News About Cyber Warfare

Computer security firm Symantec extorted by hackers

Thu, 09 FEB 2012 09:07:07 AEST

San Francisco (AFP) Feb 7, 2012 - Computer security firm Symantec on Tuesday confirmed it tried to turn the tables on hackers who threatened to release stolen source code if a demand for $50,000 was not met.

An email exchange posted online at pastebin.com revealed how Symantec negotiated with "Yamatough," a supposed affiliate of hacker group Anonymous, to pay an extortion demand.

"The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation," the firm said in a released statement.

"Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide."

No money ever changed hands.

Symantec recommended in January that users of its pcAnywhere software disable the product following the theft of source code from the California-based security firm.

Symantec subsequently said that the latest release of the software is defended from attack and released an upgrade to protect older versions.

Symantec, in a technical white paper posted in January on the firm's website, said the vulnerability to pcAnywhere, which allows for remote PC to PC connections, was the result of a 2006 theft of source code by hackers.

"We believe that source code for the 2006-era versions of the following products was exposed: Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere," Symantec said.

The only identified threat, however, was to pcAnywhere and not any of the Norton products.

Anonymous posts audio of FBI, Scotland Yard call

Thu, 09 FEB 2012 09:07:07 AEST

Washington (AFP) Feb 3, 2012 - Hacker group Anonymous, in an embarrassment for law enforcement, released a recording Friday of a conference call between the FBI and Scotland Yard discussing operations against the hacking collective.

The Federal Bureau of Investigation confirmed the authenticity of the nearly 17-minute recording posted on YouTube and other sites and said it was "intended for law enforcement officers only and was illegally obtained.

"A criminal investigation is under way to identify and hold accountable those responsible," the FBI said in a statement.

The release of the audio recording was one in a series of attacks on Friday by the shadowy loose-knit group of international hackers.

Members of Anonymous also attacked the website of the Greek justice ministry in a protest against the country's tough fiscal reforms and a site operated by the Boston Police Department.

In addition, members of the hacker group defaced the website of the law firm that defended a US Marine who faced charges in connection with the 2005 killing of 24 Iraqi civilians.

Anonymous, in a statement on the website of the law firm of Puckett and Faraj, also claimed to have published online three gigabytes of private email messages of attorneys Neal Puckett and Haytham Faraj.

Puckett served as a lawyer for Staff Sergeant Frank Wuterich, who faced a court martial last month in connection with the killings in the Iraqi town of Haditha.

Wuterich, 31, admitted one count of negligent dereliction of duty but manslaughter charges were dropped as part of a plea deal with prosecutors and he is not serving any jail time.

Along with the FBI-Scotland Yard audio recording, Anonymous posted online the January 13 email invitation from an FBI agent setting up the call for January 17.

The email invites members of European law enforcement agencies to take part in a conference call "to discuss the on-going investigations related to Anonymous, Lulzsec, Antisec, and other associated splinter groups."

The email was sent to law enforcement officials in Britain, France, Ireland, Germany, the Netherlands and Sweden but the only people who identify themselves on the call are from the FBI and Scotland Yard.

The email includes the number to be called along with the access code.

In a message on Twitter, Anonymous posted links to the audio recording and said the FBI "might be curious how we're able to continuously read their internal comms for some time now."

According to the FBI, no agency computer systems were breached in connection with the incident.

Graham Cluley of computer security firm Sophos said the hackers were apparently able to access the call "because they have compromised a police investigator's email account."

"No doubt the police authorities will be appalled to realize that the very people that they are trying to apprehend, could have been tuning in to their internal conversations," Cluley said in a blog post.

During the call, the British and American participants discuss some of the targets of their operations including Jake Davis and Ryan Cleary, two British teenagers who were arrested last year over hacking.

Other names mentioned during the call are bleeped out.

Davis is charged with hacking into websites, including that of Britain's Serious Organised Crime Agency, which was out of service for several hours on June 20 after apparently being targeted.

Cleary was detained in connection with a month-long global rampage last year by the Anonymous splinter group Lulz Security.

At one point in the call, a British participant thanks his American counterpart for helping out with an examination of Cleary's hard drive.

Later, a British participant mentions a hacker from West Midlands who goes by the handle "tehwongz."

"He's a 15-year-old who's basically just doing this all for attention and a bit of an idiot," he said, going on to describe him as "a pain in the bum."

Last month, Anonymous briefly knocked the FBI and Justice Department websites offline in retaliation for the US shutdown of file-sharing site Megaupload.

In late 2010, Anonymous attacked the websites of Amazon, Visa, MasterCard, PayPal and others in retaliation for their decisions to stop working with Julian Assange's anti-secrecy site WikiLeaks.

