Agency

now browsing by tag

 
 

Microsoft #adds #voice to #calls for #federal #cybersecurity #agency

Source: National Cyber Security News

Software giant Microsoft has added its voice to a growing chorus calling for the creation of a federal cybersecurity agency to coordinate the U.S. government’s response to nation-state and cyber criminal threats.

In a blog post on Monday, Microsoft’s Senior Director of Trustworthy Computing, Paul Nicholas, called on the U.S. and other nations to replace ad-hoc efforts to address cyber threats by creating a “single national cybersecurity agency” that will pull together key government functions related to information security and “ensure policies are prioritized across the nation.”

The recommendation, which Microsoft described in a whitepaper (PDF), comes amid increasing concern that events are overtaking governments, leaving the world vulnerable to catastrophes that may have their origins in activities that take place on the Internet. Speaking in Lisbon, Portugal on Monday, U.N. Secretary Antonio Guterres called for the creation of global rules that minimize the impact of electronic warfare on civilian populations.

“Episodes of cyber warfare between states already exist. What is worse is that there is no regulatory scheme for that type of warfare, it is not clear how the Geneva Convention or international humanitarian law applies to it,” Guterres said in the speech, which was given at the University of Lisbon, Reuters reported.

Read More….

advertisement:

View full post on National Cyber Security Ventures

Attackers #hijack #state agency #server for #malware

Source: National Cyber Security – Produced By Gregory Evans

Attackers #hijack #state agency #server for #malware

Cybercriminals are always upping their game. One of their latest gambits, a sophisticated phishing attack that involved hosting malware on at least one state’s government servers, shows that they may be outpacing the good guys.

The multistage targeted attack, discovered and announced last week by researchers at the Cisco Talos threat intelligence group, began with the bad actors creating a realistic-looking “spoof” email that purported to be from the Securities and Exchange Commission. This spear-phishing email was sent out to a number of government agencies in a highly targeted scheme, which the researchers deduce came from a motivated threat actor or group that continues to operate.

At the government agencies where the phishing emails succeeded, the online criminals were able to surreptitiously plant malicious code on government servers in at least one state, Louisiana, to create a “malware infection chain” likely to dupe other targets. Representatives from the state of Louisiana had no comment for this story.

According to Craig Williams, senior technical leader at Cisco Talos, this attack is similar to previous so-called DNSMessenger attacks, which have become more frequent this year, whereby sophisticated techniques are used to infect legitimate enterprise and government computer systems with viruses, ransomware, Trojans and other types of malware.

“We have threat hunting techniques specifically designed to detect DNSMessenger,” said Williams, describing how he and his team of researchers tracked this exploit and the infected state government server. “Once we examined the malware sample, that led us to the web server.” He added that it appeared only “a single server” was affected.

While the researchers appear to have exposed this attack before it could gain too much traction (and impact more government servers), the growing creativity and sophistication of both the phishing attacks and hackers’ ability to insert malware into a legitimate government enterprise servers underscores how much more crafty and talented cybercriminals are becoming, according to Williams. “By using ‘known good’ servers, attackers are hoping to go unnoticed,” he said. “No one would normally question someone connecting to a state of Louisiana public web server, for example.”

And the government sector is becoming an increasingly attractive target for such attacks. According to the 2017 U.S. State and Federal Government Cybersecurity Report, released in August 2017 by SecurityScorecard, government organizations received the lowest security scores across multiple sectors, including transportation, retail and healthcare. “It’s clear that cybersecurity incidents are not going anywhere and that government will continue to remain a target,” the report concluded. “But with technology propelling forward and hackers as motivated as ever, government agencies are struggling to put up effective cybersecurity defenses, and hackers are taking advantage.”

Williams agreed. “We will likely see the actors behind DNSMessenger continue to use any public server they can compromise,” he said. “It helps the actors hide their infrastructure and go undetected longer.”

The post Attackers #hijack #state agency #server for #malware appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

What does creating a cybersecurity agency mean for the EU?

Source: National Cyber Security – Produced By Gregory Evans

Last month, in his annual State of the Union Address, European Commission President Jean-Claude Juncker announced a new pan-European cybersecurity agency, a new European certification scheme to ensure the safety of digital products and services, and some other related cybercrime measures. With this significant announcement, the EU admitted that to…

The post What does creating a cybersecurity agency mean for the EU? appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Greece wants more money, top role for EU cyber security agency

Source: National Cyber Security – Produced By Gregory Evans

Greece wants the European Commission to give the Athens-based European Union Agency for Network and Information Security (ENISA) more money and the leading role in managing Europe’s cyber security issues as part of a legal overhaul next month. “We want ENISA to have a bigger role in cyber security and…

The post Greece wants more money, top role for EU cyber security agency appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Agency blames hackers over ‘F— Trump’ road sign in DC park

Source: National Cyber Security – Produced By Gregory Evans

Authorities are looking into the apparent hack of a road sign in Washington’s scenic Rock Creek Park that was emblazoned with a profane message Monday morning about President Trump. The electronic sign was supposed to inform drivers that a local road was closed for sewer work. Instead, all it said…

The post Agency blames hackers over ‘F— Trump’ road sign in DC park appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Woman sues international dating agency after string of bad matches

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ US woman Darlene Daggett had high hopes of finding her ideal partner when she took out a “CEO level” membership with an exclusive dating service. But the retired corporate spent US$150,000 (NZ$206,200) only to be sorely…

The post Woman sues international dating agency after string of bad matches appeared first on Become007.com.

View full post on Become007.com

Fed agency issues security alert on Siemens imaging systems

Source: National Cyber Security – Produced By Gregory Evans

The Department of Homeland Security and Siemens Healthineers have issued advisories detailing security vulnerabilities of four of the company’s diagnostic imaging systems. Even an attacker with a low skill level would be able to exploit the vulnerabilities, Siemens warns. The vulnerable systems are Windows 7-based versions of the following systems:…

The post Fed agency issues security alert on Siemens imaging systems appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Israel security chief: Agency strikes back at online hackers

Source: National Cyber Security – Produced By Gregory Evans

Israel’s security chief said Tuesday that the Shin Bet has gone on the offensive against hackers trying to carry out cyberattacks against Israel on the internet. The remarks by Nadav Argaman are a rare admission of Israel’s use of offensive cyber capabilities. Argaman comments were made at a cyber defense…

The post Israel security chief: Agency strikes back at online hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Muncie Cancer Agency Refuses To Pay Computer Hackers Ransom

Source: National Cyber Security – Produced By Gregory Evans

Muncie Cancer Agency Refuses To Pay Computer Hackers Ransom

(MUNCIE) – An Indiana cancer services agency says it will replace and rebuild its data after a computer hack demanding a ransom. Cancer Services of East Central Indiana-Little Red Door in Muncie says it was hacked January 11 and the …

The post Muncie Cancer Agency Refuses To Pay Computer Hackers Ransom appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers destroy computers at Saudi aviation agency

161201171452-saudi-arabia-hack-shamoon-780x439

Source: National Cyber Security – Produced By Gregory Evans

Hackers destroy computers at Saudi aviation agency

ackers destroyed computers at six important Saudi organizations two weeks ago, marking a reappearance of the most damaging cyberweapon the world has ever seen.
Last time, it was used to destroy 35,000 computers at the oil company Saudi Aramco. U.S.

The post Hackers destroy computers at Saudi aviation agency appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures