Tag Archives: al-Qaeda

The Cyber War: Complete Coverage

The International Monetary Fund, IMF, is the latest high-profile organization to become a victim of network intrusion by hackers. According to several media reports, the IMF has suffered a substantial security breach, of which the full extent is not yet known. Over the last few months, cyber attacks have increased in both frequency and severity. The group of cyber activists, Anonymous, are currently involved in 9000 attacks on governments and corporations around the world. Check out the stunning details.

“You still have the power to stand up for good. Do NOT come between us and our freedom. You have been warned.”

The Anonymous

According to The New York Times, quoting an unnamed official, the IMF intrusion is a “very major” one, and has been going on for several months. The actual dimensions of the attack are still unknown. The IMF says that the Fund is “fully functional” and that the organization is investigating the incident. Sony, Citibank, Acer, Epsilon, RSA, NASA, Lockheed Martin – even Al-Qaeda and the FBI – everyone seems to get hacked these days!

The IMF declined to say who might be behind the intrusion, NYT reports.

A Bloomberg story, however, cited an unidentified security expert as saying that the attackers were believed to be connected to an unspecified foreign government and that e-mails and other documents had been taken.

Dealing with the global financial crises, international trade and other monetary matters, the IMF is privy to sensitive economic information regarding a number of countries data that could be extremely valuable to investors and of great interest to governments.

The organization has also been criticized for its policies and accused of being  responsible for crises.

The breach is the latest in a series of headline grabbing hacks that have involved the likes of computer security company RSA, several U.S. military contractors, search giant and Web-based e-mail purveyor Google, and Sony entertainment behemoth.

Shutting Down The World Bank

Cyberespionage and cyber warfare have been making headline news consistently for quite some time.

Bloomberg quotes a memo to IMF employees by the organization’s chief information officer, warning the staff to be vigilant:

“Last week we detected some suspicious file transfers, and the subsequent investigation established that a Fund desktop computer had been compromised and used to access some Fund systems. At this point, we have no reason to believe that any personal information was sought for fraud purposes.”

The memo also says that the IMF’s network connection to the World Bank (which is headquartered across the street from the Fund) have been shut down “as a precautionary measure.”

An earlier memo to employees has warned the IMF staff of phishing attacks, saying:

 “Staff is strongly requested NOT TO OPEN emails and video links without authenticating the source.”

Bloomberg writes that the recent network breach is not associated with the group Anonymous, which had earlier threatened an attack on the Fund in association with IMF activities involving the economically hobbled country of Greece.

On Saturday, law enforcement officials in Spain said they had arrested several members of Anonymous in connection with attacks on entertainment giant Sony, as well as on governments and financial institutions.

Hackers Go Wild

A wave of cyber attacks has left corporations and government organizations in a state of shock and confusion.

The Hacker News reports that they have received a message from the hacking group, Pakistan Cyber Army – PCA – claiming the group has hacked Acer Europe’s server and stolen sensitive information.

THN have posted a screenshot of the data reportedly collected, which included the personal information of 40,000 customers, including their names, addresses, phone numbers, e-mail addresses, and the names of products they had purchased.

According to The Hacker News, the PCA plans to release more data within the next 24 hours, and will follow that up with a press release discussing its reasons for hacking Acer’s Europe division.

Acer did not immediately respond to a request for comment, CNET.com reports.

The Anonymous, which made headlines last year by hacking financial institutions and other sites in defense of WikiLeaks founder Julian Assange, recently made public more than 10,000 e-mails it stole from Iran’s Ministry of Foreign Affairs.

According to the International Business Times, quote  a source who have viewed the documents, most of the files are passports and visas, relate to an “oil meeting.”

NATO Gets a Warning

The organization has also launched a new operation it’s calling Op NATO Black Fax/E-mail Bomb.

Users can surf to the OpNATO page and send a free prewritten fax to the North Atlantic Treaty Organization in defense of Anonymous. The organization has posted a list of fax numbers to the page, and has asked supporters to send “as many [faxes] as you can” to those numbers.

“It has come to our attention that you have classified Anonymous a ‘potential threat to the security of [your] member states,’ and that you seek retaliation against us,” reads the letter to NATO, which is made up of the U.S., Canada, and the U.K., among other countries. Anonymous goes on to ask the member nations to “retaliate against us in any manner you choose.” However, even if some of its members are jailed, the letter reads, the nations will find “that Anonymous continues to live on.”

Anonymous’ letter ends with the following threat:

“Think carefully before you continue from here,” the letter reads. “You still have the power to stand up for good. Do NOT come between us and our freedom. You have been warned.”

But there seems to be many busy hacking groups at the moment:

Earlier Sunday, a hacker known as “pr0f” posted the e-mails and passwords of more than a hundred United Arab Emirates government employees.

However, the hacker said the list was “historic” and that the e-mail passwords were not current.

Even British intelligence officials have gotten into the mix.

Hacking With Humor

According to a Daily Telegraph report yesterday, the British intelligence organization, MI6, hacked into an al-Qaeda online magazine recently and replaced a recipe on bomb-making with a recipes on making “The Best Cupcakes in America.”

The latest string of hacks started in earnest in April when hackers launched a sophisticated attack against Sony’s PlayStation Network and Qriocity services. The hackers also breached Sony Online Entertainment.

After discovering the breach, Sony was forced to take the services down.

The company reported that the personal information of more than 100 million users had been exposed.

Sony reassured users at the time that credit card data was encrypted. It has also said no identity theft has been reported because of the breach.

So far, Sony hasn’t been able to pinpoint who overcame its defenses, but the company did find a file named “Anonymous” on its servers. The file contained part of the hacking organization’s slogan: “We are legion.”

The Anonymous says it is not responsible for the Sony attack. It did acknowledge, however, that some of its members might have acted independently to hack Sony.

Though Sony might have hoped it was out of the woods following the PlayStation Network breach, the company still faces attacks from hackers.

Yesterday, a hacking organization called LulzSec posted links on its Twitter account to data it had stolen from Sony’s internal networks, as well as from the networks of Sony Pictures, Sony Music Belgium, and Sony Music Netherlands.

“We recently broke into SonyPictures.com and compromised over 1 million users’ personal information, including passwords, e-mail addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts,” LulzSec wrote on Pastebin, the site where it posted some data. “Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 ‘music codes’ and 3.5 million ‘music coupons.’ “

The group claimed the data was not encrypted and had been left for the taking. Sony confirmed the attack this evening, saying it had contacted the FBI in an effort to track down the individuals who posted the data.

LulzSec’s attack on Sony was the second major hack the organization engaged in over the past week. This past weekend, the group showed off its hacking ability by engaging in what it called a “fun battle” with the Public Broadcasting Service.

LulzSec also posted a fake news story on the PBS site, saying that musical artist Tupac was still alive, and reportedly published log-in data for the PBS workforce.

The hack was a response to an airing of a PBS “Frontline” episode called “WikiSecrets” that presented WikiLeaks in a somewhat unfavorable light.

The LulzSec hack followed a statement earlier this week from Google claiming it had “detected and disrupted” a phishing attack that attempted to give the hackers access to hundreds of Gmail accounts belonging to senior U.S. government officials.

Google said it believed the attacks originated from Jinan, China, but stopped short of blaming the Chinese government.

The US government has denied that state-run e-mail accounts were hacked, but it has launched an investigation into the possibility of officials’ Gmail accounts being targeted.

“Speaking on behalf of the US government, we’re looking into these reports and seeking to gather the facts,” Caitlin Hayden, deputy spokesperson for the National Security Council, said in a statement to CNET yesterday.

“We have no reason to believe that any official US government e-mail accounts were accessed.”

Now, that’s waving a red flag in front of a raging bull.

Complete Coverage

Thanks to The Hackers News – who has been reporting on most incidents lately – here’s the list of registered highlights between April and June 2011 :

  • Sony Online Entertainment announce that it has lost 12 700 customer credit cards as a result of an attack, and about 24,6 million accounts may have been breached. LINK
  • The Anonymous performs Operation Iran, attacking the governmental websites responsible for oppressing the freedom of speech, information or ideas. LINK
  • The information and review site on high-speed internet, DSLReport.com, gets hit with a blind SQL injection attack, resulting in a compromise of at least 9000 accounts. LINK
  • Hackers gain access to famous pop star Lady Gaga’s Twitter account and began posting spam messages. LINK
  • The social network site Buddie.me gets hacked, about 15 809 emails/passwords published on the net. LINK
  • Pakistan Cyber Army – PCA – hacks into the Indian railway’s email system and downloads all confidential material, including email addresses and matching passwords. LINK
  • A 26-year-old hacker is charged with 13 cases of felony after hacking into Facebook accounts, stealing photos of young women and posting them on porn sites. LINK
  • A Turkish hackers group hacks the website of Cyberhackers.org. LINK
  • Indian hackers/codebreakers breaks into the servers of Pakistan Air Force. LINK
  • An employee claiming illegitimate firing claims he was able to break into, and take down, a 200 megawatt wind turbine system owned by NextEra Energy Resources. LINK
  • Media reports of growing threat to Western governments and corporations as they are under attack from hackers based in China. LINK
  • The European Space Agency – ESA – gets hacked by someone called TinKode. LINK
  • The server’s of the world’s largest blog community WordPress.com gets hacked. LINK
  • Epsilon’s Customer Lists of major Brands gets compromised. LINK
  • Hackers manage to infiltrate one of the world’s top computer-security companies, RSA. The company has about 40 million users/customers. LINK
  • A Pakistani hacker called KhantastiC hacks into the website thehackersparadise.com and adds his own page. LINK
  • The official website of the President of Pakistan gets hacked. LINK
  • The database of Spanish Escuela Universitaria Diseno gets hacked and dumped on the file sharing site rapidshare.com. LINK
  • An Indian hacker called Lionaneesh hacks and exposes the aviation website Planespotters.net. LINK
  • A Turkish hacker called OldChildz hacks the web portal of several famous Israeli companies. LINK
  • The British Cambridge Networks gets hacked by the Pakistani hacker Shak. LINK
  • An Indian hacking crew claims to have broken into 253 different websites. LINK
  • The website of The Film and Publication Board – FPB – gets hacked by someone called Dr.KroOoz. LINK
  • An Indian hacker called Angel 4k4 4d0r4b13 hacks the Pakistani railway’s database. LINK
  • The Oak Ridge National Laboratory gets hacked. LINK
  • A hacker called The 077 breaks into 20 websites run by the Chinese government. LINK
  • The website of CEH – Centennial Media Training – gets hacked. LINK
  • 70 Indian websites gets hacked by Shadow008 who is a part of the Pakistani Cyber Army. LINK
  • All websites run by the Security Firm & News Company is breached by Indian hacker called I33t Haxors. LINK
  • Hackers break into The Hartford insurance company and install password-stealing software on several of the company’s windows servers. LINK
  • Computer producer ACER gets hacked by Pakistan Cyber Army. LINK
  • The British intelligence service MI6 hacks an Al-Qaeda website and replace a bomb making recipe with a cupcake recipe. LINK
  • The hacker group Lulzsec hacks the systems of Infragard Atlanta Members Alliance, a FBI affiliate and blows their cover. LINK
  • The Anonymous leaks more than 10 000 emails, stolen from the Iranian government. LINK
  • Chinese hackers cracks hundreds of US and Asian Gmail accounts. LINK
  • The website of PBS.org gets hit by a zero-day exploit. LINK
  • The official website of the upcoming movie Ra One – gets hacked and the defaced. LINK
  • The network of Television Company GMA-7 – including Twitter and Facebook – gets hacked by someone called D4RKB1T. LINK
  • A 14 year old hacker gets hired by Microsoft after doing phishing via Call of Duty Server. LINK
  • Hackers break into the servers of Lockheed Martin networks and US defense contractors. LINK
  • PC game company Comodo gets hacked, resellers private data exposed. LINK
  • The Anonymous takes down the website of US Chamber of Commerce after the Chamber approved the new Protect IP Act. LINK
  • More than 200 Indian official websites are reported hacked by someone called XtReMiSt. LINK
  • Another report on stealing and selling credit card information says the use of hacking techniques is increasing. LINK
  • Facebook prepares to launch a so-called Bug Bounty Program. LINK
  • NASA Goddard Space Flight Center gets hacked – again – by the hacker called TinKode. LINK
  • Another Facebook scam are reported. LINK
  • The website of famous football star Ronaldinho gets hacked by Osama bin Laden supporters. LINK
  • The Information Security and Ethical Hacing Training organization, Appin, gets hacked – once again. LINK
  • The hacker group Lulzsec hacks and release ATM information. LINK
  • Official report questions the security of US institutions like Department of Defense, Pentagon, NASA and NSA. LINK
  • Pakistan Cyber Army gets hacked by the Indian Cyber Army, Indishell. LINK
  • The website of Indian TV Channel V hacked by someone called MaDnI, a member of Pakistan Cyber Army. LINK
  • The Anonymous’ IRC networks – irc.anonops.net and irc.anonops.ru – gets hacked. LINK
  • India’s leading IT companies TCS – Tata Consu;tancy Services – and Tech Mahindra reports security breaches. LINK
  • The database of contestants in the popular TV show, X Factor, gets hacked and published on the net – available for download. LINK
  • Pakistani news site, Paktribune.com, is hacked and more than 800 emails/passwords stolen. LINK
  • Credit card Company, CCAvenue, hacked. LINK
  • Citibank reports theft of 200 000 credit card accounts. LINK
  • The International Monetary Fund confirms a major security breach. LINK

Download The Hackers News Magazine here:

Issue June 2011 : Rar File | PDF file

Issue May 2011: RAR Format | PDF Format

 

Related by the Econotwist’s:

11 Comments

Filed under International Econnomic Politics, Laws and Regulations, Technology

Stuxnet Mutants All Over The Web

The application security management firm, Idappcom, say they detected 52 new pieces of malicious software last month that are designed in a similar way as the feared Stuxnet worm. Stuxnet have been caracterized as the worlds first cyber weapon, aimed at critical public  facilities like power plants and water supply systems.

“There are lots of other countries which realise that you can do this, and gain access to systems which are running critical infrastructure. We will see copycats, maybe modified versions of Stuxnet, copies of which aren’t hard to find at all.”

Mikko Hypponen


According to Mikko Hypponen, chief security researcher at F-Secure, there has been a revolution in malware with Stuxnet. At the same time security management firm, Idappcom, reports 52 new threats targeted at supervisory control and data acquisition systems – Scada- the sort hit by the infamous Stuxnet worm.

Scada systems are found in a variety of industrial plants ranging from water and waste treatment to food and pharmaceuticals and even nuclear power plants.

“We quickly realised this was too much of a significant blip to be an anomaly. It may be an indicator towards a worrying trend.”

“Our records go back to 2004 and I’ve never recorded any sort of significant blip on the radar in an area like this previously.” says Tony Haywood, chief technology officer at Idappcom.

“We quickly realised this was too much of a significant blip to be an anomaly. It may be an indicator towards a worrying trend,” Haywood says.

Some of the xploits found are causing DOS (Denial Of Service), bringing systems to halt.

Scada systems are often at greater risk because they are connected to legacy operating systems such as Windows 95 for which there are no service packs or automatic updates.

Day by day, its getting harder to secure the SCADA systems.

“The worst case scenario is that Al-Qaeda or another organisation could gain access to this type of knowledge and information, and make use of it to launch attacks on critical infrastructure.”

“The worst case scenario is that Al-Qaeda or another organisation could gain access to this type of knowledge and information, and make use of it to launch attacks on critical infrastructure – like blow up nuclear power plants or do something to our food chain,” Mikko Hypponen says.

Discovered at the middle of last year, Stuxnet has become a major puzzle for those involved in computer security, but more than that, also among those interested in international espionage.

“There will be copies of Stuxnet, from the same source and elsewhere.”

Mikko Hypponen

“I think Stuxnet is a new phenomenon, the first example of its kind, and will be something we will look back at in years to come,” says Hypponen, whose information security experience spans many years and who was involved in classified briefings regarding the new threat.

“There will be copies of Stuxnet, from the same source and elsewhere,” he predicts.

Stuxnet is a Windows worm that is propagated on USB sticks and over private networks, but with one very unique feature – it doesn’t replicate over the Internet.

Malware that we generally see on computers is generally designed to spread as far as possible, as cyber criminals aren’t too worried about what it will infect.

But Stuxnet is different, because it wants to reach environments that are disconnected from the Internet on purpose, like the nuclear programme in Iran.

But that’s not to say that it won’t infect your Windows PC.

Hypponen points: “It infects any Windows PC that you put an infected USB stick in. But when it infects a PC it does nothing. It will only replicate on any other USB stick you put into it.”

This means that Stuxnet is a worm that can go around the world silently, doing nothing to the systems it infects, waiting for a precise moment to strike. And it will strike, but only if it reaches a Windows PC that has a specific type of program installed.

“It’s called Step 7, made by Siemens and which is used to program Programmable Logic Control (PLC) devices,” the researcher explains.

“These boxes control factories, pumps, general purpose systems. These are running their own operating system, which isn’t Windows as it isn’t reliable enough.”

“It’s trying to find a specific environment with a specific configuration of high frequency power converters made by two different manufacturers.”

But the PLC boxes need to be programmed by a Windows computer before they are sent over to a factory or wherever they need to go.

If a USB stick has transferred Stuxnet to one of these computers, this is the point where Stuxnet will start to make its move, if it finds itself on a system that has a specific type of PLC box connected.

“It will reprogram the PLC, so that any changes are hidden. And it will wait, hoping that somebody disconnects the PLC from the Windows computer and takes it to a factory.”

If that should happen, Stuxnet will still do nothing, apart from check what kind of factory the PLC box is supposed to be controlling.

“It’s trying to find a specific environment with a specific configuration of high frequency power converters made by two different manufacturers. When it finds the right kind, then it knows it’s in the right environment.”

The right environment is Iran’s nuclear enrichment facility.

Nuclear centrifuges are being cleaned by the high frequency power converters, which Stuxnet now has the capability to control.

“But even then it does nothing,” Hypponen continues. “It records the normal everyday traffic for two or three days.”

And then like a heist movie where a criminal fiddles with a security camera so a guard sees a film from yesterday rather than what’s happening in the present, Stuxnet floods back the traffic it recorded to the factory’s monitoring system.

Anyone monitoring will see normal operation, but operation from the past.

“Then it starts changing the spinning speed, which ends up breaking the centrifuges or ends up creating lousy uranium.”

The intelligence and technological sophistication of Stuxnet has led experts to believe it was the creation of a multi-million pound operation with state involvement.

There are also claims it was the creation of a joint effort between Israel and the US, a theory Hypponen believes to be true.

But the expert also thinks that it could be a major wake-up call to interested parties, which could be a problem for developed western nations in the future.

“When people think about these extremists, they don’t think about them having these types of technology skills. They typically think of unintelligent Talibans riding camels in the desert. That’s a dangerous misconception.”

“There are lots of other countries which realise that you can do this, and gain access to systems which are running critical infrastructure. We will see copycats, maybe modified versions of Stuxnet, copies of which aren’t hard to find at all,” he says.

Which led us to Hypponen’s first comment over worst case scenarios if jihadists ever find a way of attacking Western nations with modified Stuxnet technology, now available easily through a search of the web.

He said, “When people think about these extremists, they don’t think about them having these types of technology skills. They typically think of unintelligent Talibans riding camels in the desert. That’s a dangerous misconception.”

Hypponen show The INQUIRER a copy of “Inspire”, a lifestyle publication written in English that is best described as a jihadist magazine aimed at new recruits.

Among the news articles, poems, songs, Osama Bin Laden speeches and right alongside a section on making bomb making equipment, there is a section on how to do public key encryption.

It describes an open source PGP-like encryption system coded and developed by extremists.

“These guys write pretty good magazines in English and code their own tools. They could easily get Stuxnet itself – it’s far from trivial to modify, but it’s easier to modify than write something from scratch. But I think I’m more worried about the idea of getting copied by other parties.”

Hypponen concludes the interview with the following last thought:

“When George W Bush signed a cyber attack agreement in 2008 against the Iran nuclear program, I do believe the outcome of that signature was Stuxnet.”

Related by the Econotwist’s:

11 Comments

Filed under International Econnomic Politics, Laws and Regulations, Technology

Al-Qaeda Calls Off US Attack To Spare Life Of 'Twilight' Author

Latest news report from America’s finest news source, The Onion:


ONN‘s Terrorism Expert Omar Al-Farouq explains how Al-Qaeda‘s love for the beloved teen vampire series prevented the death of thousands.

Future: News From The Year 2137 – Now Available

www.theonion.com

Related by the Econotwist:

Norway’s al-Queda: A Chinese Muslim, Some Baking Soda and Puff! There Goes Privacy…

Enhanced by Zemanta

1 Comment

Filed under International Econnomic Politics, National Economic Politics