US Army approves WikiLeaks suspect's court martial

Thu, 09 FEB 2012 09:07:07 AEST

Washington (AFP) Feb 3, 2012 - The US Army said in a statement Friday that it had approved a recommendation that Bradley Manning be court-martialed for allegedly funneling hundreds of thousands of classified documents to WikiLeaks.

The decision clears the way to set a date for Manning, a private with the Army, to face a host of charges, including that he aided the enemy and wrongfully caused intelligence to be openly published on the Internet.

"A military judge will be detailed by the US Army Trial Judiciary and that military judge will set the date for Manning's arraignment, motion hearings and trial," the army statement said.

Manning is also accused of stealing public property or records, transmitting defense information and of committing computer fraud.

A US investigating officer last month concluded that the 24-year-old soldier should be court-martialed because "reasonable grounds exist to believe that the accused committed the offenses alleged."

That recommendation followed a seven-day pre-trial hearing in December to determine if there was sufficient evidence for him to face trial.

If convicted, Manning could be sentenced to life in prison for what authorities have described as one of the most serious intelligence breaches in US history.

Trained on various intelligence systems, the Oklahoma soldier served in Iraq from November 2009 until his arrest the following May.

He is accused of giving WikiLeaks a massive trove of US military reports from Iraq and Afghanistan, 260,000 classified State Department cables, Guantanamo detainee assessments and videos of US air strikes.

Turkey investigates army's 2007 'e-coup'

Thu, 09 FEB 2012 09:07:07 AEST

Ankara (AFP) Feb 2, 2012 - A Turkish prosecutor has launched an investigation into an ultimatum the armed forces gave to the moderate Islamic government almost five years ago, newspapers reported Thursday.

A specially authorised prosecutor in Ankara acted on various complaints about the statement penned by then chief-of-staff retired General Yasar Buyukanit, now 71, said the Hurriyet and Radikal dailies.

At midnight on April 27, 2007 the military -- which considers itself the guardian of secularism in modern-day Turkey -- issued an online memorandum that was seen as openly interfering in politics.

The statement, sometimes dubbed the 'e-memorandum' or 'e-coup', said the armed forces were following with concern a debate about secularism in the midst of an election campaign to nominate the next president.

The statement, issued at a tense political time, threatened to intervene to protect the secular camp being denounced in demonstrations by the Justice and Development Party (AKP) of Prime Minister Recep Tayyip Erdogan.

At the time, parliament in a vote boycotted by the opposition elected foreign minister Abdullah Gul, an AKP member, as president. Shortly after, a referendum ratified a constitutional amendment championed by the AKP for the head of state to be elected by popular vote.

Buyukanit, who has admitted writing the memorandum, and key commanders who were serving at the time, could soon be summoned to court, said the reports.

The case will be handled by the same prosecutor who recently charged the chief of the junta that seized power in a 1980 coup, said the Hurriyet daily.

Two retired generals, Kenan Evren and Tahsin Sahinkaya, are set to appear on April 4 before an Ankara court charged with crimes against the state, which is punishable by life imprisonment.

Evren came to power after the coup and was Turkey's seventh president from 1982 to 1989. Five army generals took power in 1980 but Evren and Sahinkaya are the only ones who are alive today.

The two will be the first coup leaders to face trial in Turkey, where the army was once untouchable and toppled four governments since 1960.

The military's powers have been sharply reduced in recent years by reforms implemented by the AKP.

Dozens of officers are now in jail, charged in various alleged plots against the government that has been in power since 2002.

Ilker Basbug, who was army chief from 2008 to 2010, has also been arrested for an alleged bid to topple the government.

He is the most senior officer implicated in an investigation into the so-called Ergenekon network of dozens of active and retired military officers, academics, journalists and lawyers.

Russia Must Be Ready for Space, Cyber Wars

Thu, 09 FEB 2012 09:07:07 AEST

Moscow (RIA Novosti) Feb 01, 2012 - Russia must be ready for wars in space and in networks, Chief of the General Staff of the Russian Armed Forces Nikolai Makarov said on Saturday.

"As you see, warfare center has moved to aerospace and information spheres, including cyber security, from traditional war theatres on land and sea. Concepts of network-centric war have made great progress," Makarov told an Academy of Military Sciences meeting.

"We appraise how ... this question is being solved in Western leading countries."

Makarov also said that an initial period of war had begun to exert a decisive influence on its course and outcome so modern wars became more short-timed.

The chief added that hi-tech technologies force to cut number of soldiers for higher effectiveness of troops' actions.

Source: RIA Novosti

Report: Real arms race is in cyberspace

Thu, 09 FEB 2012 09:07:07 AEST

Brussels (UPI) Jan 30, 2012 - Conventional and nuclear weapons pose continuing threats but the real arms race now on is in cyberspace, a new cyber defense report said.

The report by Brussels think tank Security and Defense Agenda received input from Intel Corp. subsidiary McAfee technology security company and leading global security experts.

The findings indicated that smaller states Finland, Israel and Sweden surged ahead of larger countries in readiness for cybersecurity and fighting cyber warfare.

Israel's role in cyber warfare in the Middle East has been known, particularly in ongoing confrontation with Iran, but the emergence of Finland and Sweden as cyberspace-savvy operators in the technology industry wasn't widely expected.

The report coincided with other security intelligence posts on the Web that hostile cyber activity emanating from the Middle East, Asia, Russia and former Soviet republics was viewed in the West as a growing problem.

"Cyber-security: The Vexed Question of Global Rules" offered what it termed "a global snapshot" of current thinking about the cyber threats and the measures that should be taken to defend against them, and assesses the way ahead.

SDA said it interviewed leading global security experts to ensure that findings would offer usable recommendations and actions.

Its interviews with about 80 world-leading policymakers and cybersecurity experts in government, business and academia in 27 countries were supplemented with 250 anonymously surveyed world leaders in 35 countries.

It sought to identify key debate areas and trends and help governments and corporate organizations understand how their cyber defense positions compare to those of other countries and organizations.

"Until we can pool our data and equip our people and machines with intelligence, we are playing chess with only half the pieces," said McAfee's Phyllis Schneck, vice president and chief technology officer in the company's global public sector department.

The report says 57 percent of experts interviewed believe that an arms race is taking place in cyberspace.

It said 36 percent of those surveyed said cybersecurity is more important than missile defense.

Of those interviewed, 43 percent identified damage or disruption to critical infrastructure as the greatest single threat posed by cyber attacks and how they led to wide economic consequences.

Nearly half -- 45 percent -- of respondents said that cybersecurity is as important as border security.

Cyber-readiness in the United States, Australia, United Kingdom, China and Germany trailed the smaller countries.

The report ranks 23 countries, less than the 27-member EU members and fewer than the 34-member Organization for Economic Cooperation and Development, which groups industrial countries.

The report recommended more information-sharing and public awareness programs, more funds, more powers for law enforcement agencies, rewriting of global cyber treaties and "best practice-led" international security standards.

"The core problem is that the cyber criminal has greater agility, given large funding streams and no legal boundaries to sharing information, and can thus choreograph well-orchestrated attacks into systems," Schneck said.

The experts agreed that smart phones and cloud computing introduced a new set of problems. Malware targeted at Android devices jumped 76 percent from 2010-11.

Symantec urges users to disable pcAnywhere

Thu, 09 FEB 2012 09:07:07 AEST

Washington (AFP) Jan 26, 2012 - Symantec is recommending that users of its pcAnywhere software disable the product following the theft of source code from the US computer security firm.

"At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks," the Mountain View, California-based company said.

Symantec, in a technical white paper posted on the firm's website, said the vulnerability to pcAnywhere, which allows for remote PC to PC connections, is the result of a 2006 theft of source code by hackers.

The only identified threat, however, is to pcAnywhere and not any of the Norton products.

"With this incident pcAnywhere customers have increased risk," Symantec said. "Malicious users with access to the source code have an increased ability to identify vulnerabilities and build new exploits."

Symantec's recommendation follows a threat this month by hackers in India to publish the stolen source code.

Users warned to disable access software
Mountain View, Calif. (UPI) Jan 26, 2012 - U.S. company Symantec has warned users of its remote access program pcAnywhere to disable it while it fixes vulnerabilities linked to theft of its source code.

The company says the source code for the program, which provides users remote access to their personal computers, was stolen by the hacktivist group Anonymous, PC Magazine reported Thursday.

"Upon investigation of the claims made by Anonymous regarding source code disclosure, Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006," Symantec said in a statement.

"Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks."

Malicious users with access to the source code could use it to create computer attacks that could expose authentication and session information, Symantec said.

US striving to prevent WikiLeaks repeat: spy chief

Thu, 09 FEB 2012 09:07:07 AEST

Washington (AFP) Jan 26, 2012 - The United States is taking "serious and noticeable" measures to prevent another breach of classified files like the massive WikiLeaks document dump, the nation's spy chief said Thursday.

James Clapper, director of national intelligence, said changes were being implemented over the next five years that would create a new security "architecture," making it infinitely harder to disclose America's secrets.

The "terrible event," which saw thousands of US diplomatic and military cables exposed for public scrutiny, "caused us to make some changes," Clapper told a Washington think-tank.

"We have to do more to protect datas and ensure that the information we are giving is actually going to an authorized recipient."

Chief among the changes are improvements in "labeling," and digital "tagging" of diplomatic cables, Clapper said during remarks at the Center for Strategic and International Studies.

At the same time, he said, US officials are eager to ensure information that is intended to be shared can be disseminated without major additional hurdles.

