Tag Archives: Cyber Attack

Amazon forces some to change passwords after potential compromise

Some Amazon account holders were required to change their passwords this week after the online retailer found that the information could have been compromised.

Technology website ZDNet first reported the news Tuesday, noting Amazon wrote in an email addressed to affected users that there was “no reason” to believe the information had been leaked.

ZDNet reported the email said Amazon forced the password change as a purely precautionary measure after learning that the passwords might have been improperly stored or transmitted, which could have allowed a third party to access it.

It’s not clear how many people were asked to reset their passwords and Amazon corrected the issue.

The company has recently taken steps to improve cyber security.

Last week, it began allowing customers to require two-factor authentication to access their account. That requires users to not only successfully enter their password to log in to the website, but also a second group of characters that is typically sent to a user’s mobile phone.

Cyber security stocks get filip from Talk hack attack

Photo courtesy of Reuters/Stefan Wermuth

LONDON (Reuters) – The hacking scandal at broadband provider TalkTalk has heightened interest in stocks and companies dealing in cyber security, with some fund managers betting on more growth in the sector.

British police said on Friday that they had arrested a second teenager in connection with the breach at TalkTalk, which may have led to the theft of personal data from among the company’s more than 4 million customers.

TalkTalk was not the first such incident, but traders and investors said it should re-ignite interest in companies offering protection against hack attacks.

Market research firm Gartner has estimated that global spending on IT security is set to increase 8.2 percent in 2015 to $77 billion. Corporations around the world will spend $101 billion on information security in 2018, Gartner says.

That has caught the attention of financial markets. The ISPY exchange-traded-fund, which lets investors hold a basket of cyber security stocks – such as Cisco Systems and Sophos Group – has risen around 3 percent.

“As cyber crime continues to grow, governments and companies are prioritising cyber security as an essential investment. This is a sector we can expect to dominate headlines and corporate budgets,” said Kris Monaco, the head of ISE ETF Ventures.

Others focused on some relatively small British stocks whose shares have risen, in contrast to those of TalkTalk whose stock has fallen 6 percent in the last week.

Falanx Group has climbed 15 percent over that same period. NCC Group and Corero Network Security – an offshoot of the former Corero software business – have risen 3 percent.

Corero’s products include software that protects against attacks on Internet sites and domain addresses.

NCC has similar services, including one to test how vulnerable a company is to “phishing” – where internal emails are hacked by someone posing as an employee or outside contact – while Falanx has services monitoring clients’ computer infrastructure for signs of suspicious activity.

John Blamire, a former British Army officer who is chief executive at Falanx, said customer interest had risen since the attack on TalkTalk.

“Incidents such as the one at TalkTalk actively brings attention to organizations such as ours,” he said.

To be sure, stocks such as these would carry the usual risks associated with “small cap” stocks with a relatively small market valuation – less liquidity, which can then make them more prone to a slump and harder to sell than bigger stocks.

Nevertheless, they have attracted some big-name investment houses, with Liontrust Asset Management holding a near 10 percent stake in NCC while Blackrock Investment Management has a near 3 percent holding in Corero. Both Liontrust and Blackrock declined to comment on those holdings.

Mark Slater, chief investment officer at Slater Investments, holds around 3 million NCC shares in his company’s portfolio, and he expected NCC and others to continue to grow.

“The nature of the Internet makes it open to attack. These problems are not going to go away.”

(By Sudip Kar-Gupta; Reporting by Sudip Kar-Gupta; Editing by Lionel Laurent, Larry King)

ISIS Trying to Hack American Power Grid

On Wednesday American energy firms held a meeting about national security concerns where U.S. law officials announced that ISIS has been trying to hack the power grid.

“ISIL is beginning to perpetrate cyber attacks,” Caitlin Durkovich, assistant secretary for infrastructure protection at the Department of Homeland Security, told company executives.

Investigators didn’t reveal any details or provide any evidence to support the claims, but they did say that all attempts have been unsuccessful. They added that the terrorists lacked the right hacking technology to invade the computer systems and shut off or blow up the machines.

“Strong intent. Thankfully, low capability,” said John Riggi, a section chief at the FBI’s cyber division. “But the concern is that they’ll buy that capability.”

With hacking software available on the black markets, the FBI is now worried that ISIS and other terrorist organizations could get their hands on the right hacking software to attack power companies and grids. This would disrupt power to several U.S. homes and businesses. And the threat isn’t just ISIS; the FBI is also worried about domestic terrorists and hate groups getting their hands on the hacking technology.

U.S. officials also stated that the greatest threat to our power grid is other countries. Last year, they found malware on industrial control systems at energy companies that were traced back to the Russian government.

