Dog Brothers Public Forum

HOME | PUBLIC FORUM | MEMBERS FORUM | INSTRUCTORS FORUM | TRIBE FORUM

Welcome, Guest. Please login or register.
October 24, 2017, 12:55:50 AM

Login with username, password and session length
Search:     Advanced search
Welcome to the Dog Brothers Public Forum.
105431 Posts in 2394 Topics by 1093 Members
Latest Member: Cruces
* Home Help Search Login Register
+  Dog Brothers Public Forum
|-+  Politics, Religion, Science, Culture and Humanities
| |-+  Politics & Religion
| | |-+  Cyberwar, Cyber Crime, and American Freedom
« previous next »
Pages: 1 ... 8 9 [10] Print
Author Topic: Cyberwar, Cyber Crime, and American Freedom  (Read 118935 times)
Crafty_Dog
Administrator
Power User
*****
Posts: 41426


« Reply #450 on: July 23, 2017, 09:07:44 PM »

What are you doing?
Logged
G M
Power User
***
Posts: 15285


« Reply #451 on: July 23, 2017, 09:11:33 PM »

What are you doing?


Moving away from an urban death zone.

Logged
Crafty_Dog
Administrator
Power User
*****
Posts: 41426


« Reply #452 on: July 23, 2017, 09:17:27 PM »

Silly me, I was thinking electronically  cheesy e.g. storing this forum in some sort of device, unconnected to the internet so this forum can be resurrected with our work of all these years saved.
Logged
G M
Power User
***
Posts: 15285


« Reply #453 on: July 23, 2017, 10:20:37 PM »

Silly me, I was thinking electronically  cheesy e.g. storing this forum in some sort of device, unconnected to the internet so this forum can be resurrected with our work of all these years saved.


I'm planning on scenarios that put immediate concerns much lower on Maslow's hierarchy of needs.
Logged
G M
Power User
***
Posts: 15285


« Reply #454 on: July 24, 2017, 09:12:58 AM »

https://www.eenews.net/energywire/stories/1060057718/search

SECURITY
Grid threats require 'imagining the unimaginable' — report
Peter Behr, E&E News reporter Published: Friday, July 21, 2017
Power grid at sunset. Photo credit: Pixabay

A new National Academy of Sciences report has stark warnings for the U.S. electric power network. Pixabay
The U.S. electric power network is poorly equipped to restore electricity service to large areas blacked out by natural disasters or hostile attacks, a National Academy of Sciences panel warned yesterday in a report that looks into dark future scenarios that it says the nation and the public have not fully faced up to.

"The electricity system, and associated supporting infrastructure, is susceptible to widespread uncontrolled cascading failure, based on the interconnected and interdependent nature of the networks," the panel concluded in a 297-page report ordered by Congress and funded by the Department of Energy. "Despite all best efforts, it is impossible to avoid occasional, potentially large outages caused by natural disasters or pernicious physical or cyber attacks."

The panel, headed by M. Granger Morgan, an engineering professor at Carnegie Mellon University, proposed a long list of actions needed to create a "resilient" power grid that could recover from an unprecedented blow.

Morgan said the challenge should be a top priority, not in the sense of "do it tomorrow, or we're toast. But in the time scale of months, it's quite urgent."

"At present, planning for all types of hazards to public infrastructure is a disorganized and decentralized activity," the report said. "Too often in the past, the United States has made progress on the issue of resilience by 'muddling through,'" but that response is no longer tolerable, the report said. Multiple threats to the grid require authorities and industry to start "imagining the unimaginable" and planning for lower-probability but potentially catastrophic events.

The report comes as Energy Secretary Rick Perry's leadership team is completing a high-level review of power grid reliability and is working on a report on cybersecurity threats called for by President Trump. Both reports will set policy benchmarks for how the Trump administration will prioritize and fund federal responses to grid threats.

Travis Fisher, the DOE political appointee heading the reliability study, minimized the risk of a state-sponsored, large-scale cyber outage in a 2015 paper issued by the Institute for Energy Research, a pro-fossil-fuels advocacy organization. "Even though cyber threats do exist and are concerning, fears of catastrophic damage from a cyber attack are likely overblown," Fisher wrote then, saying that would-be attackers are deterred by the certainty of a U.S. in-kind response.

Some grid executives and federal security officials have said the same, but most cyber professionals conclude that the grid's exposure to potential attack is expanding constantly. Responding to a question yesterday, DOE spokeswoman Shaylyn Hynes said the IER paper "is not relevant to the grid study or cyber study."

The panel, whose members included academics, DOE laboratory scientists and a former regional grid chief executive, said the responsibility for recovery from a widespread power outage starts at the top.

