U.S vulnerable?

Last week a top cyber security adviser to three former presidents announced the fragility of the U.S defense network. He speaks about the fact that our network is very vulnerable to outside attacks and how starting war could now hurt the U.S in many ways. He says that our network can be hacked by many outside sources taking away a lot of U.S control. With this power outsiders can control our economic markets our power grids almost everything. This could lead to the demise of the U.S because our economy would tank along with all of our commodities which are controlled by our network.

 

http://www.homelandsecuritynewswire.com/srinfrastructure20111114-nations-could-cripple-u-s-with-retaliatory-cyberattack

Is china behind global cyber attacks?

The U.S stock market hit a bump in the road when McAfee released reports about global attacks on huge corporate companies. These attacks violated companies personal information. Luckily McAfee was able to acquire logs from the control server and figure out all the companies that were attack after a long waiting period. Having all of this information the blame finger was pointed towards china. China didn’t take the news lightly and stated that McAfee was doing this to boost their public ratings. McAfee denied this saying that based of the information they have gathered it did point toward Chinese representatives.

Tor Network Compromised

Recently a group or researchers found and exploited some serious vulnerabilities in the Tor network. Tor is a free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis. “They performed an inventory of the network, finding 6,000 machines, many of whose IPs are accessible publicly and directly with the system’s source code.They demonstrated that it is possible to take control of the network and read all the messages that circulate.” This is very damaging to Tors reputation considering they are supposed to be securing people computers to some degree. “The specific attack that effected users created a virus and used it to infect such vulnerable systems in a laboratory environment, and thus decrypting traffic passing through them again via an unknown, unmentioned mechanism. Finally, traffic is redirected towards infected nodes by essentially performing a denial of service on clean systems.” All of these vulnerabilities create a lot of problems for the tor network and keep users wondering if this software is actual helping or hurting their computers.

http://thehackernews.com/2011/10/tor-anonymizing-network-compromised-by.html

Email Opens Back Door

Researchers found an interesting email that was altered and sent to a federal contractor EMC. EMC is the maker of secure id network login products. This email created a back door so the hackers could get right into the system undetected. Many were surprised at the fact that the email look like something a co-worker or employer would send to them, however behind the scenes it was far from a simple email. The email not only contained an exploit but it also can been seen as a trojan horse. For those who don’t know a trojan horse is a type of attacking technique that allows the creator to hide harmful information into what looks like a harmless email. This email gave attackers “full remote access to the infected. More worse the virus has full access to the network drive that the user can access.” Unfortunately it is the equability of manipulating files to not look malicious that hurts even the more intelligent computer advocates.

Sony Network Breach

Attacks last week from Friday to Monday on Sony’s network where discovered after a “small amount” of user names and passwords were acquired by hackers. Sony says that “credit card information was not at risk during this attack”. Although i don’t know a lot about Sony’s PSN(Play Station Network) database I will say that usually when you have access to a users user name and password you have access to all the information on the account. After these attacks were confirmed as unauthorized, Sony locked the accounts and sent users emails that their accounts had been locked due to unwarranted infiltration. Sony is now working with many users who have seen unauthorized charges on their accounts. They say that “the accounts that have unauthorized charges will be replaced” and they are “giving affected users a $1 million identity theft insurance policy and free games. It also gave all PSN members affected by the outage access to PlayStation Plus for a month.” After all of this Sony’s reputation has been damaged and the future doesn’t look so bright for Sony economically as this is the second attack that has happened in two months.

 

http://news.cnet.com/8301-1009_3-20118976-83/sony-locks-down-online-accounts-after-security-breach/?tag=contentMain;contentBody

Mysql.com hacked

Mysql.com has been hacked and is in fact infecting millions of computers as we speak. “The mysql.com website is injected with a script that generates an iFrame that redirects visitors to where a BlackHole exploit pack is hosted”. This virus infects the users browsing platform and upon successful exploitation installs a piece of malware into the visitors machine without their knowledge. Experts are still trying to figure out how to solve the problem but are struggling with only 9 percent of the AV solutions used by VirusTotal block it. Experts believe that the site has been compromised via Java Script malware that “infects a website through a compromised desktop(with virus), where it steals any stored passwords from the ftp client and uses that to attack the site.” Researchers add that they have seen an increase in the activity of selling root passwords to some of mysql.coms servers for $3,000 a piece. With all of this said we can see that there is a huge underground market for hackers. This leads me to believe that hacking in general for the bad side would perhaps make hacking very profitable and worth the risk especially if hackers are in countries with minimal hacking laws. Not to mention that all of these computers infected can act as zombies for attackers and possibly DDOS a system if programmed to.

Abusing HTTP Status Codes

The result of abusing HTTPS status codes is actually very severe. The format of this attack is fairly simple. A user will upload a picture into a website such as gmail.com on their account. Then they will enable to picture to be seen by everyone so their fore it is public. By doing so this allows hackers to almost inject different types of code into the html. This code is written in java script and can be prevented by just turning off the enabled java script option. However for a hacker this tool is very interesting. By injecting such code they can potentially tell if you are logged into a specific sight or not. They created a code that checks and sees if you are logged onto a website if not the status code returns something to the effect of “no tlogged in” if they are on the site then it will return “logged in”. This type of attack is very interesting because it is almost like a GPS tracker on your computer. The person who created the hack for better or less track a lot of your movement on the internet and ultimately stalk you. This type of script has worked with internet explorer, Mozilla Firefox , safari and chrome. This hack cant also attack Facebook users and see when they are logged on using a manipulated code but it is limited by some browsers.

https://grepular.com/Abusing_HTTP_Status_Codes_to_Expose_Private_Information

Defense Contractors Networks Hacked

On September 18th Japans largest defense contractor Mitsubishi Heavy Industries discovered at least 8 different pieces of malware on their system. Some of the malware included data stealing trojan horses. Once a hacker places this in the system, a hacker could potential steal a lot of military secrets/weapon designs. After further analysis the company said that information such as computer i.p adresses were stolen, however a Mitsubishi spokes person says that ” there is no possibility of any leakage of defense-related information at this point.”. The company admitted that once the attackers are inside the network it becomes a lot more difficult for them to detect intrusion. In May some U.S defense contractors were hit by cyber attacks as well. It was said that classified information was stolen about a top-secret weapons system.  U.S. Deputy Defense Secretary William Lynn has stated publicly that a foreign intelligence agency had been behind the attacks on defense contractors. All of this pretty much shows us that even a huge military defense contractors network can be compromised, and sensitive information will be leaked if so.

 

http://www.eweek.com/c/a/Security/Japans-Largest-Defense-Contractor-Hit-by-CyberAttackers-895254/

DNS Hack Leaves Hundreds of Thousands Vulnerable

On September forth it was reported that a “number of major sites have suffered as a result of a DNS hack. The DNS hacked either brought down sites or redirected the traffic to  a page set up by the Turkish hackers themselves. Although the hackers didn’t do this hypothetically someone could use this type of hack to redirect users to their own site increasing the number of hits on their site. This could eventually lead to a profit if the person who owns the site had advertisements on it, just a thought for thinking. Back to the article. These site such as ups.com either restored their service rather quickly, or in some cases had to wait up to 72 hours to propagate new settings, this all of course depending on the DNS system itself. “This turkish group broke into korean sites including those of Epson and HSBC, after domain registrar Gabia was hacked exposing over 100,000 domains and an estimated 350,000 users.” This hack although taking much skill also reaps a greater benefit by giving the hackers hundreds of thousands of users that are now vulnerable to further attacks and possible identity theft.

Vulnerabilites of Smart Phones

As technology is pushed to its pinnacle many problems from the security perspective start to arise. Smart phones or if you will mini computers are great examples. The technology for the average end-user is great, it allows for e-mails, word documents and thousands of applications to be shared with an enormous amount of people. What is the problem then you say? Well lets start with the fact that all of these new operating systems are in their baby stages. This means that there could be many vulnerabilities in the system just waiting to be exploited by a malicious hacker. Due to the growth of ways for these phones to connect to the internet through wi-fi and bluetooth networks new attacks will be formulated says a UK think tank. They believe that “man-in-the-middle” style attacks will become a reality, this meaning that a hacker with adequate skills will be able to intercept transmissions between devices and receivers. Another problem with these phones is that they are extremely interactive with each other. This itself is its own vulnerability because if a hacker were to create a virus that infects your phone and then sends it to all your contacts and so on and so forth it would theoretically create a catastrophic meltdown without a patch. Many are and should be afraid that viruses like the Conficker worm will reach smart phones, planting itself, waiting for a command from its owner and possibly stealing much information in the process. Knowing all of this Tony Dyhouse says that ” government investment in cyber crime is also extremely important and it is in the national interest of every country as millions are lost each year through electronic fraud.

http://www.computerweekly.com/Articles/2011/01/07/244797/Mobility-among-the-top-IT-security-threats-in-2011-says-UK-think.htm