ads

Friday, May 24, 2013

Google data breach, Company’s Surveillance Database hacked


Google_HackedChinese hackers who breached Google in 2010 are responsible for the recent violation to Google Company’s Surveillance Database according officials revelations.
Google data breach is reality and Google Company’s Surveillance Database has been violated by the same hackers who breached Google’network in 2010, the attackers have obtained the access to the company’s tracking system for management of surveillance requests from law enforcement.

The news has been published by the Washington Post and confirmed the voices on the Google data breach.

The database hacked is used by Google company to archive the court orders submitted by law enforcement who are investigating on a user’s profile, but the repository also includes classified Foreign Intelligence Surveillance Act (FISA) orders that are used in foreign intelligence surveillance investigations.

FISA is a US law which outlines practices for the physical and electronic surveillance and “collection of “foreign intelligence information” between “foreign powers” and “agents of foreign powers”, “the sections of FISA authorizing electronic surveillance and physical searches without a court order specifically exclude their application to groups engaged in international terrorism. “

The Google’s database contained precious information on surveillance activities conducted during the last years, it’s clear the purpose of the attack, it was arranged to gather information on law enforcement and intelligence agency’s investigation on Chinese intelligence operatives in the US, a former US official confirmed to the Washington Post it:

“Knowing that you were subjects of an investigation allows them to take steps to destroy information, get people out of the country,”

The Post states:

“The breach appears to have been aimed at unearthing the identities of Chinese intelligence operatives in the United States who may have been under surveillance by American law enforcement agencies.”

In 2010 numerous companies were hacked by Chinese hackers, including Adobe and many other financial institutions and defense contractors, with a series of sophisticated cyber attacks. The attackers stolen from Google source code and also tried to access to the Gmail accounts of Tibetan activists.

The hackers that targeted Google in December also hit 33 other companies using a zero-day vulnerability in Adobe Reader to deliver malware to the victims and steal  source-code management systems to obtain the access to company source code as well as to modify it to make customers who use the application vulnerable to attack.

The Google data breach was originated in China, Secretary of State Hillary Clinton publicly condemned the intrusion requesting for the Chinese Government to give information on the attack.

Google hasn’t confirmed the impairment of its systems for processing law enforcement surveillance requests, but announced to stop collaborating with Chinese authorities for censoring Google search results in that country.
google hacked china intelligence

Google isn’t unique victims of this new wave of attacks, last month, a senior Microsoft official denounced that Chinese hackers had targeted the company’s systems having the same function of Google Surveillance DB about the same time that Google’s was breached.

“What we found was the attackers were actually looking for the accounts that we had lawful wiretap orders on,” David W. Aucsmith, senior director of Microsoft’s Institute for Advanced Technology in Governments, said at a conference near Washington, according to a recording of his remarks. “If you think about this, this is brilliant counterintelligence,” he said in the address, which was first reported by the online magazine CIO.com. “You have two choices: If you want to find out if your agents, if you will, have been discovered, you can try to break into the FBI to find out that way. Presumably that’s difficult. Or you can break into the people that the courts have served paper on and see if you can find it that way. That’s essentially what we think they were trolling for, at least in our case.”

According the Washington Post,  Justice Department faced with Google resistance to show evidence of the attacks providing full access to internal logs and to authorize a further forensic investigation of the breach … It is still unclear what Google provided to the investigators.

Michael M. DuBose, former chief of the Justice Department’s Computer Crime and Intellectual Property Section, commented the attacks defining them a wake-up call for the government that the overall security and effectiveness of lawful interception and undercover operations is dependent in large part on security standards in the private sector.

“Those,”  “clearly need strengthening.” DuBose said,

The incidents raise once again the need to share information on cyber attacks and data breaches, incidents like these are clear indications of ongoing sophisticated intelligence operations.

Cost of cybercrime for UK Small Businesses


cost of cybercrime2
The Federation of Small Businesses issued an interesting study on cost of cybercrime suffered by small businesses in the UK.
Cost of cybercrime is usually evaluated for large corporate underestimating its dramatic effect on small business, small companies are in fact most vulnerable to the increasing cyber criminals and hacktivists.

An interesting study conducted by the Federation of Small Businesses on cost of cybercrime in UK revealed the incidence of the phenomena on the small business, worrying losses for billions of pounds every year, the average small firm facing a near £4,000 cost.

The Federation of Small Businesses declared that around 30% of its members had been victims of fraud, majority of crimes is related to virus infections, more than 50% of small business was hit by a malware, 8% of UK small business had been victims of hacking and around 5% had suffered security breaches.
The report of the Federation of Small Businesses revealed that cost of cybercrime and fraud for its 200,000 members is around £800m a year, (£3,926 each on average), but according the analysts the total cost is much bigger for total UK small business.
cost of cybercrimeAccording the FSB estimation, by projecting the data related to the small business on a national scale the cost of cybercrime is greater than  £18.8bn based on the FSB’s average.


In the UK there are around 4.8 million small firms and despite the impact of cybercrime and the high frequency of malicious events almost 20% had taken no countermeasure to mitigate the cyber threats..

“Cybercrime poses a real and growing threat for small firms and it isn’t something that should be ignored,”

“Many businesses will be taking steps to protect themselves but the cost of crime can act as a barrier to growth”.

“Many businesses will not embrace new technology as they fear the repercussions and do not believe they will get adequate protection from crime.”

“While we want to see clear action from the government and the wider public sector, there are clear actions that businesses can take to help themselves.”said Mike Cherry, the FSB’s national policy chairman, referring the effect of cybercrime on UK businesses.


The scenario is alarming, on one side the activities of cybercrime are becoming even more sophisticated and pounding, on the other side the response of Small business is still inappropriate with obvious repercussion, due this reason the FSB issued new advice to small firms encouraging the implementation of the security mechanisms and the adoption of best practices.

The FSB issued 10 tips to suggest businesses how to protect their assets from cybercrime, including a combination of standard security protection steps (e.g. Define and constantly update security policy, keep systems updated, protect networks with firewall, use and update antivirus and anti-spam software).

Security is a must for the growth of the entire United Kingdom, security minister James Brokenshire commented the results proposed by the study spurring the action and in the adoption of a proactive approach to cybercrime.

 ”We need to make sure that all businesses, large and small are engaged in implementing appropriate prevention measures in their business”

“This report will help give a greater understanding of how online security and fraud issues affect small businesses, giving guidance as well as valuable top tips to protect their business.”

“We know only too well of the importance of securing buy-in from both big and small business in implementing appropriate protection against cyber risks – business success can depend on it. Increasing security drives growth.” said Business minister David Willets added.

To limit the impact of cybercrime and reduce the cost of cybercrime another fundamental issue is the information sharing on cyber attacks, incidents and data breaches, the Government issued The Data Protection Bill will force companies to denounce every incidents and data breaches. Despite the Act there is still much to do, the strong support of the Government and principal enterprises is an essential factor to support the growth of a security culture that could help to reduce the effect of cybercrime.

source: securityaffairs.co

US critical infrastructure under unceasing cyber attacks


US Congressmen Ed Markey and Henry Waxman issued the report “Electric grid vulnerability” on the level of security for US critical infrastructure.
Critical Infrastructures Electric Grid ReportAttack on critical infrastructure is the main concern for worldwide security community, every government has become aware of the risks related to a cyber attack against their own country and is investing to improve its cyber capabilities.

Day after day the number of attacks against critical infrastructure is increasing at an alarming, US is among the most targeted countries, a report issued by U.S. Congressmen Ed Markey and Henry Waxman revealed that  that the quantity of assaults against core infrastructure continues to rise.

The report, titled “Electric grid vulnerability” report, states that a utility facing roughly 10,000 attacks every month, the study is based on 160 surveyed U.S. utilities.

The most concerning aspect is that around 10 % of US critical infrastructure are daily under attack of various types, such as malware based or spear-phishing attacks.

The report highlighted the economic impact of grid vulnerabilities, it is estimated that power outages and related damage cost the U.S. economy between $119 to $188 billion per year and a single successful cyberattack can cause losses upwards of $10 billion.

US Critical Infrastructures Electric Grid Report 2

The Department of Homeland Security demonstrated that 2012 registered an increase of 68 percent in comparison to 2011 for the number of cyberattacks against US critical infrastructure, industrial bodies and Federal offices.

Every day there are numerous attacks conducted to discover vulnerabilities within these critical systems, many of these attacks is perpetrated in an automatic and method manner.

A Midwestern power provider declared that it was “subject to ongoing malicious cyber and physical activity. For example, we see probes on our network to look for vulnerabilities in our systems and applications on a daily basis. Much of this activity is automated and dynamic in nature – able to adapt to what is discovered during its probing process.”

To respond the increasing threat of cyber-attack security community has called on Congress to provide a federal authority with the necessary power to ensure the grid protection from potential cyber-attacks, but despite these calls for action since now Congress has not provided any governmental entity with the necessary capabilities.

Today the protection of  the nation’s electricity grid from cyber-attack is referenced “by voluntary actions recommended by the North American Electric Reliability Corporation (NERC), an industry organization, combined with mandatory reliability standards that are developed through NERC’s protracted, consensus-based process. Additionally, an electric utility “

“Almost all utilities surveyed are compliant with mandatory NERC standards but totally ignore recommendations by NERC. The report provided disturbing data, for example despite NERC has established both mandatory standards and voluntary measures to protect against Stuxnet warm, the implementation of voluntary countermeasures was overruled.”

Stuxnet voluntary measures have been implemented by only 21% of IOUs, 44% of municipally- or cooperatively owned utilities, and 62.5% of federal entities reported compliance, an alarming data in my opinion.

The cybercrime is considered the most dangerous threat for US critical infrastructure that are under unceasing cyber attacks, its menace is more concerning of terrorism, because the increasing sophistication level of the attacks.

Fortunately despite the delay in the adoption of proper countermeasures for many US critical infrastructures hasn’t yet caused a successful breach of their systems.

As usual there are different opinions, some say the report provides a false overview on real security of national critical infrastructure that are protected from external cyber attacks thanks the compliant of mandatory standards set by the NERC.

“The majority of those attacks, while large in number, are the same attacks that every business receives” through web-connected networks,” ”Those are very routine kinds of attacks and we know very well how to protect against those…Our control systems are not vulnerable to attack,” Arkansas Electric Cooperative Corporation Chief Executive Duane Highley told Reuters.

It is my opinion that whatever the actual state of infrastructure is necessary that all measures are taken to ensure  protection from the attacks of increasing complexity.

source: securityaffairs.co