U.S.

now browsing by tag

 
 

Computer #Hackers Are #Demanding #Money From #Cities, #States, And #Companies In The #U.S.

Computer hackers are getting more sophisticated. They are not afraid to hold cities, states, and companies’ hostage until they pay a ransom. Hackers are modern day tech pirates that disrupt computer programs and turn shareholders into anxiety-ridden puppets. Computer networks in Denver, Atlanta, and Baltimore, as well as a computer network of Boeing Airlines, are recent victims. Atlanta’s computers went down on March 22nd when a hacker locked important data behind an encrypted wall. The wall would stay in place, according to the hackers, until the city pays the hackers $51,000 in Bitcoins. Atlanta has a week to comply. If the city doesn’t pay, all that important data will vanish, according to the computer pirates. No one is sure if Atlanta paid the money, according to a Fox News report. But Mayor Keisha Lance Bottoms didn’t rule out payment.

The hacking group calls itself “SamSam.” SamSam is not new to the hacking world. The group pocketed more than $800,000 in 2017. The city of Leeds, Atlanta paid SamSam $12,000 in February 2018 to release their data. But Atlanta is not the only city that SamSam has in its hacking sights this month. Officials in Baltimore said their 911 dispatch system was under attack. The system was down for 17 hours recently to prove the hackers were serious. The hackers were able to get into the system after the city made an internal change to their firewall. But the Baltimore hackers didn’t ask for money, and that is concerning, according to Frank Johnson, Baltimore’s chief information officer.

Boeing, the world’s top aerospace company, is also under attack by the now famous WannaCry ransomware. WannaCry is the same ransomware that crippled Britain’s healthcare services in 2017. The Boeing attack is not as serious as the attack in Britain, according to Boeing’s head of communications Linda Mills. Mills also said the 777 jet program was not part of the hack. Mills said only a few company machines were under attack.

Denver also had a suspicious outage when denvergov.org and pocketgov.org, as well as other online services, suddenly stopped in March. Some city staffers lost access to their email account. Denver officials claim the shutdown was the work of a computer bug, but Colorado’s Department of Transportation was a SamSam victim in February. The hackers said the information would come back to them if Colorado paid in Bitcoins, according to a news report by Denver7.

advertisement:

The post Computer #Hackers Are #Demanding #Money From #Cities, #States, And #Companies In The #U.S. appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

The #Safety of U.S. #Data Could #Rest in #Georgia

Source: National Cyber Security News

At one point or another, much of the U.S.’s data passes through Georgia.

The state is a financial technology capital, with 70 percent of all payment transactions handled in Atlanta. And Georgia is a major internet access point for not only the Southeast but also the Caribbean and part of South America, says Stanton Gatewood, the state’s chief information security officer.

“We have a tremendous amount of information flowing through the state of Georgia,” he says.

But as more data is generated online, cybersecurity resources struggle to keep up. In 2017, the cybersecurity workforce gap was expected to hit 1.8 million people by 2022, a 20 percent increase since 2015. Sources say a shortage exists because cybersecurity is a relatively new academic field, so people haven’t had ample opportunity to undergo the proper training and gain necessary skills. “The crush of demand is coming at once, and academia can’t really keep up,” says Michael Farrell, co-executive director of the Georgia Institute of Technology’s Institute for Information Security & Privacy.

In the face of this issue, Georgia is working to become a cybersecurity hub, amassing an arsenal of initiatives. The U.S. Army Cyber Command is moving from Virginia to Fort Gordon army base, right next to Augusta, Georgia.

Read More….

advertisement:

View full post on National Cyber Security Ventures

Democrats #Seek $1 #Billion To #Boost #Cybersecurity For U.S. #Elections

Source: National Cyber Security News

Congressional Democrats introduced legislation on Wednesday that would provide more than $1 billion to boost cybersecurity of U.S. voting systems, and Vice President Mike Pence defended the administration’s efforts to protect polls from hackers.

The measure followed warnings on Tuesday from U.S. intelligence officials that midterm races in November are likely to see renewed meddling from Russia and possibly other foreign adversaries.

“We cannot let the Russians laugh about and take joy in the success they had in the last election,” Nancy Pelosi, the Democratic leader in the House of Representatives, told a news conference. “Their goal is to undermine democracy.”

Lawmakers have introduced several bills, some with bipartisan support, to bolster election security since the 2016 polls in which Republican Donald Trump was elected president. None have become law.

The new bill is the most comprehensive to date and is aimed at bolstering protection for the midterms and subsequent elections. It has no Republican co-sponsors in the House, which the party controls, and is therefore unlikely to succeed.

Pence, speaking at an event hosted by the online news site Axios, said Americans could trust the 2016 election results and that it was an “ongoing effort” of Trump’s administration to protect election infrastructure.

Read More….

advertisement:

View full post on National Cyber Security Ventures

NSA #hacking #code lifted from a #personal #computer in #U.S

Source: National Cyber Security – Produced By Gregory Evans

NSA #hacking #code lifted from a #personal #computer in #U.S

Moscow-based multinational cybersecurity firm Kaspersky Lab on October 25 said that it obtained suspected National Security Agency (NSA) hacking code from a personal computer in the U.S. During the review of file’s contents, a Kaspersky analyst discovered it contained the source code for a hacking tool later attributed to what it calls the Equation Group.

Kaspersky said it assumed the 2014 source code episode was connected to the NSA’s loss of files. The antivirus software-maker spokeswoman Sarah Kitsos was quoted saying as “we deleted the archive because we don’t need the source code to improve our protection technologies and because of concerns regarding the handling of classified materials”.

Another spokeswoman Yuliya Shlychkova told Reuters that removals of such uninfected material happen “extremely rarely.”

Meanwhile, Democratic Senator Jeanne Shaheen sent a letter to the Department of Homeland Security (DHS) acting Secretary Elaine Duke and Director of National Intelligence Dan Coats, urging the U.S. government to declassify information about Kaspersky products.

In October this year, the U.S. NSA contractor came under scanner, whose personal computer was equipped with Kaspersky anti-virus software and confidential details were shared with the Russian company. The unidentified NSA contractor had reportedly downloaded a cache of classified information from his workplace, even though he was aware of the consequences that moving such a classified and confidential data without approval is not only against NSA policy, but it also falls under criminal offence.

Kaspersky Lab repeatedly denied that it has any unethical ties to any government and said it would not help a government with cyber espionage or offensive cyber efforts. It also highlighted that more than 85% of its revenue comes from outside Russia. It maintains that it has no connection with Russian intelligence but it is registered with the Federal Security Service.

To restore people’s and government’s trust again, Kaspersky on October 23 allowed to have his company’s source code audited independently by internationally recognized independent authorities in the first quarter of 2018. As part of comprehensive transparency initiative, the firm plans to open three transparency centers across the U.S., Europe and Asia by 2020.

According to Wall Street Journal, it was reported earlier this month that hackers working for the Russian government appeared to have targeted an NSA worker by using Kaspersky software to identify classified files in 2015.

The New York Times reported on October 10 that Israeli officials reported the operation to the United States after they hacked into Kaspersky’s network.

Following allegations Russian hackers interfered in 2016 U.S. elections, the DHS had banned the Kaspersky Lab software in September 2017, citing concerns the company may be linked to the Kremlin and Russian spy agencies.

The post NSA #hacking #code lifted from a #personal #computer in #U.S appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers #targeting #NATO and #U.S. military #cyber-experts

Source: National Cyber Security – Produced By Gregory Evans

Hackers #targeting #NATO and #U.S. military #cyber-experts

Hackers backed by the military intelligence agency of Russia are apparently targeting security researchers with their latest campaign, which uses a document advertising a cybersecurity conference in Washington D.C. as the lure.

Security researchers are being sent a document titled ‘Conference_on_Cyber_Conflict.doc’, containing information about the upcoming 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.). While the conference is real, the document is not, reports ZD Net.

The real conference is being hosted by the US Army and NATO Cooperative Cyber Defence Centre of Excellence and will run from November 7 through 8 this year at the Ronald Reagan Building in Washington D.C. CyCon U.S. is a collaborative effort between the Army Cyber Institute at the United States Military Academy and the NATO Cooperative Cyber Defence Centre of Excellence.

APT28 or Fancy Bear linked to Russia
Over the weekend, security researchers at Cisco Talos revealed that an operation called Group 74, or APT28 aka Fancy Bear (that was also responsible for the DNC hack last year), has “weaponized” a real Word document titled “Conference_on_Cyber_Conflict.doc” with malware.

The hackers used a variant of a malware called Setuploader, commonly used in espionage. “This is clearly an attempt to exploit the credibility of Army Cyber Institute and NATO CCDCOE in order to target high-ranking officials and experts of cybersecurity,” said a CCDCOE spokesperson.

Setuploader has the ability to take screenshots, extract data, execute code and download additional fake files, and more, according to the researchers. This points to the hackers wanting to steal information with the goal of espionage. One thing is different about this particular document – It doesn’t contain an Office exploit or a zero-day.

Instead, it uses a malicious Visual Basic for Applications (VBA) macro, designed to run code within the selected application — in this case, Microsoft Word. This shows the extent that some groups will go to in extracting information from a particular group, in this case, cybersecurity experts.

The Sunday report comes just a few days after Proofpoint’s report had suggested APT28 was actively leveraging a security exploit that was patched by Adobe last week, in hopes of infecting as many targets in government departments and aerospace companies as it could before the breach was discovered.

 

The post Hackers #targeting #NATO and #U.S. military #cyber-experts appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers are #targeting schools, #U.S. Department of Education warns

Source: National Cyber Security – Produced By Gregory Evans

Hackers are #targeting schools, #U.S. Department of Education warns

When Superintendent Steve Bradshaw first received a threatening text message in mid-September, he didn’t know it was coming from a hacker trying to exploit his Montana school district.
But soon, students and other schools around Flathead County were receiving threatening messages, too. More than 30 schools in the district shutdown for three days.
“The messages weren’t pleasant messages,” Bradshaw said. “They were ‘splatter kids’ blood in the hallways,’ and things like that.”
The U.S. Department of Education is now warning teachers, parents, and K-12 education staff of a cyberthreat targeting school districts across the country.
So far, at least three states have been targeted by the extortion attempt from hackers asking schools to give them money or the group will release stolen private records, according to the department.

