Category Archives: SECURITY

German manufacturers lose $50B to cyber attacks, SMBs at greatest risk

A quarter of German manufacturing companies reported losing sensitive mobile phone data, according to a Bitkom survey.

Two-thirds of German manufacturers have faced cyberattacks, racking up $50 billion in costs, according to a Bitkom survey released on Thursday. Acting as Europe’s largest economy, Germany has recently been a hot bed for cyber criminals.

Bitkom surveyed 503 managers and security chiefs from Germany’s entire manufacturing sector, determining SMBs—the economy’s main backbone—to be the most vulnerable to attacks, Reuters reported in a Thursday press release.

SEE: Cybersecurity strategy research: Common tactics, issues with implementation, and effectiveness (Tech Pro Research)

As one of the top exporters worldwide, Germany has been a long-time focus for hackers in competing economies. In fact, German security officials have been trying to shed light on cyberattack threats for a long time, said the release, warning government administrators about foreign spy agencies that may look to steal Germany’s manufacturing strategies.

“With its worldwide market leaders, German industry is particularly interesting for criminals,” Bitkom head Achim Berg said in a statement, reported Reuters. With such a dominate manufacturing economy, German companies needed to take cybersecurity seriously, said the release.

A third of German companies also reported mobile phones being stolen, and a quarter of companies admitted losing sensitive digital data in the process, said the release. Additionally, 19% of companies reported their IT and production systems had been compromised, and 11% said their communication systems were tapped, added the release.

Check out this TechRepublic article for tips on how to improve your organization’s cybersecurity.

The big takeaways for tech leaders:

  • Two-thirds of German manufacturers lost $50 billion to cyberattacks. — Bitkom, 2018.
  • A third of German companies said their mobile phones had been stolen, and a quarter reported losing sensitive data. — Bitkom, 2018.

Also see

RELATED TOPICS & LINKS BELOW

www.crimefiles.net

www.ozrural.com.au

www.sunblestproducts.com

www.scamsfakes.com

www.auctiontraders.net

Henry Sapiecha

How Mr.Google has kept 85K of their employees from getting phished since 2017

Physical security keys in place of passwords have proven effective for Google and other large sites.

Google has successfully kept more than 85,000 employees from getting phished on their work-related accounts since way back to 2017. According to reporting from KrebsOnSecurity, physical security keys are to thank for these successes.

Security keys are physical USB-based devices that can be used as an alternative to the standard two-factor authentication (2FA) process.

SEE: Information security policy (Tech Pro Research)

A 2FA process is meant to ensure that if a thief steals a user’s password, they aren’t able to access the user’s account because they don’t have an additional factor (e.g., the user’s mobile device) needed to complete the login process.

The security key process proves more secure. According to the report, security keys function on a multi-factor authentication known as Universal 2nd Factor (U2F). The key allows the user to log in by inserting the USB device and pushing a button on the device, which means that without the physical key, a malicious actor cannot successfully log in as the employee. This doesn’t mean that Google employees haven’t possibly clicked on a malicious link in an email, for example, but that the phishing attempt didn’t successfully exfiltrate any company data.

In addition to Google, many other high-profile sites including Facebook, GitHub, and Dropbox are supporting similar U2F processes, according to the report. U2F is currently supported by Google Chrome, Mozilla Firefox, and Opera. However, the report noted that U2F is not enabled by default in Firefox.

SEE: Phishing attacks: A guide for IT pros (free PDF) (TechRepublic)

Software giants Microsoft and Apple have yet to roll out support for U2F browsers, but Microsoft said its upcoming Edge browser will support U2F later this year, according to the KrebsOnSecurity report. Apple hasn’t announced any plans yet on whether or not its standard Safari browser will support U2F.

Until a U2F system is commonplace and supported by all sites, users can protect themselves from phishing attacks by following these 10 tips from TechRepublic’s Brien Posey.

The big takeaways for tech leaders:

  • Google successfully protected its 85,000 employees from getting phished on their work accounts by utilizing physical security keys as part of a 2FA strategy.
  • U2F processes could become commonplace within the next few years as large companies are beginning to adopt the security measure that U2F processes offer.

www.scamsfakes.com

Henry Sapiecha

Australians need to think about doing this immediately to protect their heath data records

A NEW system of digitised, comprehensive medical records for everyone in this country is set to come into effect shortly but Australians are being warned about potential privacy and security issues.

The Federal Government’s new My Health Record system will create a personal medical history file for every Australian.

