‘hackers’ Tagged Posts

Russian hackers breached Dow Jones for trading tips: Bloomberg

The Federal Bureau of Investigation, Secret Service and the Securities and Exchange Commission conducting an investigation that began at least a ye...

 

Russian hackers breached Dow Jones for trading tips: Bloomberg

The Federal Bureau of Investigation, Secret Service and the Securities and Exchange Commission conducting an investigation that began at least a year ago, Bloomberg reported.

“Since Bloomberg published his article, we have worked hard to establish whether the allegations contained in it is correct. To date we have not been able to examine such evidence to find” – Dow Jones spokeswoman Colleen Schwartz said in an email.

Dow Jones, the publisher of the Wall Street Journal and a unit of Rupert Murdoch’s News Corp., publicly last week, a violation of its systems that put payment card and contact details of approximately 3,500 individuals.

Dow Jones said that there was unauthorized access to its systems at certain times between August 2012 and July 2015

“We are aware of the Dow Jones burglary and looking for it” – FBI spokesman Kelly Lang Messer said via e-mail.

Lang Messer added she could confirm nothing else in the Bloomberg report.

The hackers sought information, including stories prepared for publication, Bloomberg said Friday, referring to two people familiar with the investigations.

The Secret Service could not immediately be reached for comment on the Bloomberg report. The SEC declined to comment

(Reporting by Supantha Mukherjee, Jessica Toonkel and Joseph Menn; Editing by Savio D’Souza, Sriraj Kalluvila and Michael Perry).

‘Irrational’ hackers are growing U.S. security fear

 

'Irrational' hackers are growing U.S. security fear

Cyber ​​Security researcher HD Moore discovered he could use the Internet to access the controls of a number of sensors 30 pipelines across the country that was not secured with a password. access

A hack expert who helps companies discover network vulnerabilities, Moore said he found the sensors previous month during the analyzing data in massive databases, public internet-connected devices.

“We know that the systems be exposed and vulnerable. We know not know what effect would be if someone actually tried to use, she” said Moore, chief research officer at security company Rapid7.

American experts national security used to find comfort in the belief that super powers ‘rational’ as China or Russia were their main opponents in cyberspace. Such countries can the ability to destroy with the click of a mouse American critical infrastructure have,., But they are likely to do that for part because they requite afraid Washington

Now, anxiety growing that the actors cyber ” irrational “- such as extremist groups, rogue states or activists of the Hacker – infiltrate to hunt for gaps in the security as the one discovered by Moore American systems These opponents are perhaps not so resourceful, but if the bombardment. a federal building in Oklahoma in 1995, Timothy McVeigh, it is the element of surprise is as worrying.

Former U.S. Secretary of Homeland Security Michael Chertoff said he was afraid the first attack destructive cyber would resemble American soil Marathon bombings of Boston in the sense that the suspects were not on the radar of the Government.

“You going to get, attacks consequences relatively small-scale from all sorts people – of hactivists, criminals, whatever,”. said Chertoff during the summit in cyber security Reuters last week “Are they going take down infrastructure critical? They could.”

Emerging actors who cyber-security experts say they most concerned about ao Iran, believed to behind the continuous attacks on sites U.S. banks Web, as well as a devastating attack on about 30,000 personal computers to national oil from Saudi Arabia last year company.

North Korea rapidly gaining skills cyber experts say, after hackers grabbed three South Korean broadcasters and two large sofas in March.

Another new player is the Syrian Electronic Army, a group activist, who the responsibility for hacking the Twitter-accounts of the main selling points of the Western media, such as the Associated Press last month, when his hacker sent a tweet about fake-explosions in the White House that the U.S. stocks has short claimed sent plunging.

Unrelenting ATTACKS

Raster related to the American power is the target of an attempted cyber attacks daily, according to a report of California Representative Henry Waxman and Massachusetts Representative Ed Markey released the House Energy and hearing on cyber safety Commerce Committee on Tuesday.

More From a dozen utilities Abuse tried attacks daily, constant or frequent ranging from hostile probes to this malware-infection, according to the report. (To read, the report see http://r.reuters.com/sej38t)

Gerry Cauley, CEO of the North American Electric Reliability Corp., told the top over cyber safety Reuters that the computer viruses are found in the grid, which can be used to deliver to damage to plant malicious software. NERC is a nonprofit agency that oversees and ensures the reliability of the bulk power system in the region.