“In some cases, this has included threats of violence, shaming, or bullying the children unless payment is received,” the department wrote in an advisory this week.
Bradshaw, the superintendent of schools in Columbia Falls, Montana said a hacking group broke into multiple school servers and stole personal information on students and possibly staff. He said after the threatening messages came, hackers asked for ransom.
In a ransom note sent to a number of Columbia Falls school district members and released by the county’s sheriff’s department, the hacking group called the Dark Overlord threatened the district and demanded up to $150,000 in bitcoin to destroy the stolen private data.
The threatening letter talked about use of force, mentioned the name “Sandy Hook,” the elementary school in Connecticut where 20 small children and six adults were shot dead, and said victims would suffer financial and reputational damage.
Law enforcement said they did not believe the threats and determined the attackers were located outside of the U.S.
“We feel this is important to allow our community to understand that the threats were not real, and were simply a tactic used by the cyber extortionists to facilitate their demand for money,” the Flathead County Sheriff’s Office said in a Facebook post last month.
Bradshaw said the district is not paying the ransom, and he is still receiving threatening messages.

The same hackers also targeted the Johnson Community School District in Iowa earlier this month, and the district canceled all classes on October 3. According to local media reports, the hackers also sent threatening text messages to children and their parents.
The hacking group previously attempted to extort Netflix (NFLX, Tech30) after hacking its production studio, Larson Studios. The group released episodes of Orange is the New Black online last spring.
It’s unclear why the Dark Overlord began targeting schools but someone from the hacking group told the Daily Beast they are “escalating the intensity of our strategy in response to the FBI’s persistence in persuading clients away from us.”
The Department of Education says the hackers are probably targeting districts “with weak data security, or well-known vulnerabilities that enable the attackers to gain access to sensitive data.” It advises districts to conduct security audits and patch vulnerable systems, train staff on data security best practices, and review sensitive data to make sure no outside actors can access it.
According to Mary Kavaney, the chief operating officer of the Global Cyber Alliance, school environments often don’t have a lot of technology resources dedicated to security, but have some of the richest personal information on people, including social security numbers, birth dates, and, potentially, medical and financial information.
“If bad actors can access student [personal data], that information can be exploited for the purpose of fraud and committing crimes for years before it is detected,” Kavaney says. “It’s often only upon application for a job, or application for financial aid to attend college that students find out that their social security number has been used fraudulently — they may have poor credit due to false applications against their history, or worse, find that crime has been committed in their name.”
Bradshaw says the ordeal has been stressful and troubling. Because the district hasn’t paid the hackers, they’re still threatening to release the data online. But, he said, the response from law enforcement and the Flathead County community has been positive.
“We still got people in this country that believe in one another, and it’s been easier to get through than you would have thought,” Bradshaw said. “People care about people in this state.”

The post Hackers are #targeting schools, #U.S. Department of Education warns appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

China, U.S. Reaffirm Cybersecurity Consensus

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans China and the United States will continue to cooperate on cybersecurity issues as outlined in the 2015 consensus by the nations’ two presidents. Attorney General Jeff Sessions and Acting Secretary of Homeland Security Elaine Duke co-chaired the first U.S.-China Law Enforcement and Cybersecurity Dialogue (LECD) on […] View full post on AmIHackerProof.com | Can You Be Hacked?

Russian government hackers used antivirus software to steal U.S. cyber capabilities

Source: National Cyber Security – Produced By Gregory Evans

Russian government hackers lifted details of U.S. cyber capabilities from a National Security Agency employee who was running Russian antivirus software on his computer, according to several individuals familiar with the matter. The employee had taken classified material home to work on it on his computer, and his use of…

The post Russian government hackers used antivirus software to steal U.S. cyber capabilities appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Russian hacker wanted by U.S. tells court he worked for Putin’s party

Source: National Cyber Security – Produced By Gregory Evans

A Russian hacker arrested in Spain on a U.S. warrant said on Thursday he previously worked for President Vladimir Putin’s United Russia party and feared he would be tortured and killed if extradited, RIA news agency reported. Peter Levashov was arrested while on holiday in Barcelona in April. U.S. prosecutors…

The post Russian hacker wanted by U.S. tells court he worked for Putin’s party appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

U.S. asks China not to enforce cyber security law

Source: National Cyber Security – Produced By Gregory Evans

The United States has asked China not to implement its new cyber security law over concerns it could damage global trade in services, a U.S. document published by the World Trade Organization showed on Tuesday. China ushered in a tough new cyber security law in June, following years of fierce…

The post U.S. asks China not to enforce cyber security law appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures