10.1
Adobe Releases Flash Player 10.1, AIR 2
Adobe releases Flash Player 10.1 for Mac
Adobe Reader 9.3
Adobe Systems

Be careful, the Flash update tries to install Google Toolbar by default. So, unless you want Google Toolbar, make sure you uncheck the box for Google Toolbar before you hit the install button. If Google Toolbar gets mistakenly installed, you can always uninstall it using Control Panel/Add or Remove Programs.

/damn, I hate it when software vendors try and tack on unrelated, third party software by default to the software download you actually want to install

Thank You Director Obvious!

Intelligence officials say al-Qaeda will try to attack U.S. in next 6 months

The Obama administration’s top intelligence officials on Tuesday described it as “certain” that al-Qaeda or its allies will try to attack the United States in the next six months, and they called for new flexibility in how U.S. officials detain and question terrorist suspects.

The officials, testifying before the Senate intelligence committee, also warned of increased risk of cyber-attacks in the coming months, saying that the recent China-based hacking of Google’s computers was both a “wake-up call” and a forerunner to future strikes aimed at businesses or intended to cause economic disruption.

“Al-Qaeda maintains its intent to attack the homeland — preferably with a large-scale operation that would cause mass casualties, harm the U.S. economy or both,” Director of National Intelligence Dennis C. Blair told the committee in a hearing convened to assess threats against the country.

See also:
Annual Threat Assessment of the US Intelligence Community for the Senate Select Committee on Intelligence
Intel chief: al-Qaeda likely to attempt attack
Officials Warn al Qaeda ‘Certain’ to Try Attack Soon
Intelligence Officials Warn Attempted Al Qaeda Attack Months Away
Al-Qaeda Likely to Try U.S. Attack Within Six Months (Update2)
Intelligence chiefs: Al Qaeda attack imminent
Al-Qaeda ‘to attempt US attack soon’
Senators Warned of Terrorist Attack on U.S. by July
Concerns grow over Al Qaeda’s group in Yemen
U.S. flying blind as intel chief says terror attack likely within six months

Al Qaeda still wants to launch attacks against the U.S. homeland at the earliest possible opportunity, really? You mean they haven’t given up on their global jihad against Western civilization? I’m shocked I tell you, shocked!

/in other breaking news, water is wet, fire is hot, and [expletive deleted] stinks

The Cyberwar Rages 24/7

Corporations’ cyber security under widespread attack, survey finds

Around the world, corporations’ computer networks and control systems are under “repeated cyberattack, often from high-level adversaries like foreign nation-states,” according to a new global survey of information technology executives.

The attacks include run-of-the-mill viruses and other “malware” that routinely strike corporate defenses, but also actions by “high-level” adversaries such as “organized crime, terrorists, or nation states,” a first-time global survey by the Center for Strategic and International Studies (CSIS) in Washington has found. More than half of the 600 IT managers surveyed, who operate critical infrastructure in 14 countries, reported that their systems have been hit by such “high-level” attacks, the survey concludes.

A large majority, 59 percent, said they believed that foreign governments or their affiliates had already been involved in such attacks or in efforts to infiltrate important infrastructure – such as refineries, electric utilities, and banks – in their countries.

Such attacks, the survey said, include sophisticated denial-of-service attacks, in which an attacker tries to so overwhelm a corporate network with requests that the network grinds to a halt.

But they also include efforts to infiltrate a company. Fifty-four percent of the IT executives said their companies’ networks had been targets of stealth attacks in which infiltration was the intent. In two-thirds of those cases, the IT managers surveyed said company operations had been harmed.

The IT managers also believed that these “stealthy” attacks were conducted by “nation states” targeting their proprietary data, says the survey’s main author, CSIS fellow Stewart Baker, in a phone interview. Mr. Baker is a cybersecurity expert formerly with the Department of Homeland Security and National Security Agency.

“It’s all the same kind of stuff – spear-phishing, malware, taking over the network and downloading-whatever-you-want kind of attack,” he says. “Over half of these executives believe they’ve been attacked with the kind of sophistication you’d expect from a nation state.”

The CSIS report describes such attacks as “stealthy infiltration” of a company’s networks by “a high-level adversary” akin to a “GhostNet,” or large spy ring featuring “individualized malware attacks that enabled hackers to infiltrate, control and download large amounts of data from computer networks.” The GhostNet attacks, which Canadian researchers attributed to Chinese state-run agencies, bear similarities to recent attacks on Google and other high-tech companies, Baker says. Google attributed attacks on it to entities in China.

Read the report:
In the Crossfire: Critical Infrastructure in the Age of Cyber War

See also:
In the Crossfire: Critical Infrastructure in the Age of Cyber War
Report: Critical Infrastructures Under Constant Cyberattack Globally
Utilities, Refineries and Banks Are Victims of Cyber Attacks, Report Says
Critical Infrastructure under Siege from Cyber Attacks
Critical Infrastructure Vulnerable To Attack
Critical Infrastructure Security a Mixed Bag, Report Finds
Report shows cyberattacks rampant; execs concerned
Key infrastructure often cyberattack target: survey
Critical infrastructure execs fear China
SCADA system, critical infrastructure security lacking, survey finds

Ironically, the more dependent we become on interconnected network technology, the more vulnerable we become too.

/so keep your fingers crossed and your computers patched against hacking and intrusion, at least you can do your part to avoid being part of the problem

Microsoft Cleans Up After Chinese Hack Of Google, Obama Turns The Other Cheek

Microsoft to release patch for IE hole on Thursday

Microsoft said on Wednesday that it will release on Thursday a patch to fix the latest hole in Internet Explorer that was used in the China-based attack on Google and for which an exploit has been released on the Internet since last week.

The company plans to release the patch as close to 10 a.m. PST on Thursday as possible and host a public Webcast at 1 p.m. PST, according to the security advisory.

Microsoft continues to see limited attacks and has only seen evidence of successful attacks against Internet Explorer 6, according to Jerry Bryant, senior security program manager at Microsoft.

“This is a standard cumulative update, accelerated from our regularly scheduled February release, for Internet Explorer with an aggregate severity rating of Critical,” he said in a statement.

“It addresses the vulnerability related to recent attacks against Google and a small subset of corporations, as well as several other vulnerabilities. Once applied, customers are protected against the known attacks that have been widely publicized,” Bryant said. “We recommend that customers install the update as soon as it is available. For customers using automatic updates, this update will automatically be applied once it is released.”

Vulnerable software is IE 6 on Microsoft Windows 2000 and IE 6, 7, and 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2, Microsoft said.

So, while China continues its relentless, covert cyberwar against U.S. and other Western commercial, government, and military targets, stealing information and secrets and causing economic and national security damage to our computer networks, guess what the Obama administration has decided to do, against the advice of U.S. intelligence officials and experts?

China removed as top priority for spies

The White House National Security Council recently directed U.S. spy agencies to lower the priority placed on intelligence collection for China, amid opposition to the policy change from senior intelligence leaders who feared it would hamper efforts to obtain secrets about Beijing’s military and its cyber-attacks.

The downgrading of intelligence gathering on China was challenged by Director of National Intelligence Dennis C. Blair and CIA Director Leon E. Panetta after it was first proposed in interagency memorandums in October, current and former intelligence officials said.

The decision downgrades China from “Priority 1” status, alongside Iran and North Korea, to “Priority 2,” which covers specific events such as the humanitarian crisis after the Haitian earthquake or tensions between India and Pakistan.

The National Security Council staff, in response, pressed ahead with the change and sought to assure Mr. Blair and other intelligence chiefs that the change would not affect the allocation of resources for spying on China or the urgency of focusing on Chinese spying targets, the officials told The Washington Times.