People’s medical records will be stored on a national database under the scheme, to be viewed by patients, doctors and other medical staff at any time. That is, unless you opt out – which you can do for a three-month period beginning today.

The scheme has been a long time in the making and medical professionals are quick to point out the potential benefits to patient care they say it will provide. However advocacy groups such as Digital Rights Watch have expressed concerns about the security of the My Health Record initiative, and are urging everyone to opt out.

“No guarantees have being given that individual citizen’s personal information will be kept safe and secure,” Digital Rights Watch chairman Tim Singleton Norton warned.

“Health information is incredibly attractive to scammers and criminal groups.

“There are also concerns of the current or future access being granted to private companies.”

Australian Medical Association (AMA) president Dr Tony Bartone says the system will move the industry from a “prehistoric” way of information sharing and collate data that is already in the hands of the medical industry, albeit not linked or even digitised.

“It will bring data presently located in many different sections of the health system … and attempt to bring it into an online repository in the one spot,” he told news.com.au. “Your health data is already in various portals. What isn’t there yet is this online, connected repository … that will facilitate a communication data storage revolution.”

The system has been styled on similar efforts by other countries and has been many years in the making.

“The journey has been a torturous one,” Dr Bartone said. “This is the end result of many, many years of collaboration and reviewing what has been done in a lot of other parts of the world.”

The data will be available on demand to a raft or medical professionals who work in healthcare – around12,800 health organisations and up to 900,000 health workers.

The opt-out period begins today and ends on October 15.

The service does give individuals a level of control over how the information is used. A PIN can be placed on individual patient summaries that are uploaded to a file, however that can be broken in emergency situations using an override function.

“Access is predicated by your allowance, or your permission, to view that record,” Dr Bartone said.

“The important thing that has to happen over the next three months is not so much that you opt out but understanding if you don’t opt out, how to manage your profile … you can block, you can hide pieces or entire chapters of your health file.”

For those concerned about misuse, patients can set up alerts to monitor who is accessing the data and see where the information is being used.

Police will also be able gain access to the information under certain circumstances, including, but not limited to, if there is reasonable belief it could be helpful in the prevention or detection of a crime or to protect government revenue.

Health insurance companies will not have any access to the My Health Record of patients. “Insurance companies have got Buckley’s to no chance of being able to use the system,” Dr Bartone said.

“They’ve been specifically prohibited and the legislation will not change in that respect. I can’t imagine a situation where our elected officials would allow that to happen.”

Accessing a record without authorisation can result in prison time and up to $126,000 in fines.

But with a significant portion of data breaches in Australia occurring in the healthcare sector (roughly a quarter of those reported) and the Government’s past failures in securing certain confidential health data, many commentators are worried about the potential risk to patients of having their health data accessed.

The Government’s Australian Digital Health Agency responsible for the scheme has played down the security concerns touting the fact that patients can control who has access to their file.

But in an interview with Fairfax, the agency’s Dr Steve Hambleton said he couldn’t rule out the possibility of security breaches occurring on the platform – something which cyber security experts have labelled as an inevitability, particularly given the coveted nature of health data among criminals and fraudsters.

Freelance technology journalist Ben Grubb, who often writes about data security, is among those who have decided to opt out.

“My decision to opt out comes after consulting several healthcare professionals, privacy and computer security experts, the Government, and patients who stand to benefit from having a record,” he wrote.

“I concluded that any benefit I would personally get from having a digital record would be negligible compared to the risks of it being accessed by unauthorised parties.”

But despite privacy and security concerns, doctors are saying the new system will improve emergency treatment and help save many lives.

The National Rural Health Alliance said My Health Record would save lives in regional Australia, and urged people not to opt out.

“If you live outside a major city, you have far less access to health services, and are more likely to delay getting much needed medical treatment. That means you’re more likely to end up being hospitalised,” National Rural Health Alliance CEO Mark Diamond said in a statement.

“A My Health Record means that all your important health information is at the fingertips of your doctor, nurse or surgeon.”

The opt-out period begins today, ending on October 15. By the end of the year, every Australian who has not opted out will have a My Health Record created for them.

HOW TO OPT OUT

If you don’t want a digital file containing your health records, you will need to click the ‘Opt out now’ button on the opt-out page of the Government’s My Health Record website.

You will need your Medicare card and driver’s licence to verify your identity, and provide personal details such as your name and date of birth.

Once you have completed the opt-out process, you cannot cancel your request. However, if you decide later that you would like a My Health Record, you can create one at any time.

RELATED LINKS

www.scamsfakes.com

www.crimefiles.net

www.newcures.info

www.money-au.com

Henry Sapiecha

The Many Tactics Used By The Secret Service 2 VIDEOS

VIDEOS SHOW THE SECRET SERVICE AT WORK IN THE USA

PRESIDENTS-WEAPONS-COUNTERFEITING & MORE

USA SECRET SERVICE HAS SECRET PROTECTION TACTICS

Henry Sapiecha

Facial recognition powering forward.Is it going too far too fast?

“We watch over you. Every single one of you,” says big brother

This ensures a “safe and secure environment”, the narrator adds.

These aren’t lines from a dystopian novel, but rather a video advertisement boasting about tech giant NEC’s advanced, real-time facial-recognition technology capabilities, being shown to an audience at its recent iEXPO2017 conference in Tokyo, Japan.

Already facial-recognition technology is being used at Crown Casino in Melbourne to identify VIPs and banned players & people. Australian state and federal policing agencies are also embracing it, with South Australia Police using it to ID criminals and in search of missing persons.

The state also plans to use it to compliment its existing CCTV network “by extracting faces in real-time and instantaneously matching them against a watch list of individuals”, according to its former police minister, Peter Malinauskas. Already police there have access to Adelaide Oval’s 400 CCTV cameras, granted in time for the Ashes cricket series.

Meanwhile, the Northern Territory Police Force is employing facial-recognition technology for not only identifying people who have stolen goods or unlawfully trespassed but also to identify unconscious people admitted to hospitals and those who suffer from Alzheimer’s.

Also banking icon Westpac is making use of it, combining it with artificial intelligence in order to identify the mood of staff so that managers can intervene if necessary.

Shopping Centres Westfield uses it too, to estimate the age, gender and mood of shoppers in its malls. But it says it can only “find & read” faces, not “recognise” them.

Now the Australian federal government is experimenting with it, to catch not only terrorists but other people as well. Through its National Facial Biometric Matching Capability, known as “The Capability”, law-enforcement agencies will soon be able to share more easily identity photographs they have in possession.

In October, state and territory governments agreed to hand over to the federal government access to driver’s licence photographs, allowing for much easier www.intelagencies inter-agency sharing. In The Capability, these will be added to a searchable collection of passport and visa photographs.

While the majority of people initially took the initiative to mean that the federal government would in real-time be able to track any person entering sports arenas and malls, this won’t be part of The Capability – at least for the moment. The current plan is to use it in a retrospective capacity, for looking back over CCTV to ID suspects.

This is not the case in the Russian Republic though, which recently announced that it was adding facial-recognition technology to its network of 170,000 surveillance cameras in a move to identify criminals in real-time. While only select districts will have the technology installed, a recent two-month trial already resulted in six wanted people being identified from a federal “wanted” list and detained, Bloomberg News reported.

China too has been working on a facial-recognition system since 2015 to identify any member of its 1.3 billion citizens in 3 seconds but has been confronting a few technical issues.

NEC’s “NeoFace” technology can identify a person from a database of almost 2 million people in 0.3 seconds. In one independent test, it displayed a matching accuracy of 99.2 per cent. NeoFace measures the distance between the eyes, the width of the nose, depth of the eye sockets, shape of the cheekbones, and length of the jawline in order to make a positive match.

Not only can NEC’s facial-recognition technology recognise faces – it can also see which direction your eyes are looking at and whether your facial expression mood is sad or happy.

“We are proving a technology that can be used in so many different ways,” NEC Australia chief operation officer Mike Barber said in an interview. “It’s not up for us to decide how that’s to be utilized.”

“This technology is not all about watching people,” he added.

“It’s got so many other applications. We don’t [yet] know what all those applications are.”

While it was “introducing moral, ethical, and social aspects”, safety was top of the list, he stated.

“From my point of view, [when] you start looking at safety versus let’s not have any of this, then what would the general population really need?” he said

Facial-recognition technology doesn’t always work accurately though, as was discovered by London’s Met Cop squad recently, where civil liberties and human rights group Liberty’s senior advocate officer Silkie Carlo observed its use at London’s Notting Hill Carnival in August of 2017.

According to Carlo, it couldn’t tell the difference between a young woman and a balding man and falsely matched 35 people, five of which were pursued with interventions, meaning innocent members of the public were stopped who had, police later discovered, been falsely identified.

“What does real-time facial recognition mean for our rights?” Carlo asked.

“What are the risks? Does it have a place in a democracy at all?

“The answer is no. It is the stuff of dystopian literature for a reason.”

She added that the prospect of biometric checkpoints “overshadowing” public spaces was “plainly unacceptable and frankly frightening”.

“Like GPS surveillance, if facial recognition were rolled out across the country, the state would potentially have a biometric record of who goes where, when and with whom,” Carlo said.

“The technology isn’t there yet … but the risk to our freedom posed … is current and real.”

Tender documents reveal technology companies NEC, Daon, Cognitec and Unisys are regular suppliers of facial-recognition technology to the Australian Federal Police, Australian Crime Commission, Department of Immigration and Border Protection, and Department of Foreign Affairs and Trade. Contracts in the multi-millions have been awarded.

“The AFP confirms it utilises third-party facial recognition software,” an AFP spokesperson said. “Although the products are commercial off the shelf, we would not discuss the specific detail of the operational implementation of the capability, as that transgresses into security and law enforcement methodology.”

Meanwhile, the Department of Immigration and Border Protection, now housed within the newly formed Department of Home Affairs, said it used NEC’s NeoFace technology in its departures SmartGates, which are located at all Australian international airports.

The author travelled iEXPO2017 in Tokyo as a guest of NEC.

Henry Sapiecha

Intel: We’ve found severe bugs in secretive Management Engine, affecting millions

An attacker can use Intel’s flaws to run malware that’s invisible to the operating system.

 Intel’s self-learning AI chip aimed at autonomous machines

Thanks to an investigation by third-party researchers into Intel’s hidden firmware in certain chips, Intel decided to audit its firmware and on Monday confirmed it had found 11 severe bugs that affect millions of computers and servers.

The flaws affect Management Engine (ME), Trusted Execution Engine (TXE), and Server Platform Services (SPS).

Intel discovered the bugs after Maxim Goryachy and Mark Ermolov from security firm Positive Technologies found a critical vulnerability in the ME firmware that Intel now says would allow an attacker with local access to execute arbitrary code.

The researchers in August published details about a secret avenue that the US government can use to disable ME, which is not available to the public.

Intel ME has been a source of concern for security-minded users, in part because only Intel can inspect the firmware, yet many researchers suspected the powerful subsystem had bugs that were ripe for abuse by attackers.

Goryachy and Ermolov will present their research on an ME flaw at Blackhat in December, detailing how an attacker can run unsigned code in the microprocessor and remain invisible to the main CPU and any anti-malware software.

ME runs on its own microprocessor and, as a Google engineer recently revealed, a modified version of the MINIX operating system.

Google was so afraid of UEFI and Intel ME that it created NERF, or the Non-Extensible Reduced Firmware, which it uses to manage Chromebooks. NERF runs on a Linux kernel rather than MINIX and removes ME’s web server and IP stack, key EUFI drivers, and neuters the ability for ME and EUFI to self-reflash the firmware.

The ME engine supports Intel’s Active Management Technology (AMT), which allows admins to remotely manage and fix devices.

A flaw discovered this May in AMT, which affected chips from 2008, highlighted another problem: patching it required an ME firmware update on machines that hardware vendors had stopped supporting. Only enterprise machines with vPro were affected, but the bug prompted EFF’s demands for Intel to provide a way to disable ME.

Similarly, patching machines will depend on OEMs pushing Intel’s fixes to devices. So far, Intel only lists Lenovo as having fixes available.

To help users address the current batch of bugs, Intel has released a detection tool for Windows and Linux systems, which displays a risk assessment of the system. Intel says the bugs may affect PCs, servers, and IoT platforms.

The bugs affect systems using Intel’s 6th, 7th, and 8th Generation Core CPUs, a range of Xeon processors, as well the Apollo Lab Atom E3900 series, Apollo Lake Pentium, and Celeron N and J series chips.

Intel says the flaws would allow an attacker to “Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity”.

The attacker could also load and execute arbitrary code that would be invisible to the user and operating system.

The highest severity issue was the flaw discovered by Goryachy and Ermolov, which concerned multiple buffer overflows in the ME’s kernel. Intel’s audit found several other high-severity buffer overflows in AMT in the ME firmware, TXE, and SPS.

One of the flaws it found would allow a remote attacker to execute arbitrary code if they had Admin access.

Intel unveils the 8th Gen Intel Core processor family and launches the first of the family on Monday, Aug. 21, 2017. The 8th Gen Intel Core processors are designed for what’s next and deliver up to 40% gen over gen performance boost. (Credit: Intel Corporation)

The bugs affect systems using Intel’s 6th, 7th, and 8th Generation Core CPUs, and a range of Xeon Celeron processors, among others. Image: Intel

Previous and related coverage

Researchers say Intel’s Management Engine feature can be switched off

Updated: Researchers have shown how Intel’s all-powerful Management Engine in its CPUs could be disabled.

MINIX: Intel’s hidden in-chip operating system

Buried deep inside your computer’s Intel chip is the MINIX operating system and a software stack, which includes networking and a web server. It’s slow, hard to get at, and insecure as insecure can be.

Shore up your defenses: Budget extra for an IT audit in 2018 [Tech Pro Research]

With the odds of a data breach on the rise, companies should consider increasing their IT audit budget for 2018. Auditors can spot and help remedy security holes that may have been overlooked.

Read more about Intel and security

Henry Sapiecha

Australia likely to get its own GDPR

Everyone in the Australian cybersecurity ecosystem has a role to play to ensure the security of the nation, according to Nationals Senator Bridget McKenzie.

The mandatory data breach notifications laws coming into effect in Australia next year will be followed by other laws to ensure everyone in the digital ecosystem — including government divisions, large corporates, small to medium-size enterprises (SMEs), and consumers — are playing their role in keeping Australia “cyber secure”, according to Senator Bridget McKenzie.

McKenzie, who is the chair of the Foreign Affairs, Defence, and Trade Legislation Committee, likened cyber breaches to the “system of disease in the pre-industrial revolution that just swept through”.

“Cyber breaches have the capacity to wipe out industries, wipe out systems, wipe out communities, if every member of that community or that cyber ecosystem isn’t following best practice when it comes to keeping their information secure,” McKenzie told ZDNet at the Australian Computer Society’s Reimagination Thought Leaders’ Summit.

“It’s not just defence’s job or ASIO’s or DSTO’s or the government’s indeed, but every SME and private homeowner needs to have an eye for cybersecurity, making sure their data’s safe.”

McKenzie said mandatory data breach notifications laws, set to come into effect next year, is a step towards keeping organisations alert and accountable, with other laws expected to be introduced in Australia in the upcoming years, possibly similar to those coming into effect next year in the European Union.

The European Union’s (EU) General Data Protection Regulation (GDPR) will require organisations around the world that hold data belonging to individuals from within the EU to provide a high level of protection and explicitly know where every piece of data is stored.

Organisations that fail to comply with the regulation requirements could be fined up to €20 million, or, in the case of an undertaking, up to 4 percent of the total worldwide annual turnover of the preceding financial year — whichever is higher.

“No longer can you say, ‘Oh I’ll leave it to someone else because the flow-on effects, the interconnectedness, the Internet of Things, is such that if one member of that web, if you like, has a security breach, it has flow-on effects for everybody involved,” McKenzie said.

Additionally, Australians need to have the confidence that they can share private information such as their health details and not have it end up in the public sphere, otherwise the nation will not be able to experience the full benefits of technology, McKenzie said.

Shadow Minister for the Digital Economy Ed Husic said, however, that the government has a long way to go in building that confidence, given 50,000 Australians have been affected by a government data breach that occurred in October. He noted that the breach was not a technological error, but a human error.

“How do we build consumer or citizen confidence about protection of privacy?” Husic said. “50,000 people were affected by a data breach across government, releasing details of passwords and credit cards. It’s not all tech related … people often blame tech for this. It’s people and the way that they use data and it’ll be interesting to see the details that come out on this in the next few days.”

“This data breach occurred back in October, no public explanation of it, no detail about what was known, what was being done to fix it. If we want people to be confident that data is being used well by government, then the government’s got a long way to go to build that confidence.”

Husic added that the government needs to lead by example; it should be notifying the public about data breaches if it wants businesses to do the same.

“[The government’s] got to do some things itself. And you can’t lecture business about getting focused on cybersecurity if you’re losing your own moral authority … because you’re not looking after data within your own batch,” he said.

McKenzie believes in Australia’s growing status as a cybersecurity hub, saying that the nation is equipped with the right expertise in this area. She added that Australia is in the process of creating a strong cybersecurity industry capable of exporting.

“Our law enforcement and intelligence agencies are world-class. We’re also part of Five Eyes, which means we have a lot of access to information and technology and collaboration opportunities,” she said. “We lead the world in quantum computing … and it [has the] potential to contribute further to security of data and security of communications particularly in the intelligence and defence spheres.

“We’ve really got some technical expertise, but also I think a richness around governance frameworks and excellence in regulatory frameworks that can also assist other governments and other organisations worldwide to understand best practices in the area.”

In September, Ambassador for Cyber Affairs Dr Tobias Feakin communicated a similar sentiment, saying Australia has an international standing in cybersecurity, and brings “key qualities” to the table.

Australia has also played a role in the creation of international peacetime norms for cyberspace, including chairing the first United Nations Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (UN GGE) in 2013, and helping develop the 11 international norms agreed to in subsequent UN GGE meetings.

“We have regional knowledge beyond most. We have a trusted diplomatic brand, and that’s something that we intend to capitalise on. We have strategic and economic interests in the region. And we have long-standing development partnerships across the region already,” Feakin said at the second annual SINET61 conference in Sydney.

“We need to capitalise on those, make the most of them. Not just for us as a government, [and] for regional partners as well, but also for our private sector … We see this issue as central to our economic future,” he said.

“It’s only this year that it’s just reached the point, of tipping over, to 50 percent of all internet users living in the Asia-Pacific. But really, still, there’s huge economic growth to unravel there, because still 60 percent of all households don’t have internet coverage.”

Last month, launching the International Cyber Engagement Strategy, Foreign Minister Julie Bishop said that for the purpose of national security, cyberspace cannot be an ungoverned space.

“Just as we have international rules that guide how states behave, and how states should behave towards each other, the international rules-based order that’s been in place for about 70 years, so too must states acknowledge that activities in cyberspace are governed by the same set of rules as military and security activities in traditional domains,” Bishop said in October.

“The 2016 US presidential election focused the world’s attention on the potential for cyber operations to interfere with democratic processes. This cannot be allowed to continue. It strikes at the very heart of the sovereignty of nations.”

According to the International Cyber Engagement Strategy, Australia will develop an international “architecture for cooperation” including mechanisms to respond to unacceptable behaviour in cyberspace in a timely manner.

“Australia’s responses to malicious cyber activity could comprise law enforcement or diplomatic, economic, or military measures as appropriate for the circumstances. This could include, but is not restricted to, offensive cyber capabilities that disrupt, deny, or degrade the computers or computer networks of adversaries,” the strategy states.

The strategy also implies that the nation has the capability to identify the source of cyber attacks.

“Depending on the seriousness and nature of an incident, Australia has the capability to attribute malicious cyber activity in a timely manner to several levels of granularity — ranging from the broad category of adversary through to specific states and individuals,” the strategy states.

In September, the federal government pledged AU$50 million over seven years for the cybersecurity cooperative research centre (CRC), with over AU$89 million in further funding to come from 25 industry, research, and government partners.

The cybersecurity CRC will deliver solutions to increase the security of critical infrastructure, the government said at the time, which includes “frameworks, products, and approaches that will service existing and future ICT enterprises across a broad range of platforms and operating systems”.

Assistant Minister for Industry, Innovation and Science Craig Laundy said the activities of the cybersecurity CRC will contribute to the objectives laid out in Australia’s AU$240 million Cyber Security Strategy, which is aimed at defending the nation’s cyber networks from organised criminals and state-sponsored attackers.

Related Coverage

Just one day after its release, iOS 11.1 hacked by security researchers

The bugs were found in Apple’s Safari web browser.

With a physical key, Google says it can protect you from nation-state hackers

When two-factor doesn’t cut it against the most sophisticated adversary, Google thinks it has an answer.

IoT security: Keeping users on their toes means staying on yours

IoT has introduced new vulnerabilities that can put your network at risk. Providing users with ongoing security training — and examples that relate to their work — will help keep your data safe.

Hacking group targets banks with stealthy trojan malware campaign

Stolen credentials are used to launch attacks which include the ability to stream live video of the screens of infected users.

This destructive wiper ransomware was used to hide a stealthy hacking campaign

“ONI” ransomware deployed on hundreds of machines in an effort by attackers to cover tracks of “Night of the Devil” campaign — which exploited leaked-NSA exploits.

www.scamsfakes.com

www.crimefiles.net

Henry Sapiecha

ASIO restructuring strategy and resources in the face of cyber threat

The country’s intelligence agency has aligned its resources to focus on the growing threat of cyber espionage targeting ‘a range’ of Australian interests.

In the wake of accusations from United States intelligence agencies that Russia hacked into Democratic Party emails, thus helping Donald Trump to election victory last year, a report from Australia’s intelligence agency said the country’s national security resources are focused on preventing foreign threat actors from “targeting a range of Australian interests”.

In its 2016-17 Annual Report [PDF], the Australian Security Intelligence Organisation (ASIO) explained that Australia continued to be a target of espionage and foreign interference, noting in particular that foreign intelligence services sought access to privileged and/or classified information on Australia’s alliances and partnerships; the country’s position on international diplomatic, economic, and military issues; as well as energy and mineral resources, and innovations in science and technology-related fields.

ASIO called the threat from espionage and foreign interference to Australian interests “extensive, unrelenting, and increasingly sophisticated”.

“Foreign intelligence services are targeting a range of Australian interests, including clandestine acquisition of intellectual property, science and technology, and commercially sensitive information,” the report explains.

“Foreign intelligence services are also using a wider range of techniques to obtain intelligence and clandestinely interfere in Australia’s affairs, notably including covert influence operations in addition to the tried and tested human-enabled collection, technical collection, and exploitation of the internet and information technology.”

During the reported period, ASIO said it identified foreign powers clandestinely seeking to shape the opinions of members of the Australian public, media organisations, and government officials, motivated by the appeal of “advancing their country’s own political objectives”.

As highlighted by ASIO, rapid technological change continued to provide people who are engaging in activities that threaten Australia’s security with new tools to conceal their activities from security and law enforcement agencies. In particular, ASIO said the use of encrypted communications by security intelligence targets was — and still is — an area of particular concern.

“Australia continues to be a target of espionage through cyber means; the cyber threat is persistent, sophisticated, and not limited by geography,” ASIO warned.

“Increasingly, foreign states have acquired, or are in the process of acquiring, cyber espionage capabilities designed to satisfy strategic, operational, and commercial intelligence requirements.”

Watching carefully the area of investment flows, ASIO said that while Australia’s open and transparent economy, which invites foreign investment, is a welcome and important contributor to Australia’s national wealth, it is not without national security risks.

“For example, foreign intelligence services are interested in accessing bulk data sets and privileged public or private sector information, including Australian intellectual property. Developing and implementing effective mitigation strategies for these issues is critical to reducing the threat to an acceptable level,” the report says.

Another emerging issue of potential national security concern to ASIO is the lack of diversity of ownership within certain infrastructure sectors.

The agency also said that the number of cybersecurity incidents either detected or reported within Australia represents a fraction of the total threat the country legitimately faces.

While technology provided security and law enforcement agencies with new opportunities to identify activities of security concern, ASIO said building and maintaining technical collection capabilities to stay ahead of the threats proved to be resource intensive.

“Transforming existing agency information and communications technology infrastructure to effectively exploit new capabilities, manage the large volume and variety of data available, and to be adapted easily to new technologies is a major challenge, and one that will require significant, ongoing investment,” the agency wrote.

“In addition to technological challenges in the operating environment, we faced heightened threats to our staff, facilities, and information.”

ASIO said such challenges required the diversion of resources to “ensure the security and effectiveness” of the agency’s operations.

Throughout the period, ASIO said it worked closely with Australia’s national security partner agencies, which included work to progress shared national security objectives through joint agency bodies such as the federal, state, and territory Joint Counter Terrorism Teams (JCTT), the National Threat Assessment Centre (NTAC), the Jihadist Network Mapping and Targeting Unit, and the Australian Cyber Security Centre (ACSC).

Similarly, work with international peers was maintained with over 350 partner agencies in 130 countries, ASIO explained.

The intelligence agency specifically worked with counter-terrorism prosecution in New South Wales, Victoria, and Queensland, providing assistance and evidence on telecommunications intercepts, physical surveillance, listening, and tracking devices.

“In 2016-17, we continued to work closely with telecommunications companies regarding the security risks associated with the use of certain companies in their supply chains and risks arising from foreign ownership arrangements,” the report says.

“We provided sensitive briefings to the Australian government and the telecommunications sector to outline the threat and, where possible, recommended appropriate mitigation measures.”

ASIO said that through its work with ACSC, it regularly observed cyber espionage activity targeting Australia.

“Foreign state-sponsored adversaries targeted the networks of the Australian government, industry, and individuals to gain access to information and progress other intelligence objectives,” the agency wrote.

“ASIO provided support to the ACSC’s investigations of these harmful activities as well as the centre’s work to remediate compromised systems. The number of countries pursuing cyber espionage programs is expected to increase … as technology evolves, there will be an increase in the sophistication and complexity of attacks.”

It isn’t just foreign threats on ASIO’s radar, with the agency noting it remained alert to, and investigated threats from, malicious insiders.

“Those trusted employees and contractors who deliberately breach their duty to maintain the security of privileged information,” ASIO explained. “These investigations continued to be complex, resource-intensive, and highly sensitive.”

In-house, ASIO said it also worked to build an enterprise technology program to enable the agency to “excel in using technology and data” to achieve its purpose.