Experts say that with so many unknown hackers try to infiltrate systems industrial control of the United States, they fear someone somewhere – maybe even a amateur -. will intentionally or unintentionally cause damage to power plants, chemical factories, dams and other infrastructure critical

“Even if you do not know how things really work, you can still wreak havoc by the crashing of a device” says Ruben Santa Marta, a senior security consultant at IOActive. “Probably in the near future we could make with a incident of this kind, where the attackers will not even know what they do.”

Santa Marta identified hundreds internet-oriented systems control – on the grid, water-installations for the treatment and the heating and ventilation-installations for buildings, including hospitals He discovered also bugs built in the industrial control equipment

..

Department or Industrial Control Systems Cyber ​​Emergency Response Team of Homeland Security, known as ICS-CERT, warned last week for a error that Santa Marta found in equipment from the Turck Germany, that is used by manufacturers and companies in agriculture United States, Europe and Asia.

The agency said attackers with “low skills” hacking could the leak exploit, causing end secluded industrial processes. She advised customers to a patch that would protect against such attacks. Them

Director of National installing Intelligence James Clapper told a Senate committee in March that “less experienced players, but very motivated” could access a number of poorly protected systems control. They could “substantial damage”, he, warned due to unexpected system configurations, errors and the consequences that can occur between cause the nodes in networks.

‘a matter of time’

The ICS-CERT groceries dozens warnings and opinions on vulnerabilities in industrial operating systems on its website each year. Companies whose products were in their warnings named are General Electric Co., Honeywell International Inc., Rockwell Automation Inc., Schneider Electric SA and Siemens AG.

Dale Peterson, CEO of industrial control systems security company Digital Bond, said very vulnerable infrastructure control systems are to cyber attacks because the designers not take into account the safety when they the technology.

While hackers have yet a scathing attack on the American infrastructure launch, have enough skills to do that. “I would say it’s just because no one wanted to do it,” said Peterson, who began his career as a code breaker with the National Security Agency

House of. Intelligence Committee chairman Mike Rogers of said terrorists belong to the groups that to the ability to a cyber attack on American infrastructure launch acquire, but he believes she not yet about this possibility.

“You get the right person with the right capacity deploy for this and it is a game changer,” Rogers told the top. “My concern is this only a matter of time.”

Eric Cornelius, a former ICS-CERT said that in vital sectors such as energy, water, oil and gas sometimes not implement security patches recommended by the equipment and software makers in a timely manner, because they need to plants to operators take off-line to do and can it not afford the downtime

Some plants. The lack of staff adequate security and technology to protect, networks because they do not have sufficient resources, said Cornelius, director of critical infrastructure Cylance Inc.

A relatively inexperienced hacker who goal was to probe a network would damage a system unintentionally because aging networks are extremely vulnerable and sensitive, he. said

“This leaves the control systems of insecurity”, he. Said

Analysis: The near impossible battle against hackers everywhere

 

Analysis: The near impossible battle against hackers everywhere
Warnings tell

Washington a “cyber Pearl atmosphere” consider a surprise attack from a formidable enemy that the power of the financial system of the country to disable or cripple the U.S. government could destroy.

But those on the front lines say it all not to government agencies and corporate networks to protect against a sudden attack. They say many infringements push both perhaps dozens of countries, as well as well-funded guerrillas and criminals qualified electronic.

security officers and consultants say they are overwhelmed. The attacks are not only China that Washington has long been accused of spying on U.S. companies, many come from Russia, Eastern Europe, the Middle East and the Western countries. The authors of elite military units organized criminal networks in adolescents militants.

“They spend more than us and they Outman in almost every way,” said an officer of Dell Inc. Chief Security Officer, John McClurg. “I can not remember in my life ‘adult, a difficult time.”

The big fear is that one day, a large corporation or a government agency will be a serious disturbance and very costly to their business to make when hackers to steal data or damage critical infrastructure sabotage or destroy consumer confidence in the safety of their data.

Elite security Mandiant Corp. Monday gave a 74-page report that a unit of Chinese soldiers steal data from more than 100 companies accused. While China was immediately denied these accusations, safety experts and others say Mandiant the hacker group is just one of more than 20 with origins in China.

Chinese pirates

tend to large companies and technology companies the most innovative thing using e-mails that appear to come from trusted colleagues focus, but bear attachments marred by viruses, spyware and other malicious software, according to researchers western cyber.

Eastern European crime rings, meanwhile, use “drive-by downloads” to undermine popular websites like NBC.com last week visitors to infect. Although malware can vary but often include software for recording keystrokes that computer users passwords for financial accounts.

Other

in the game are activists in the style of loosely affiliated group known as Anonymous, who are in favor of denial of service attacks and temporarily block websites from view and automated searches for common vulnerabilities a way to access information from the company.

An increasing number of countries weapons programs computer and electronic espionage finance, law enforcement officials said. The alleged involvement of the United States in the production of electronic direction, including Stuxnet, that the Iranian program to enrich uranium to hurt, is considered one of the most successful.

Iran is also blamed for a series of extraordinarily effective denial of service attacks against major U.S. banks over the past six months that stopped their online banking sites. Iran is suspected of introducing at least one American oil company, two people familiar with the ongoing investigation told Reuters.

“There is a battle looming in every direction you look,” said Jeff Moss, chief information security ICANN, a group that is part of the critical infrastructure manages Internet.

‘personal goals Everybody goes to the door when it’s just fire after fire, “said Moss, who also advises the U.S. Department of Homeland Security.

HUNDREDS unreported cases

Industry veterans say that the growth in the number of hackers, software tools at their disposal, and the part thriving underground economy to have any network connected to the Internet is impossible to perfectly defend.

“Your average engineer operational safety feels somewhat under fire, “said Bruce Murphy, director of Deloitte & Touche LLP, the study of labor safety.” It feels like Sisyphus rolling a stone on the hill and the hill keeps steeper. “

Three major U.S. newspapers, Apple Inc., Facebook Inc., Twitter and Microsoft Corp. have all admitted in February they had hacked. Inserted the malware on the computers of employees in technology has been detected in hundreds of other companies who have chosen to remain silent about the incident , two people familiar with the situation told Reuters.

ownership “I can not be a time when many companies were so clearly remember” “and were so unprepared,” says Adam O’Donnell, an officer of the company Security Sourcefire Inc., using slang for hackers access.

Instead of hype, cyber intrusion remain under-public â € leaks fear the attacks will spook investors?? head of the new attempt FBI cybercrime, Deputy Executive Director Richard McFeely said that the secret has become a major challenge.

“Our biggest problem at the moment is to the private sector to a level of comfort where they can report defects, malware, effects within their networks” said McFeely. ” It was very difficult with many large companies to get them to cooperate fully. “

McFeely said the FBI plans to open a deposit malware for sharing information between companies in the same sector to encourage. Obama also recently issued a decision on cybersecurity promotes cooperation.

former head of the National Security Agency, Michael Hayden, supports the use of commercial and diplomatic channels to put pressure on countries of piracy as early a White House strategy announced Wednesday new

“The Chinese, with some legitimacy, will say: “.. you spying on us as the former Director of the NSA, I will say:” Yes, and we are better than you, “said Hayden, now director of security within the Chertoff Group, consultant

He said what worries him, moreover, c .. is the Chinese presence on networks that do not value intelligence as systems that infrastructure such as power plants and water have “There is no intellectual property there to be stolen, not trade secrets, not negotiating positions. So that scares you, because it seems to be preparing attacks, “said Hayden.

middle of the growing fear, many top professionals in the field in San Francisco on Monday to meet the conference’s most famous American industry security, the name of the host company EMC Corp. and RSA unit.

Several experts said they were convinced that companies spend money on the wrong things, such as antivirus subscriptions can not detect new attacks or directed.

RSA executive chairman Art Coviello and Francis de Souza, director of products with high provider Symantec Corp., Both have said they will be speeches calling for a focus on more advanced analysis instruments seeking unusual behavior the network?? seems expensive.

a more fundamental approach to the limitation of computer privileges for users, installing software updates quickly, and allowing only trusted applications to function correctly.

Some security companies are zero with new models, such as forcing all programs to their customers to carry on the wall of virtual machines to stop.

With these perspectives, so much money at stake, and the problems both years, may only two points of agreement.

Most people in the industry and the government thinks that things will get worse. Coviello, for its part, has predicted that the first genre – but relatively easy -. virus removed all data on tens of thousands of PCs to the company of national oil of Saudi Arabia last year was a harbinger of things to come

And more

say that public attention on cybersecurity, even if it solves uncomfortable on the failure of the industry and stubborn opponents, will lead to a debate desperately need doing internationally and at home.