White House National Security Council officials declined to comment on the intelligence issue. Mike Birmingham, a spokesman for Mr. Blair, declined to comment. A CIA spokesman also declined to comment.

But administration officials, speaking on the condition of anonymity, said the new policy is part of the Obama administration’s larger effort to develop a more cooperative relationship with Beijing.

See also:
Microsoft Security Bulletin Advance Notification for January 2010
New IE hole exploited in attacks on U.S. firms
Microsoft Scrambles to Patch Browser
Microsoft patching “Google hack” flaw in IE tomorrow
Microsoft Security Bulletin MS10-002 Coming Thursday for IE Zero-Day
Microsoft to issue “Google attack” browser patch
Microsoft to issue emergency IE patch Thursday
Microsoft will issue emergency IE patch on Thursday
China removed as top priority for spies
China no longer top priority for intelligence gathering: White House
‘China no longer top priority for intelligence gathering’
China: Still an Intelligence Priority

Relax, don’t worry, the country is in the very best of hands.

/Obama’s NSC, more than a dozen morons stuffed in a four passenger clown car

Peek A Boo, China Is Waging Undeclared War On You

Is your computer acting squirrelly, your internet connection spotty? It might not be Microsoft after all, it could be Chinese military sponsored hackers.

Congressional commission focuses on China’s cyberwar capability

In war and possibly in peace, China will wage cyberwar to control the information flow and dominate the battle space, according to a new report compiled for a congressional commission.

Chinese military strategists see information dominance as the key to overall success in future conflicts and will continue to expand the country’s computer network exploitation capabilities, according to the report, titled “Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation.” The report was prepared for the U.S.-China Economic and Security Review Commission under contract by Northrop Grumman’s Information Systems Sector.

In a conflict, China will likely target the U.S. government and private industry with long-term, sophisticated computer network exploitation and intelligence collection campaigns, the report concludes. U.S. security agencies can expect to face disciplined, standardized operations; sophisticated techniques; high-end software; and a deep knowledge of the U.S. networks, according to the report (PDF).

The strategy employed by the People’s Liberation Army–China’s military organization–is to consolidate computer network attacks with electronic warfare and kinetic strikes, creating “blind spots” in enemy systems to be exploited later as the tactical situation warrants, according to the report. The strategy, which has been adopted by the world’s other technologically inclined armies, is referred to by the PLA as “Integrated Network Electronic Warfare,” the report stated.

The emphasis on information warfare has forced the PLA to recruit from a wide swath of the civilian sector, according to the report. As is the case with the U.S. military and its new Cyber Command, the PLA looks to commercial industry and academia for people possessing the requisite specialized skills and pasty pallor to man the keyboards. And although it hints broadly at it, the report offers no evidence of ties between the PLA and China’s hacker community.

The U.S.-China Economic and Security Review Commission reports and provides recommendations to Congress on the national security implications of the bilateral trade and economic relationship between the United States and the People’s Republic of China.

China Expands Cyberspying in U.S., Report Says

The Chinese government is ratcheting up its cyberspying operations against the U.S., a congressional advisory panel found, citing an example of a carefully orchestrated campaign against one U.S. company that appears to have been sponsored by Beijing.

The unnamed company was just one of several successfully penetrated by a campaign of cyberespionage, according to the U.S.-China Economic and Security Review Commission report to be released Thursday. Chinese espionage operations are “straining the U.S. capacity to respond,” the report concludes.

See also:
Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation
Evidence Points To China In Cyber Attacks
Report: China building cyberwarfare capabilities
Security report finds Chinese cyberspying threat growing
U.S. report says China engages in cyber warfare
China fingered in cyberattack on mystery high tech co.
‘Huawei continues to receive preferential funding from China’s army’, says US Commission
United States-China Economic and Security Review Commission

/I sure hope Obama and company are putting at least as much time and energy into fighting this undeclared cyberwar with China as they are prosecuting their childish, whiny, crybaby media war against Fox News