However, an organization taking down the entire nationwide grid – or even a section of the grid – is extremely unlikely as each grid isn’t uniform and connected like most people believe. The random patterns of the grid keep the machines and software from communicating and coordinating. It would take a large and expensive team of highly trained technical specialists to understand the layout and then hack it. Even if the team was successful, in a worst case scenario they would take out power for a small section of a major city. An entirely different cyberattack would be needed to shut down a different grid at a different plant.

The last infamous attack on a power grid was in 2013 when a sniper shot at a California energy grid substation. The attack was only for 19 minutes, but caused $15 million in damage. The Department of Homeland Security recently released a report that the attacker was likely an inside job. However, no other details were given.

15 Million T-Mobile Customers’ Data Stolen by Hackers

The credit bureau Experian experienced a data breach, revealing user data from approximately 15 million T-Mobile customers.

The data gathered by the hackers included names, addresses, birth dates, and Social Security numbers along with other forms of identification like driver’s’ license numbers. According to T-Mobile, the hackers were not able to get payment information or bank account information.

People affected by the hack may not be current T-Mobile customers. The companies announced that customers who applied for T-Mobile postpaid services or device financing between September 1, 2013 and September 16, 2015 were the ones who could be victims of the hack.

Experian stated in a press release that no evidence has been presented so far that the data has been used illegally or inappropriately. Experian is a widely used credit-information provider that has experienced several security concerns; the T-Mobile hack is just the latest incident. The last cyberattack on Experian was in 2012 when 200 million Americans had their Social Security numbers exposed.

T-Mobile CEO John Legere had strong feelings regarding the breach and said that his company would be looking for a new and more secure service provider.

“Obviously I am incredibly angry about this data breach and we will institute a thorough review of our relationship with Experian,” but the carrier’s top concern now is helping the people affected, Legere wrote in an open letter on T-Mobile’s site.

Experian North America stated in a notice that it was a business unit that had been compromised, and its consumer credit bureau wasn’t affected. Experian has notified international and U.S. law enforcement.

T-Mobile is now offering free credit monitoring identity resolution services from ProtectMyID for the next two years for their customers that think they may have been affected by the breach. ProtectMyID is a division of Experian.

The breach at Experian is the latest in a string of massive hacks that have claimed tens of millions of customer records. The U.S. Office of Personnel experienced a major hack earlier this year, JPMorgan Chase had a breach of data in 2014, and large retailer, Target, had a major cyberattack on their cash register systems in 2013.

Intelligence Officials Admit China Has Hacked Obama Administration Emails Since 2010

Senior U.S. Intelligence officials are confirming that China has been hacking the emails of Obama Administration officials since 2010.

The National Security Agency (NSA) has confirmed the intrusions were first detected in April 2010 and that the hacking of various accounts is still taking place.  The NSA official said that all top national security and trade officials have been targeted by the attack including Joint Chiefs of Staff Chairman Adm. Mike Mullen and Chief of Naval Operations Adm. Gary Roughead.

Gmail accounts were specifically mentioned by the NSA official but other email providers were also confirmed to have violated by the attack.

NBC reported the hacks were first code-named Dancing Pandaand then Legion Amethyst.

“There’s no effective defense against these attacks and, as we’ve seen, there’s also no effective deterrence,” geopolitical expert Ian Bremmer told Business Insider in June.

“China isn’t trying to engage in ‘integrity’ attacks against the US they don’t want to destroy American institutions and architecture as, after all, they’re hugely invested in American economic success,” he added.

Russia Accused in Hacking of Joint Chiefs of Staff

Investigations into a hacking attack on the email system for the Joint Chiefs of Staff has revealed that Russia is behind the cyberassault that shut down their system for 11 days.

The hackers broke into an unclassified email network using malware or “phishing” attempts, meaning an email recipient had to open an infected attachment to an e-mail to allow the malicious programs to access the system.

An official with the joint chiefs called the attack the “most sophisticated” attack on their network.

Another official told CBS News that the attack impacted the 4,000 personnel who work for the Chairman of the Joint Chiefs.  Most of those personnel are military members.

Pentagon officials repeatedly stated that the classified email network was not impacted and said the Joint Chiefs were given an alternative method to send unclassified emails while the system was shut down to clear out the malicious software.

The attack is the latest in several high-profile attacks on the U.S. Government’s email systems this year.  Previous attacks were attributed to Chinese hackers.

Entire National Security System Possibly Compromised by Hacking

A new report from Fox News shows that the entire U.S. national security system was likely undermined by a year-long hacking attack that was spotlighted by the revelations of 21.5 million Americans having their data stolen from the Office of Personnel Management (OPM).

Experts who spoke with Fox say that the data taken is so sensitive that it could be used to blackmail leaders or those who could be elected to public office in the future.

