After U.S. intel report on Putin, British government launches cyber security review

Man typing on keyboard representing cyber security threats

LONDON (Reuters) – The British government said on Monday it is launching a national inquiry into cyber security to assess the extent to which the UK is protected from an ever-increasing tide of attacks worldwide.

The inquiry comes only two days after U.S. intelligence agencies said Russian president Vladimir Putin ordered an effort to help U.S president-elect Donald Trump’s electoral chances by discrediting Hillary Clinton in the 2016 U.S. presidential campaign.

“Attention has recently focused on the potential exploitation of the cyber domain by other states and associated actors for political purposes,” said Margaret Beckett, chair of parliament’s joint committee on national security strategy.

“But this is just one source of threat that the government must address,” she added, in a statement.

Cyber attacks in the UK have been on the rise, with businesses such as banks and retailers increasingly becoming targets for hackers.

Reported attacks on financial institutions in Britain rose from just five in 2014 to 75 in the year to October 2016, data from Britain’s Financial Conduct Authority (FCA) show. Last year, retailer Tesco’s banking arm suffered an attack which saw some 2.5 million pounds stolen from 9,000 current accounts.

The inquiry will look at issues including the types of cyber threats faced by the UK, the extent of human, financial and technical capital committed to address threats, and the development of offensive cyber capabilities.

The inquiry forms part of the second National Cyber Security Strategy launched in November last year, which has a total budget of 1.9 billion pounds running from 2016 to 2021.

(Reporting by Ritvik Carvalho; editing by Stephen Addison)

‘No doubt’ Russia behind hacks on U.S. election system: senior Democrat

Vice Presidential debate in Virginia

By Dustin Volz

WASHINGTON (Reuters) – A senior Democratic lawmaker said Sunday he had “no doubt” that Russia was behind recent hacking attempts targeting state election systems, and urged the Obama administration to publicly blame Moscow for trying to undermine confidence in the Nov. 8 presidential contest.

The remarks from Representative Adam Schiff, the top Democrat on the intelligence committee in the U.S. House of Representatives, come amid heightened concerns among U.S. and state officials about the security of voting machines and databases, and unsubstantiated allegations from Republican candidate Donald Trump that the election could be “rigged.”

“I have no doubt [this is Russia]. And I don’t think the administration has any doubt,” Schiff said during an appearance on ABC’s “This Week.”

Schiff’s call to name and shame the Kremlin came a week after Trump questioned widely held conclusions made privately by the U.S. intelligence community that Russia is responsible for the hacking activity.

“It could be Russia, but it could also be China,” Trump said during a televised debate with Democratic candidate Hillary Clinton. “It also could be somebody sitting on their bed that weighs 400 pounds.”

On Saturday, Homeland Security Secretary Jeh Johnson said hackers have probed the voting systems of many U.S. states but there is no sign that they have manipulated any voting data.

Schiff said he doubted hackers could falsify vote tallies in a way to affect the election outcome. Officials and experts have said the decentralized and outdated nature of U.S. voting technology makes such hacks more unlikely.

But cyber attacks on voter registration systems could “sow discord” on election day, Schiff said. He further added that leaks of doctored emails would be difficult to disprove and could “be election altering.”

The National Security Agency, FBI and DHS all concluded weeks ago that Russian intelligence agencies conducted, directed or coordinated all the major cyberattacks on U.S. political organizations, including the Democratic National Committee, and individuals, a U.S. official who is participating in the investigations said on Sunday.

However, the official said, White House officials have resisted naming the Russians publicly because doing so could result in escalating cyberattacks, and because it is considered impossible to offer public, unclassified proof of the allegation.

Schiff and Senator Dianne Feinstein, the top Democrat on the U.S. Senate intelligence committee, said last month they had concluded Russian intelligence agencies were “making a serious and concerted effort to influence the U.S. election.”

(Reporting by Dustin Volz and John Walcott; Editing by Nick Zieminski)

North Korea tried to hack South’s railway system, spy agency claims

SEOUL (Reuters) – North Korea has tried to hack into email accounts of South Korean railway workers in an attempt to attack the transport system’s control system, South Korea’s spy agency said on Tuesday.

South Korea has been on heightened alert against the threat of cyberattacks by North Korea after it conducted a nuclear test in January and a long-range rocket launch last month, triggering new U.N. sanctions.

South Korea had previously blamed the North for cyberattacks against its nuclear power operator. North Korea denied that.

South Korea’s National Intelligence Service (NIS) said in a statement it had interrupted the hacking attempt against the railway workers and closed off their email accounts.

The agency issued the statement after an emergency meeting with other government agencies on the threat of cyberattacks by the North.

The agency detected hacking attempts by the North against workers for two regional railway networks this year, the spy agency said.

“The move was a step to prepare for cyber terror against the railway transport control system,” the agency said.

It did not elaborate on what it thought North Korea’s specific objective was in hacking into the system. An agency official reached by telephone declined to comment.

North Korea has been working for years to develop the ability to disrupt or destroy computer systems that control public services such as telecommunications and other utilities, according to a defector from the North.

The United States accused North Korea of a cyberattack against Sony Pictures in 2014 that led to the studio cancelling the release of a comedy based on the fictional assassination of the country’s leader, Kim Jong Un.

North Korea denied the accusation.

In 2013, South Korea blamed the North for crippling cyber-attacks that froze the computer systems of its banks and broadcasters for days.

New fears of attacks on South Korea’s computer systems came as South Korean and U.S. troops conducted large-scale military exercises which North Korea denounced as “nuclear war moves” and threatened to respond with an all-out military offensive.

(Reporting by Jack Kim and Ju-min Park; Editing by Robert Birsel)

National Guard may join cyber offense against Islamic State, Carter says

JOINT BASE LEWIS-MCCHORD, Washington (Reuters) – U.S. Defense Secretary Ash Carter said the National Guard’s cyber squadrons will play an increasingly important role in assessing the vulnerabilities of U.S. industrial infrastructure and could be asked to join the fight against Islamic State.

The National Guard – a reserve military force that resides in the states but can be mobilized for national needs – is a key part of the military’s larger effort to set up over 120 cyber squadrons to respond to cyber attacks and prevent them.

One such unit, the 262nd squadron, is a 101-person team that includes employees of Microsoft Corp and Alphabet Inc’s Google. The unit is “famous throughout the country” for several high profile vulnerability assessments, Carter said at the Joint Base Lewis-McChord in Tacoma, Washington late on Friday.

He told reporters the squadron was not currently engaging in offensive cyber missions but could be in the future.

“Units like this can also participate in offensive cyber operations of the kind that I have stressed we are conducting, and actually accelerating, in Iraq and Syria, to secure the prompt defeat of ISIL, which we need to do and will do,” Carter said. “We’re looking for ways to accelerate that, and cyber’s one of them.”

The 262nd squadron’s work includes a study last year on the control system used by Snohomish County Public Utility District in Washington state, which helped the utility strengthen its security, and a 2010 case in which the U.S. Air Force briefly lost contact with 50 Minuteman III intercontinental ballistic missiles.

The 2010 assessment cost about $20,000, much less than the $150,000 that a private sector company would likely charge, said Lieutenant Colonel Kenneth Borchers, deputy commander of the 252nd Cyber Operations Group, which oversees the 262nd squadron.

Borchers said the squadron is the only National Guard group that currently assesses industrial control systems, but it is now looking to train others. It is also studying the security of big weapons programs, such as the B-52 bomber.

Using National Guard units for such work made sense because it allowed the military to benefit from private sector cyber experts, Carter said.

“It brings in the high-tech sector in a very direct way to the mission of protecting the country,” he told reporters. “And we’re absolutely going to do more of it.”

(Reporting by Andrea Shalal, editing by Tiffany Wu)

U.S. waging cyber war on Islamic State, commandos active

WASHINGTON (Reuters) – The United States is waging cyber attacks against Islamic State in Syria and Iraq, and its newly deployed commandos are also carrying out secret missions on the ground, Pentagon leaders said on Monday, in the latest signs of quietly expanding U.S. activity.

U.S. Defense Secretary Ash Carter said the cyber attacks, particularly in Syria, were designed to prevent Islamic State from commanding its forces, and Washington was looking to accelerate the cyber war against the Sunni militant group.

“The methods we’re using are new. Some of them will be surprising,” Carter told a Pentagon news conference.

General Joseph Dunford, chairman of the U.S. military’s Joint Chiefs of Staff, said the cyber attacks were helping lay the groundwork for an eventual offensive operation to recapture the city of Mosul in Iraq from Islamic State.

Carter and Dunford, the Pentagon’s top civilian and uniformed officials, both suggested the attacks were aimed at overloading the militants’ networks. They declined to delve into specifics.

“We don’t want the enemy to know when, where and how we’re conducting cyber operations. We don’t want them to have information that will allow them to adapt over time,” Dunford said.

Dunford suggested Islamic State might not know why its computer networks were proving unreliable.

“They’re going to experience some friction that’s associated with us and some friction that’s just associated with the normal course of events in dealing in the information age. And frankly, we don’t want them to know the difference.”

U.S. COMMANDOS

The United States disclosed in January that a new, roughly 200-strong U.S. continent of special operations forces was “in place” in Iraq, poised to carry out raids against Islamic State and other secret missions, both in Iraq and in Syria.

Carter disclosed on Monday that the so-called “expeditionary targeting force,” or ETF, was already operating on the ground.

“The ETF is in position, it is having an effect and operating, and I expect it to be a very effective part of our acceleration campaign,” he said, without elaborating.

Its deployment represents increased U.S. military activity on the ground against Islamic State, exposing American forces to greater risk – something President Barack Obama has done only sparingly.

The force follows another deployment last year of up to 50 U.S. special operations troops in Syria to coordinate on the ground with U.S.-backed forces battling Islamic State.

The U.S. military disclosed last week that those U.S. forces helped opposition forces recapture the strategic Syrian town of al-Shadadi from Islamic State.

The Pentagon said recapturing the town helped sever links between Mosul in Iraq and Raqqa in Syria, the two major power centers in Islamic State’s self-declared caliphate.

More knowledge about the group’s operations is expected to be discovered, Carter said.

“As our partners take control of Shadadi, I believe we will learn a great deal more about ISIL’s criminal networks, its criminal enterprise and what it does to sustain them,” Carter said, using an acronym for the group.

(Reporting by Phil Stewart and David Alexander; Editing by Susan Heavey and Richard Chang)

Ukraine’s president sees increased risk of open war with Russia

BERLIN (Reuters) – The risk of open war between Russia and Ukraine is greater than it was a year ago and Russian President Vladimir Putin has begun an “information war” against Germany, Ukrainian President Petro Poroshenko told the German newspaper Bild.

Poroshenko, who met German Chancellor Angela Merkel in Berlin on Monday, said Russia had implemented “not one single point” of the Minsk accord, which includes a ceasefire between Ukrainian troops and pro-Russian rebels in eastern Ukraine.

Russia was building up its military presence on the border with Ukraine, he said.

“The danger of an open war is greater than last year,” Poroshenko told Bild, in an interview published in its Wednesday edition. “Russia is investing a great deal in war preparations.”

Merkel pressed Putin by phone on Tuesday to use his influence to ensure that a ceasefire is upheld in Ukraine and that monitors from the OSCE European security organization are granted free access to conflict areas, her spokesman said.

Berlin is growing increasingly suspicious that Russia is trying to stir up trouble in Germany to try to weaken Merkel, who has taken a tough line on a crisis that was triggered when Russia annexed Crimea in March 2014.

German officials say Moscow hopes to destabilize Europe and create a vacuum into which it can project its own power.

“Now Putin has opened an information war against Germany as well,” Poroshenko said.

German concerns about Moscow grew last month after Russian Foreign Minister Sergei Lavrov accused the German authorities of “sweeping problems under the rug” over an alleged rape case involving a German-Russian girl.

The case of the 13-year-old, named only as Lisa F., caused controversy after she told police that she had been kidnapped in east Berlin last month by migrants who raped her while she was held for 30 hours.

The Berlin public prosecutor’s office has since said a medical examination found she was not raped.

When asked if Russia had used the case to try to stir up tensions around immigration, Dmitry Peskov, a spokesman for the Kremlin, told reporters on Wednesday: “We cannot agree with such accusations.”

“On the contrary, we were keen that our position be understood, we were talking about a citizen of the Russian Federation,” he added. “Any country expresses its concerns (in such cases). It would be wrong to look for any hidden agenda.”

(Additional reporting by Vladimir Soldatkin in Moscow; Writing by Paul Carrel; Editing by Raissa Kasolowsky)

Hackers Stole Data On Every Federal Employee

The hack of government servers by a group of suspected Chinese hackers is significantly worse than initially reported.

The national president of the American Federation of Government Employees revealed that the hack released information for every federal employee to the unknown hackers.

“Based on the sketchy information OPM (Office of Personnel Management) has provided, we believe that the Central Personnel Data File was the targeted database, and that the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to one million former federal employees,” J. David Cox said in the letter dated Thursday.

The government had admitted the breach was the largest in government history and reached as many as four million employees.

Now Cox has revealed that the Social Security numbers, military records, addresses, birth dates, pay histories, health insurance and pension information of all government employees were at the mercy of the hackers.

The White House has refused to name China as the source of the hacking but several senators including Senator Harry Reid and Senator Susan Collins have said the attack came from China.

Chinese Hackers Suspected In Attack on Federal Government Systems

As many as four million employees could have their personal information compromised in what some U.S. officials have called “the biggest breach ever of the government’s computer networks.”

The Department of Homeland Security confirmed the breach saying that at the beginning of May hackers had violated the systems of the Office of Personnel Management (OPM) and the Interior Department.

“Protecting our Federal employee data from malicious cyber incidents is of the highest priority at OPM,” OPM Director Katherine Archuleta said in a statement. “We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted.”

Sen. Susan Collins told the Associated Press investigators believe the hack came from China.

Collins called the attack “yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances.”

The Department of Homeland Security’s (DHS) intrusion system detected the hack, although many files were copied before the system alerted officials.

“DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion,” A DHS statement read.

Hackers Could Bring Down Planes Using Wi-Fi

A shocking new report from the General Accounting Office (GAO) says that terrorist hackers could use the on-board Wi-Fi of an airplane to take control and bring it down.

The GAO report doesn’t suggest it would be easy for the hackers to bring down the places but that they could do it through the current Wi-Fi technology.  The report says the “worst case scenario” would be a terrorist on a plane with a laptop.  The terrorist could use the on-board Wi-Fi to take control of the plane from their seat.

Rep. Peter DeFazio (D-OR), a member of the House Transportation and Infrastructure committee said that the Federal Aviation Administration (FAA) needs to work quickly to solve this deficiency in airline security.

“According to cybersecurity experts we interviewed, Internet connectivity in the cabin should be considered a direct link between the aircraft and the outside world, which includes potential malicious actors,” the report states.

The report follows a separate GAO report that determined the FAA’s system for building planes was at “increased and unnecessary risk” for being hacked.

ISIS Hijacks Anti-ISIS Video Game

Islamic extremist group ISIS has released a modification for a video game that allows a player to be a terrorist killing westerners.

The modification is for a game created by Czech developers Bohemia Interactive called ARMA III which is a futuristic first-person shooter based in the year 2030.  The game allows NATO forces to fight against Middle Eastern terrorists.

The game modification is not an official release by the Czech developers and was introduced by a terrorist in an online forum.

“I will, with the help of Allah, make dozens of copies for this game and distribute it to all the brothers that use the name of the caliphate,” the terrorist wrote.

Terrorism analysts say the game is another attempt by the group to try and recruit youth to join their jihad.

A British man convicted of terrorism told Sky News that those games are also being used to “dehumanize” the young gamers and make them un-phased by graphic violence.

“You got an eight or nine-year-old child playing those kind of violent games with heads blowing off and limbs blowing off,” Shahid Butt said. “What kind of mentality is that kid going to have? You dehumanized that person. To go and fight in Syria is as easy as going on holiday in Disneyland. Because you have made it easy.”