“Given the increasing opportunities and challenges brought about by rapid advances in technology, it is imperative that ASIO is a ‘data-enabled organisation’, connected to its partners, accountable to the people, innovative in its approach, and sustainable for the long term,” the report says.

From July 2018, Australia’s new Home Affairs ministry will be responsible for ASIO, Australian Federal Police, Border Force, Australian Criminal Intelligence Commission, Austrac, and the office of transport security. It will see Attorney-General George Brandis hand over some national security responsibility to Minister for Immigration and Border Protection Peter Dutton.

Of the ministerial changes and the recommendations of the 2017 Independent Intelligence Review, ASIO Director-General of Security Duncan Lewis said he believes the new measures will play an important role in strengthening the agency’s strategic direction, effectiveness, and coordination of Australia’s national security and intelligence efforts, at a time when “the nation is facing complex, long-term threats” to its security.

Henry Sapiecha

USA Air Force’s Mini Crypto Chip Keeps Data Out Of Enemy Hands

When Airmen are active in the field, securing a line of communication is essential to keep sensitive intelligence away from enemy forces. To help navigate this digital world, the U.S. Air Force has created the new Mini Crypto chip to fortify communications and data between military systems.

“We think (Mini Crypto chip) will really help forward-deployed warfighters secure sensors, or communications devices, in areas where risk of interception is high, and still protect sensitive data, without burdening folks on the front lines with extra equipment or steps to safeguard the encryption device,” says Heidi Beason, the Mini Crypto program manager at the Air Force Life Cycle Management Center, Cryptologic and Cyber System Division, Joint Base-San Antonio, Texas.

At its core, the chip is an independent encryption engine that is small, lightweight, and creates its own session-based “key.” It has a power requirement of 400 milliwatts, “meaning it can be installed on equipment carried by one-person parties operating as scouts and forward air controllers.”

Once a session key is established between the sender and receiver, the key is used to read messages after the encryption process. The key management system boosts data protection and ticks off the National Security Agency check list, which is the highest standards for encryption.

“Communications devices all have a processor, where a message is formatted for transmission,” says Mini Crypto Deputy Program Manager Christopher Edsall.

“In the case of a computer, it’s the (central processing unit). Mini Crypto is located after the processing center, but before the transmission center, which is usually a radio. Another Mini Crypto chip is installed at the receiver end, after the receiving antennae, but before the CPU. The second Mini Crypto chip decrypts the received message as it comes through the radio where the unencrypted message is processed, and then it is displayed or heard,” Edsall adds.

The chip’s encryption creates a resource-intensive decryption process, according to Edsall. If the enemy does manage to make the data readable, the amount of time taken forfeits the information’s usefulness.

According to Beason, two years of program development led to the Mini Crypto chip design we see today. After a quick turnaround of concept, development, and testing, the device is now ready for production.

New cybersecurity inquiry launched

australian-government-logo-in-blue image www.intelagencies.com

The Joint Committee of Public Accounts and Audit has launched an inquiry into Cybersecurity Compliance as part of its examination of Auditor-General reports. The Committee’s inquiry is based on the 2016-17 Auditor-General Report No. 42 Cybersecurity Follow-up Audit.

Committee Chair, Senator Dean Smith, said that, as Parliament’s joint public administration committee, the JCPAA has an important role in holding Commonwealth agencies to account.

“Cybersecurity is integral to protect Government systems and secure the continued delivery of Government business. Government entities are required to implement mitigation strategies to reduce the risk of cyber intrusions. The Committee is continuing its oversight of entities’ compliance with the mandated strategies with the launch of this Inquiry,” Senator Smith said.

The JCPAA is a central committee of the Parliament and has the power to initiate its own inquiries on the Commonwealth public sector. The Committee examines all reports of the Auditor-General tabled in the Parliament and can inquire into any items, matters or circumstances connected with these reports.

The Committee invites submissions to the inquiry by Thursday 27 April 2017, addressing the terms of reference. Further information about the inquiry can be accessed via the Committee’s website.

Media enquiries:
Chair, Senator Dean Smith, Joint Committee of Public Accounts and Audit
(08) 9481 0349 (Electorate office)
(02) 6277 3707 (Parliament House)

Background:
Committee Secretariat
(02) 6277 4615
jcpaa@aph.gov.au

Interested members of the public may wish to track the committee via the website. Click on the blue ‘Track Committee’ button in the bottom right hand corner and use the forms to login to My Parliament or to register for a My Parliament account.

Media release issue date: 7 April 2017

SPP

Henry Sapiecha