“There may be people walking around with higher levels of clearance than they should have,” one expert told Fox. “I believe the entire national security apparatus is now at risk. It’s mind-boggling.”

“It’s the digital equivalent of Pearl Harbor,” another expert added. “Because people don’t see the carnage, they don’t recognize that this is the equivalent of an act of war. This is about espionage—Cold War tactics in the modern digital age.”

Also being revealed is that contractors to OPM that conducted background checks were hacked.  A firm named USIS who worked for Homeland Security was hacked in December 2014; Keypoint, who took over the USIS contract, was hacked in June 2015.

Director of National Intelligence James Clapper has said that China is the leading suspect behind the massive, year-long hacking attack.

The report comes a day after OPM said they are working with the Defense Department to notify anyone impacted by the attack and provide them with identify-fraud protection services.  The contractor for the project will likely not be chosen until mid-August.

OPM plans to provide the free monitoring for those victimized by the hack for three years.

Hackers Take Control of Jeep Cherokee From Miles Away

Two hackers have shown an exploit in the Jeep Cherokee that would allow them to take control of the vehicle from miles away.

In one demonstration, they caused the vehicle to crash.

Two cybersecurity experts, Charlie Miller and Chris Valasek, worked with Wired magazine to expose a flaw in the computer software that allows remote takeover the vehicle by anyone with knowledge of computer hacking.

In one test, Wired magazine staffer Andy Greenberg was driving 70 miles an hour near downtown St. Louis when the air conditioning suddenly blasted at maximum,  the radio changed to a new radio station and blasted full volume and the windshield wipers turned on while blasting wiper fluid making it almost impossible to see the road.

The hackers then put a picture of themselves on the car’s digital display.

The hackers had previously performed similar experiments with a Ford Escape and Toyota Prius, although they were in the backseats of the car.

In these tests, they were more than 10 miles away in the basement of one of the two security experts.

A test conducted away from traffic for safety reasons showed the hackers could lock up brakes, disable driving and transmission and kill the engine.  In one test, the driver was helpless as the car crashed off the road into a ditch.

The hackers can also track the car’s GPS, measure speed and drop pins on a map to track the car’s movements.

Chrysler responded while they appreciate the efforts to show exploits that can be corrected, they were not pleased the information was released.

“Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” the company’s statement reads. “We appreciate the contributions of cybersecurity advocates to augment the industry’s understanding of potential vulnerabilities. However, we caution advocates that in the pursuit of improved public safety they not, in fact, compromise public safety.”

Hack of Government Servers Much Larger Than First Disclosed

The attack on servers controlling data for the Office of Personnel Management (OPM) is now being reported as significantly larger than initially disclosed to the public.

Government investigators say the total number of people who had data taken in the attack suspected of being carried out by Chinese hackers was roughly 21.5 million, well above the initially released estimate of 4 million people.

The 21.5 million includes many non-government employees after the initial report claimed that it was only government workers who were at risk.

“If an individual underwent a background investigation through OPM in 2000 or afterwards … it is highly likely that the individual is impacted by this cyber breach,” OPM’s statement read.

Republicans in Congress were calling on the President to replace OPM Director Katherine Archuleta.

“It has taken this administration entirely too long to come to grips with the magnitude of this security breach — a breach that experts agree was entirely foreseeable. Americans who serve our country need to be able to trust that the government can keep their personal information safe and secure,” House Speaker John Boehner said in a statement.

Jason Chaffetz, the head of the House Oversight and Reform Committee, called on the President to not only fire Archuleta but also Chief Information Officer Donna Seymour.

“Their negligence has now put the personal and sensitive information of 21.5 million Americans into the hands of our adversaries. Such incompetence is inexcusable,” Chaffetz, a Republican, said Thursday in a statement.

Army Website Hit By Syrian Hackers

The U.S. Army’s official website was taken down Monday by hackers who claim they were the Syrian Electronic Army.

The attack forced the Army to take army.mil offline to protect from further damage.

The hacking comes less than a week after the discovery of Chinese hackers breaking into several important federal government servers that housed the personal information of millions of federal employees.

“Today an element of the Army.mil service provider’s content was compromised,” Army Brig. Gen. Malcolm Frost said in a statement. “After this came to our attention, the Army took appropriate preventive measures to ensure there was no breach of Army data by taking down the website temporarily.”

The Syrian Electronic Army launched in 2011 with a stated goal of attacking the enemies of the Syrian government.  They claim to not be officially connected to the Syrian government.

The Army has been the target of hacking in the recent past.  Five months ago the website was hit by pro-ISIS hackers who posted messages on the Army’s YouTube and twitter accounts.