Fragmented responsibility

"No single entity is responsible for, or has the authority to implement a comprehensive approach to assure the resilience of the nation's electricity system," the report said. "Even in federal programs focused explicitly on increasing grid resilience, planning and implementation of research and policy responses are fragmented across federal agencies. It is impossible to describe all of the relevant efforts succinctly."

The panel challenged DOE to fill that gap, leading longer-term federal, state and community actions to increase the grid's recovery capability. "No other entity in the United States has the mission to support such work," it said.

While many recommendations centered on the federal government, others pointed at the power industry.

"There has been a tendency among utilities and other commercial entities not to share information about cyber breaches and to look inward rather than seeking help, which limits potential for collaboration across organizations. Most utilities are not likely to have adequate internal staff directly experienced in large-scale cyber restoration," the report said.

It also urged more research on how electric vehicles, customer-owned solar power and microgrids could help the grid recover. In worst-case scenarios, customers might have to endure lengthy recoveries in which power is rationed, the study said. Families that have home systems able to use limited power supplies to run refrigerators and furnaces might avoid evacuation after a disaster, the authors said.

The report urged more financial support for DOE offices that fund research, development and demonstration programs on cybersecurity defenses and power grid monitoring and control systems. Trump's fiscal 2018 budget request proposed 41 percent spending cuts for both DOE's Office of Electricity Delivery and Energy Reliability and its Office of Energy Efficiency and Renewable Energy, two centers of that research.

"If funding is not provided by the federal government, the committee is concerned that this gap would not be filled either by states or by the private sector," the panel said.

It called on DOE to lead in the stockpiling of crucial grid power transformers, to complement industry programs.

Much more technology is needed to deal with wide-area outages, the panel said, including control room software to help grid operators recognize and respond to fast-moving outages. "During a major event such as Hurricane Katrina or Superstorm Sandy, thousands of alarms can overwhelm the system operator" in control rooms, it said. "Artificial intelligence could help quickly prioritize these alarms."

Several recommendations addressed what the panel saw as a lack of understanding among government officials and the public about the consequences of a widespread emergency — including deliberate, targeted blackouts of some areas to protect vital equipment that would be needed to bring the grid back up.

In an uncontrolled, cascading grid collapse, parts of the interstate grid would automatically break into smaller subdivisions called "islands," resulting in significant outages, the panel said. Planned "islanding" in an emergency could limit the damage and speed recovery, the report said.

DOE and DHS should create a "visioning" process to portray and assess plausible large-area, long-duration grid disruptions that could have major impacts on the public, to help hospitals, communications providers, first responders and other critical resources prepare, the report said.

The Federal Energy Regulatory Commission and the North American Energy Standards Board should do more to coordinate operations of natural gas pipelines and the power companies that depend on gas to run generators, it said.

The recovery challenge must be recognized at the state level, too, the panel said.

In one case in point, a new cybersecurity strategy issued last week by Connecticut Gov. Dannel Malloy (D) describes critical infrastructure as the state's "Achilles' heel," noting that "experts have called our electric grid the glass jaw of American industry." The document concludes, "There are potential attackers, vulnerable places they could attack and many ways to amplify the effects of a cyber attack by combining it with other emergencies."

"I can't give you concrete, specific, best solutions for all these problems," said Art House, Connecticut's chief cybersecurity risk officer and a former utility regulator there. "But I think that what we have to do is recognize the vulnerability, recognize that there has to be a culture of cybersecurity, and then go about finding the answers to it."

Twitter: @PeteBehrEENews Email: pbehr@eenews.net
Logged
Crafty_Dog
Administrator
Power User
*****
Posts: 41426


« Reply #455 on: August 09, 2017, 11:00:30 PM »

https://fas.org/sgp/crs/homesec/R43604.pdf
___________________________________________________

https://www.csmonitor.com/World/Passcode/Passcode-Voices/2017/0320/How-China-is-preparing-for-cyberwar


Preparing for informationized wars

The 2015 Chinese Military Strategy White Paper states that the PLA must prepare for “informationized local wars” against technologically advanced adversaries. As a result, Chinese hackers breach Defense Department networks in order to better understand US military capabilities, accelerate the modernization of the People’s Liberation Army, and prepare of military conflict and the disruption of US forces.

Two PLA groups, Units 61938 and 61486, have reportedly stolen information from over two dozen Defense Department weapons programs, including the Patriot missile system and the US Navy’s new littoral combat ship. The most high-profile case has been the hacking of defense contractors involved in the F-35, which have forced the redesign of specialized communications and antenna arrays for the stealth aircraft. Department of Defense officials say that the most sensitive flight control data were not taken because they were stored offline, but the fuselage of China’s second stealth fighter jet, the J-31, is very similar to that of the F-35. In response to a question about attacks on defense contractors, Lieutenant General Vincent Stewart, director of the Defense Intelligence Agency, told a congressional hearing, “I do not believe we are at this point losing our technological edge, but it is at risk based on some of their cyberactivities,” referring to China.

Chinese hackers also break into US networks in preparation for a potential military conflict. Chinese military analysts often write of the PLA’s need to seize information dominance at the beginning stages of a conflict with a technologically advanced adversary through cyber attacks against command and control computers as well as satellite and communication networks. The PLA would also attempt to disrupt US forces in the Western Pacific through attacks on transportation and logistics systems. Preparing for these attacks requires cyber espionage.

Chinese military writings also suggest that cyberattacks can have a deterrent effect, given American dependence on banking, telecommunication, and other critical networks. A highly disruptive or destructive attack on these networks might reduce the chances that the United States might get involved in a regional conflict. Some Chinese intrusions into critical infrastructure may intentionally leave evidence behind to act as a warning that the US homeland may not be immune to attack in the case of a conflict over Taiwan or the South China Sea.
______________________________________

http://www.indiandefencereview.com/spotlights/acupuncture-warfare-chinas-cyberwar-doctrine-and-implications-for-india/

If there is another conflict with China, it can be visualised that the war will begin in cyberspace much before a single shot is fired or the first missile is launched. In fact, frequent hacking attempts, some of them successful, are ongoing on a daily basis even now when there is peace at the border

Read more at:
http://www.indiandefencereview.com/spotlights/acupuncture-warfare-chinas-cyberwar-doctrine-and-implications-for-india/
Logged
G M
Power User
***
Posts: 15285


« Reply #456 on: August 09, 2017, 11:45:01 PM »

http://www.eiscouncil.com/EarthEx

Today’s lifeline infrastructures are interconnected and resourced on unprecedented scales, with supply chains spanning the nation and, increasingly, the world.  With this growing integration and global reach, they have brought us remarkable capabilities.

At a price.   

Concerns have grown over the potential for severe malicious or natural “Black Sky” hazards associated with subcontinent scale, long duration power outages, with cascading failure of all our other increasingly interdependent infrastructures.  This creates a grim and difficult dilemma:  Restoration of any sector will only be possible with at least minimal operation of all the others. 
To deal with this deadlock, careful sector by sector and cross-sector resilience planning is crucial.  However, such plans, to be effective, must be exercised.  With the diversity and the national and global scale of the infrastructures we now depend on, this requires an unprecedented, multi-sector, national and international exercise series.

WHAT IS EARTH EX?
EARTH EX is an evolving, distributed, collaborative partner-developed exercise designed to meet this need.
Logged
Crafty_Dog
Administrator
Power User
*****
Posts: 41426


« Reply #457 on: September 21, 2017, 08:44:07 AM »

https://www.wsj.com/articles/sec-discloses-edgar-corporate-filing-system-was-hacked-in-2016-1505956552

« Last Edit: September 22, 2017, 07:16:35 AM by Crafty_Dog » Logged
Crafty_Dog
Administrator
Power User
*****
Posts: 41426


« Reply #458 on: September 22, 2017, 07:16:59 AM »

The SEC’s Cyber Embarrassment
The agency that lectures private companies can’t secure its own files.
Photo: istock/Getty Images
By The Editorial Board
Sept. 21, 2017 7:16 p.m. ET
16 COMMENTS

The Securities and Exchange Commission let slip Wednesday evening—nearly half way into a 4,000-word statement on cybersecurity—that it learned last month that a hacking “incident previously detected in 2016 may have provided the basis for illicit gain through trading.” In journalism, this is known as burying the lead.

The SEC’s four-line disclosure provides few details other than that the breach affected its EDGAR system, which receives and processes more than 1.7 million electronic filings a year. Hackers were able to exploit a software vulnerability in the system to obtain nonpublic information. The agency says the weakness was patched promptly, though its investigation is “ongoing.”

So the SEC waited weeks after learning that its filing system had been penetrated for potentially illicit gain to disclose the break-in. And then it discreetly dropped the news into a lengthy memo advising companies and exchanges about their regulatory obligations to manage and disclose cyber risks.

A few questions: Why didn’t the agency report the incident when it occurred last year—and exactly when?—and what took it so long to figure out that the hack might have resulted in illegal trading activity?

The SEC provides no explanation but notes that there are “frequent attempts by unauthorized actors to disrupt access to our public-facing systems, access our data, or otherwise cause damage to our technology infrastructure” and “in certain cases cyber threat actors have managed to access or misuse our systems.” This suggests that there been other successful hacks that the SEC has not disclosed, perhaps because it doesn’t have evidence that they resulted in securities fraud.

One hypothesis is that the SEC was worried that disclosing the hack would raise questions about the security of its Consolidated Audit Trail, a centralized database that will give the agency access to “significant, nonpublic, market sensitive data and personally identifiable information.” The system, in the works for seven years, is supposed to come online this fall. But executives from U.S. financial exchanges have warned that it will be a rich target for hackers.

The SEC might also fear undermining its authority on cybersecurity. In 2014 the SEC issued regulations requiring exchanges and clearinghouses to “take corrective action with respect to systems disruptions, compliance issues and intrusions” and notify the SEC. It has also threatened legal action against public companies that don’t make adequate disclosures.

Yet the SEC has been rebuked several times by the Government Accountability Office and its own Inspector General for lax cyber controls. A 2014 review by its IG found that some SEC laptops that may have contained non-public information couldn’t be located. Agency staff have also transmitted non-public information through non-secure personal email accounts.

The SEC disclosure is particularly embarrassing in the wake of the Equifax data breach, which is being investigated by federal and state regulators amid much political outrage. Before regulators in glass houses take legal action against private companies, they can at least secure their own cyber walls.
Logged
ccp
Power User
***
Posts: 7526


« Reply #459 on: September 24, 2017, 08:20:59 AM »

As I have said for years from my own experience.

But no one cares unless you piss off the Democrat Party bosses:

https://www.hackread.com/hacking-offline-computer-and-phone/
Logged
ccp
Power User
***
Posts: 7526


« Reply #460 on: October 03, 2017, 02:41:51 PM »

http://www.newsmax.com/Newsfront/equifax-white-house-social/2017/10/03/id/817427/
Logged
Crafty_Dog
Administrator
Power User
*****
Posts: 41426


« Reply #461 on: October 06, 2017, 01:52:20 PM »

WSJ
By Gordon Lubold and
Shane Harris
Updated Oct. 5, 2017 7:31 p.m. ET
994 COMMENTS

WASHINGTON—Hackers working for the Russian government stole details of how the U.S. penetrates foreign computer networks and defends against cyberattacks after a National Security Agency contractor removed the highly classified material and put it on his home computer, according to multiple people with knowledge of the matter.

The hackers appear to have targeted the contractor after identifying the files through the contractor’s use of a popular antivirus software made by Russia-based Kaspersky Lab, these people said.

The theft, which hasn’t been disclosed, is considered by experts to be one of the most significant security breaches in recent years. It offers a rare glimpse into how the intelligence community thinks Russian intelligence exploits a widely available commercial software product to spy on the U.S.

The incident occurred in 2015 but wasn’t discovered until spring of last year, said the people familiar with the matter.

The stolen material included details about how the NSA penetrates foreign computer networks, the computer code it uses for such spying and how it defends networks inside the U.S., these people said.

Having such information could give the Russian government information on how to protect its own networks, making it more difficult for the NSA to conduct its work. It also could give the Russians methods to infiltrate the networks of the U.S. and other nations, these people said.

The breach is the first known incident in which Kaspersky software is believed to have been exploited by Russian hackers to conduct espionage against the U.S. government. The company, which sells its antivirus products in the U.S., had revenue of more than half a billion dollars in Western Europe and the Americas in 2016, according to International Data Corp. Kaspersky says it has more than 400 million users world-wide.

The revelation comes as concern over Russian infiltration of American computer networks and social media platforms is growing amid a U.S. special counsel’s investigation into whether Donald Trump’s presidential campaign sought or received assistance from the Russian government. Mr. Trump denies any impropriety and has called the matter a “witch hunt.”

Intelligence officials have concluded that a campaign authorized by the highest levels of the Russian government hacked into state election-board systems and the email networks of political organizations to damage the candidacy of Democratic presidential nominee Hillary Clinton.

A spokesman for the NSA didn’t comment on the security breach. “Whether the information is credible or not, NSA’s policy is never to comment on affiliate or personnel matters,” he said. He noted that the Defense Department, of which the NSA is a part, has a contract for antivirus software with another company, not Kaspersky.

In a statement, Kaspersky Lab said it “has not been provided any information or evidence substantiating this alleged incident, and as a result, we must assume that this is another example of a false accusation.”

Kremlin spokesman Dmitry Peskov in a statement didn’t address whether the Russian government stole NSA materials using Kaspersky software. But he criticized the U.S. government’s decision to ban the software from use by U.S. agencies as “undermining the competitive positions of Russian companies on the world arena.”

Sen. Jeanne Shaheen, (D., N.H.) on Thursday asked the Senate Armed Services Committee to hold hearings on the issue. “As you are aware, I have been concerned about the serious dangers of using Kaspersky software due to the company’s strong ties to the Kremlin,” she wrote in a letter to Sen. John McCain (R., Ariz.), the committee chairman.

She urged Mr. McCain to “expeditiously” schedule a hearing with the NSA’s director, Adm. Michael Rogers, and other administration officials.

The Kaspersky incident is the third publicly known breach at the NSA involving a contractor’s access to a huge trove of highly classified materials. It prompted an official letter of reprimand to Adm. Rogers by his superiors, people familiar with the situation said.

Adm. Rogers came into his post in 2014 promising to staunch leaks after the disclosure that NSA contractor Edward Snowden the year before gave classified documents to journalists that revealed surveillance programs run by the U.S. and allied nations.

The Kaspersky-linked incident predates the arrest last year of another NSA contractor, Harold Martin, who allegedly removed massive amounts of classified information from the agency’s headquarters and kept it at his home, but wasn’t thought to have shared the data.

Mr. Martin pleaded not guilty to charges that include stealing classified information. His lawyer has said he took the information home only to get better at his job and never intended to reveal secrets.

The name of the NSA contractor in the Kaspersky-related incident and the company he worked for aren’t publicly known. People familiar with the matter said he is thought to have purposely taken home numerous documents and other materials from NSA headquarters, possibly to continue working beyond his normal office hours.

The man isn’t believed to have wittingly aided a foreign government, but knew that removing classified information without authorization is a violation of NSA policies and potentially a criminal act, said people with knowledge of the breach. It is unclear whether he has been dismissed from his job or faces charges. The incident remains under federal investigation, said people familiar with the matter.

Kaspersky software once was authorized for use by nearly two dozen U.S. government agencies, including the Army, Navy and Air Force, and the departments of Defense, State, Homeland Security, Energy, Veterans Affairs, Justice and Treasury.


NSA employees and contractors never had been authorized to use Kaspersky software at work. While there was no prohibition against these employees or contractors using it at home, they were advised not to before the 2015 incident, said people with knowledge of the guidance the agency gave.

For years, U.S. national security officials have suspected that Kaspersky Lab, founded by a computer scientist who was trained at a KGB-sponsored technical school, is a proxy of the Russian government, which under Russian law can compel the company’s assistance in intercepting communications as they move through Russian computer networks.

Kaspersky said in its statement: “As a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the company has never helped, nor will help, any government in the world with its cyberespionage efforts.”

Suspicions about the company prompted the Department of Homeland Security last month to take the extraordinary step of banning all U.S. government departments and agencies from using Kaspersky products and services. Officials determined that “malicious cyber actors” could use the company’s antivirus software to gain access to a computer’s files, said people familiar with the matter.

The government’s decision came after months of intensive discussions inside the intelligence community, as well as a study of how the software works and the company’s suspected connections to the Russian government, said people familiar with the events.

They said intelligence officials also were concerned that given the prevalence of Kaspersky on the commercial market, countless people could be targeted, including family members of senior government officials, or that Russia could use the software to steal information for competitive economic advantage.

“The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security,” the DHS said Sept. 13 in announcing the government ban.

All antivirus software scans computers looking for malicious code, comparing what is on the machine to a master list housed at the software company. But that scanning also gives makers of the software an inventory of what is on the computer, experts say.

“It’s basically the equivalent of digital dumpster diving,” said Blake Darché, a former NSA employee who worked in the agency’s elite hacking group that targets foreign computer systems.

Kaspersky is “aggressive” in its methods of hunting for malware, Mr. Darché said, “in that they will make copies of files on a computer, anything that they think is interesting.” He said the product’s user license agreement, which few customers probably read, allows this.

“You’re basically surrendering your right to privacy by using Kaspersky software,” said Mr. Darché, who is chief security officer for Area 1, a computer security company.

“We aggressively detect and mitigate malware infections no matter the source and we have been proudly doing it for 20 years,” the company said in its statement. “We make no apologies for being aggressive in the battle against malware and cybercriminals.”

U.S. investigators believe the contractor’s use of the software alerted Russian hackers to the presence of files that may have been taken from the NSA, according to people with knowledge of the investigation. Experts said the software, in searching for malicious code, may have found samples of it in the data the contractor removed from the NSA.

But how the antivirus system made that determination is unclear, such as whether Kaspersky technicians programed the software to look for specific parameters that indicated NSA material. Also unclear is whether Kaspersky employees alerted the Russian government to the finding.

Investigators did determine that, armed with the knowledge that Kaspersky’s software provided of what files were suspected on the contractor’s PC, hackers working for Russia homed in on the machine and obtained a large amount of information, said the people familiar with the matter.

The breach illustrates the chronic problem the NSA has had with keeping highly classified secrets from spilling out, former intelligence personnel say. They say they were rarely searched while entering or leaving their workplaces to see if they were carrying classified documents or removable storage media, such as a thumb drive.

Then-Defense Secretary Ash Carter and then-Director of National Intelligence James Clapper pushed President Barack Obama to remove Adm. Rogers as NSA head, due in part to the number of data breaches on his watch, according to several officials familiar with the matter.

The NSA director had fallen out of White House favor when he traveled to Bedminster, N.J., last November to meet with president-elect Donald Trump about taking a job in his administration, said people familiar with the matter. Adm. Rogers didn’t notify his superiors, an extraordinary step for a senior military officer, U.S. officials said.

Adm. Rogers wasn’t fired for a number of reasons, including a pending restructuring of the NSA that would have been further complicated by his departure, according to people with knowledge of internal deliberations. An NSA spokesman didn’t comment on efforts to remove Adm. Rogers.

Write to Gordon Lubold at Gordon.Lubold@wsj.com and Shane Harris at shane.harris@wsj.com

Appeared in the October 6, 2017, print edition as 'Russian Hackers Stole NSA Spy Secrets.'
Logged
Crafty_Dog
Administrator
Power User
*****
Posts: 41426


« Reply #462 on: October 10, 2017, 09:29:21 PM »

October 10, 2017
Trust Busters

This year’s Nobel prize winner for economics, Richard Thaler, had won a measure of fame before this award. He played a central role in persuading many economists that human behavior, and thus irrational behavior, was often predictable and could be ‘nudged’ to change decision-making.

As obvious as this sounds today, it was a great departure from classical economics, which firmly stuck to the belief that people behave, OMG, rationally.

“In order to do good economics, you have to keep in mind that people are human,” Thaler said at a news conference after the Nobel announcement.

This recalls an insight shared by another Nobel winner, physicist Richard Feynman, who said that “reality must take precedence over public relations, for nature cannot be fooled.”

Cass Sunstein, (Marc:  shocked shocked shocked) who co-wrote a book titled “Nudge” with Thaler, which helped to popularize his ideas on behavioral economics, wrote this yesterday:

“Focusing on what he called ‘mental illusions,’ Thaler explained that human beings make a lot of blunders. With clear examples, a sense of play and a little math, he showed that people just don’t act in the way predicted by standard economic theory.”

Thaler’s influence and insights, along with those of Daniel Kahneman and Amos Tversky – the godfathers of behavioral economics – have been widely embraced well beyond the profession.

Facebook, for example, led a team of researchers in 2012 for an experiment on emotional priming, without the awareness of the 700,000 users involved, to see whether manipulation of their news feeds would affect the positivity or negativity of their own posts.   When this became known in 2014 it was generally seen as an unacceptable form of psychological manipulation. But Facebook defended the research on the grounds that its users’ consent to their terms of service was sufficient to imply consent to such experiments.

Now, we’ve just learned that Facebook revealed 3,000 ads bought by a Russian operative reached 10 million of its users. As it turns out, a big multiple of that audience was exposed to the ads purchased by a single Russian troll farm called the Internet Research Agency.  The actual reach encompasses all the activity of the Russian-controlled accounts – each post, each ‘like,’ each comment and also all of the ads. With this understanding, the effect of each ad organically metastasized to poison a population of potentially hundreds of millions on the social media site.

“This is cultural hacking,” said Jonathan Albright, research director at Columbia University’s Tow Center for Digital Journalism. “They are using systems that were already set up by these platforms to increase engagement. They’re feeding outrage –and it’s easy to do, because outrage and emotion is how people share.”

Facebook is not an isolated case. Google has uncovered evidence that Russian operatives exploited the company’s platforms in an attempt to interfere in the 2016 election.   Google, which runs the world’s largest online advertising business, has found that tens of thousands of dollars were spent on ads by Russian agents who aimed to spread disinformation across Google’s widely-used products, including YouTube and Gmail.

The ads do not appear to be from the same Kremlin-affiliated troll farm that bought ads on Facebook. This suggests that the Russian effort to spread disinformation online may be a much broader problem than Silicon Valley companies have unearthed so far.

Meanwhile, Twitter shut down 201 accounts associated with the Internet Research Agency, disclosing that the account for the Kremlin-linked news site RT spent $274,100 on its platform in 2016.

Russia’s bag of tricks isn’t isolated to social media. Hackers working for the Russian government stole details of how the US penetrates foreign computer networks and defends against cyberattacks, after a National Security Agency contractor removed the highly classified material and put it on his home computer.

The theft, which occurred in 2015, is considered to be one of the most significant security breaches in recent years. It appears that Russian intelligence targeted the contractor after identifying the files through the contractor’s use of a popular antivirus software made by Russia-based Kaspersky Lab.

Most troubling, however, is that serious data breaches are becoming everyday occurrences.

In December, six months before it was taken over by Verizon for $4.5 billion, Yahoo revealed that a data theft incident in 2013 had affected around 1 billion user accounts. However, the company disclosed this week that new intelligence indicates every Yahoo account that existed at the time was affected by the breach.

The massive Equifax data breach, which exposed the sensitive personal information of nearly 146 million Americans, happened because of a mistake by a single employee, the credit reporting company’s former CEO told members of Congress last week.   On multiple occasions, he referred to an ‘individual’ in Equifax’s technology department who had failed to heed security warnings and did not ensure the implementation of software fixes that would have prevented the breach.

US government agencies have also publicly confronted digital crimes perpetuated on sensitive data.

A major headache for the IRS in recent years has been identity theft, which has resulted in a wave of tax fraud. After digital thieves had stolen taxpayers' information from social-media platforms or large-scale security breaches, they file fake tax returns in a bid to collect refund checks.

The SEC recently discovered a vulnerability in its corporate filing database that could cause the system to collapse. A September 22 memo reveals that the SEC’s EDGAR database, containing financial reports from US public companies and mutual funds, could be at risk of ‘denial of service’ attacks, a type of cyber intrusion that floods a network, overwhelming it and forcing it to close.

In other words, if hackers wanted to, they could “basically take down the whole EDGAR system” by submitting a malicious data file, said one cyber security expert with experience securing networks of financial regulators.

Organizational Behavior: Humans are Prime Element in Cybersecurity

451 Research found that reports of ‘significant’ security incidents are dramatically higher at larger companies than smaller ones. A survey revealed that while 17% of companies with less than 1,000 employees experienced a notable breach, it climbs to 44% for organizations with more than 10,000 people.
 
Reasons for the disparity between the biggest and smallest firms may be due to the greater level of investment in security monitoring at larger organizations, enabling them to better detect breaches than less-equipped groups.

It could also be that hackers are more inclined to target large companies because the prizes are greater, and the human vulnerabilities can be exploited more readily.   
The top pain points are User Behavior (34%), followed by Organizational Politics/Lack of Attention to Information Security (21%) and Staffing Information Security (21%), according to 451 Research.

The top security concerns over the last 90 days were Hackers/Crackers with Malicious Intent (53%) and Compliance (49%).

In the words of one information security respondent: The real concern is the people and not the tech – “[The greatest insider threat] is always going to be people … People are the only wild-card. The technology can be trusted.”

Naturally, a challenge for organizations is finding and hiring skilled cybersecurity professionals, who are especially important when it comes to security analytics and operations. It takes highly experienced pros to investigate security incidents, synthesize threat intelligence, or perform proactive hunting exercises.

In order to address the security skills gap, slightly more than half of the 451 Research respondents plan to train existing staff and 44% will hire contractors.
While 35% said they would hire new staff, very large organizations with more than 10,000 employees were nearly twice as likely (51% vs. 26%) compared to very small organizations with less than 250 employees.

‘Plastics’ once had seized the day for college grads, today it’s ‘cybersecurity.’
Logged
Crafty_Dog
Administrator
Power User
*****
Posts: 41426


« Reply #463 on: October 10, 2017, 11:46:55 PM »

second post

https://mobile.nytimes.com/2017/10/10/technology/kaspersky-lab-israel-russia-hacking.html
Logged
G M
Power User
***
Posts: 15285


« Reply #464 on: October 15, 2017, 08:36:16 AM »

https://pjmedia.com/instapundit/278161/

OCTOBER 12, 2017
CYBERWAR: Cyberattack Captures Data on U.S. Weapons in Four-Month Assault.

A cyberattacker nicknamed “Alf” gained access to an Australian defense contractor’s computers and began a four-month raid that snared data on sophisticated U.S. weapons systems.

Using the simple combinations of login names and passwords “admin; admin” and “guest; guest” and exploiting a vulnerability in the company’s help-desk portal, the attacker roved the firm’s network for four months. The Australian military referred to the breach as “Alf’s Mystery Happy Fun Time,” referring to a character from the soap opera “Home and Away.”

The incident, detailed by a senior Australian intelligence official in a speech on Wednesday, was the third major breach of sensitive U.S. military and intelligence data to come to light in the past week.

On Tuesday, a South Korean lawmaker said North Korean hackers had accessed a military database and stolen top-secret files, including a plan for a decapitation strike against top leaders in Pyongyang. That followed reports that hackers working for the Russian government stole details of how the U.S. penetrates foreign computer networks and defends its own.

The identity and affiliation of the hackers in the Australian attack weren’t disclosed, but officials with knowledge of the intrusion said the attack was thought to have originated in China.

Doesn’t anybody take security seriously?
Logged
Crafty_Dog
Administrator
Power User
*****
Posts: 41426


« Reply #465 on: October 15, 2017, 12:50:09 PM »

Is security even possible?
Logged
G M
Power User
***
Posts: 15285


« Reply #466 on: October 15, 2017, 12:53:42 PM »

Is security even possible?


Yes, but it takes serious effort and investment.
Logged
G M
Power User
***
Posts: 15285


« Reply #467 on: October 16, 2017, 10:05:21 AM »

http://www.zdnet.com/article/wpa2-security-flaw-lets-hackers-attack-almost-any-wifi-device/

PART OF A ZDNET SPECIAL FEATURE: CYBERWAR AND THE FUTURE OF CYBERSECURITY

WPA2 security flaw puts almost every Wi-Fi device at risk of hijack, eavesdropping
Security experts have said the bug is a total breakdown of the WPA2 security protocol.

 Zack Whittaker
By Zack Whittaker for Zero Day | October 16, 2017 -- 10:00 GMT (03:00 PDT) | Topic: Cyberwar and the Future of Cybersecurity

2

(Image: file photo)

SECURITY 101

 Tips for protecting your privacy from hackers and spies
Tips for protecting your privacy from hackers and spies

Take these simple steps to help protect yourself against hackers and government surveillance.

Read More

A security protocol at the heart of most modern Wi-Fi devices, including computers, phones, and routers, has been broken, putting almost every wireless-enabled device at risk of attack.

The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network.

That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.

In other words: hackers can eavesdrop on your network traffic.

The bug represents a complete breakdown of the WPA2 protocol, for both personal and enterprise devices -- putting every supported device at risk.

"If your device supports Wi-Fi, it is most likely affected," said Vanhoef, on his website.

News of the vulnerability was later confirmed on Monday by US Homeland Security's cyber-emergency unit US-CERT, which about two months ago had confidentially warned vendors and experts of the bug, ZDNet has learned.

The warning came at around the time of the Black Hat security conference, when Vanhoef presented a talk on networking protocols, with a focus on the Wi-Fi handshake that authenticates a user joining a network.

The cyber-emergency unit has since reserved ten common vulnerabilities and exposures (CVE) records for the various vulnerabilities.

Cisco, Intel, Juniper, Samsung, and Toshiba are among the companies affected.

At its heart, the flaw is found in the cryptographic nonce, a randomly generated number that's used only once to prevent replay attacks, in which a hacker impersonates a user who was legitimately authenticated. In this case, an attacker can trick a victim into reinstalling a key that's already in use. Reusing the nonce can allow an adversary to attack the encryption by replaying, decrypting, or forging packets.


The flaw is "exceptionally devastating" for Android 6.0 Marshmallow and above, said Vanhoef. A patch is expected in the next few weeks.

"The core of the attack, hence its name, is that the attacker tricks the connected party into reinstalling an already-in-use key," Alan Woodward, a professor at the University of Surrey, told ZDNet.

Despite the ire many have with branded, or popularized vulnerabilities -- Heartbleed, Shellshock, and Poodle to name a few -- many renowned security and cryptographic experts are warning not to underestimate the severity of the flaw.

"It's not a trivial attack," said Woodward. He warned that the scale of the attack is "huge."



It's not the first attack that's hit WPA2. WPA2 was developed, ironically, as a way to replace a similar protocol, WEP, which was cracked just a few years after its debut in 1997.

Several researchers, including Vanhoef, have demonstrated valid attacks against the protocol. By far the most notable was in 2011 when a security researcher showed that an attacker could recover the code used in Wi-Fi Protected Setup, a feature that let users authenticate with a one-push button on the router, which could be easily cracked.

Like similar attacks against WPA2, an attacker needs to be within a close physical proximity of a vulnerable device, such as a router or even a cash register or point-of-sale device.

That's not to downplay the seriousness of the attack, however.

The downside is that nowadays, a hacker can launch an attack from hundreds of feet from a vulnerable device, Kenneth White, a security researcher, told ZDNet.


A table of vulnerable software. (Image: Mathy Vanhoef)

Matthew Green, a cryptography teacher at Johns Hopkins University, said in a tweet that this is "probably going to turn into a slew of TJ Maxxes," referring to a cyberattack on the department store, where hackers cracked the Wi-Fi password that connected the cash registers to the network.

White explained, however, that sites and services that provide content over strict HTTPS (known as HSTS) will encrypt traffic from the browser to the server.

In other words, it's still safe to access sites that encrypt your data over an insecure network.

Although Vanhoef said it wasn't clear if any attacks had been seen in the wild.

Several router and network equipment makers were briefed prior to Monday's announcement, including Cisco, HPE, and Arris. We reached out to all three but did not hear back at the time of writing.

Aruba, Ubiquiti, and Eero are said to have patches available, according to sources we spoke to at the time of writing. It's not known if others have -- but we will update as we find out.

But many products and device makers will likely not receive patches -- immediately, or ever. Katie Moussouris‏, founder of Luta Security, said in a tweet that Internet of Things devices will be some of the "hardest hit."

Until patches are available, Wi-Fi should be considered a no-go zone for anything mission critical, a feat almost impossible in today's age of ubiquitous and blanket wireless network access.

Contact me securely

Zack Whittaker can be reached securely on Signal and WhatsApp at 646-755–8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.
Logged
Pages: 1 ... 8 9 [10] Print 
« previous next »
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!