"The goal, of course, is to find that nirvana between the responsibility to share and the need for protection," he said.

Clapper added that the effort aims to protect US secrets not only from outside enemies, but from actors with the system who do not have specific authorization to distribute sensitive US cables and files.

"Frankly we had always responsibility for detecting insider threat. What WikiLeaks has obviously done is heighten our sensitivity about that."

The controversial anti-secrecy WikiLeaks website began releasing US military documents in July 2010. It dumped the entire archive of diplomatic documents in September 2011, causing huge embarrassment to Washington.

A US military tribunal's investigating officer earlier this month recommended that army private Bradley Manning be court-martialed for allegedly funneling hundreds of thousands of classified US documents to WikiLeaks.

Manning, a specialist in US intelligence systems, served in Iraq from November 2009 until his arrest the following May.

He is accused of turning over to WikiLeaks a massive trove of US military reports from Iraq and Afghanistan, some 260,000 classified State Department cables, Guantanamo detainee assessments and videos of US air strikes.

WikiLeaks scandal sparks US intelligence reform

Thu, 09 FEB 2012 09:07:07 AEST

Washington (AFP) Jan 26, 2012 - The WikiLeaks document dump, which saw hundreds of thousands of classified US files leaked, rattled US intelligence officials, forcing them to implement reforms to prevent another such breach.

James Clapper, director of national intelligence, said changes were being put in place over the next five years that would create a new security "architecture," making it infinitely harder to disclose America's secrets.

The "terrible event," which saw sensitive US diplomatic and military cables exposed for public scrutiny, "caused us to make some changes," Clapper told a Washington think-tank, acknowledging the "challenge" ahead.

"We have to do more to protect data and ensure that the information we are giving is actually going to an authorized recipient," he said.

Chief among the changes are improvements in "labeling," and digital "tagging" of diplomatic cables, Clapper said during remarks at the Center for Strategic and International Studies.

At the same time, he said, US officials are eager to ensure information that is intended to be shared can be disseminated without major additional hurdles.

"Frankly we always had responsibility for detecting insider threats. What WikiLeaks has obviously done is heighten our sensitivity about that," he said.

Manning, a specialist in US intelligence systems, served in Iraq from November 2009 until his arrest the following May.

The fact that an Army private could have had access to so much sensitive information has posed a challenge for the intelligence community, amid accusations that data-sharing went too far after the September 11 attacks.

At that time, the community was accused of holding back information that could have been used to prevent the strikes on New York and Washington. After 9/11, inter-agency sharing of classified data increased.

The September 11 attacks "emphasized the need to share" information, said Eric Velez-Villar, deputy assistant director of the FBI, saying that proper information-sharing "can save lives."

Clapper added: "The goal, of course, is to find that nirvana between the responsibility to share and the need for protection."

Corin Stone, an assistant director of national intelligence for policy and strategy, said, "Basically, we seek to restore confidence."

The WikiLeaks scandal has "fundamentally broken trust" in the intelligence community, Stone said. "To restore confidence, we must strengthen security in sharing information."

David Shedd, deputy director of the Defense Intelligence Agency, said intelligence services are trying to manage a "tsunami of data" that forces them to ask themselves how to "process that enormous data flow."

Paul Kshemendra, who was appointed by President Barack Obama in 2010 to head the federal program on intelligence sharing, agreed that the "ocean" of data is growing.

"You need to put a signal in that ocean of noise," he said.

Anonymous, loose-knit group of 'hacktivists'

Thu, 09 FEB 2012 09:07:07 AEST

Washington (AFP) Jan 20, 2012 - Anonymous, which briefly knocked the FBI and Justice Department websites offline in retaliation for the US shutdown of file-sharing site Megaupload, is a shadowy group of international hackers with no central hierarchy.

The temporary disabling of the US government websites is the latest exploit by the loose-knit hacker activists, or "hacktivists," who have taken credit for scores of online attacks over the past few years.

The attacks range from the nuisance-like -- the FBI and Justice Department websites were back up within a few hours -- to the truly damaging involving the loss of data and the exposure of private financial information.

According to computer security researchers, Anonymous does not have a central authority but operates with a "hive mind mentality," agreeing on targets in discussions in Internet chat rooms and striking simultaneously.

Anonymous, on @anonops, one of the various Twitter accounts used by the group, claimed that Thursday's attacks on the Justice Department and FBI websites were their largest ever, involving over 5,600 people.

The distributed denial of service (DDoS) attacks were similar to those staged by Anonymous in late 2010 on the Amazon, Visa, MasterCard and PayPal websites in retaliation for their decisions to stop working with WikiLeaks.

In a typical DDoS attack, a large number of computers are commanded to simultaneously visit a website, overwhelming its servers, slowing service or knocking it offline completely.

The defense of WikiLeaks by Anonymous was an extension of "Operation Payback," a movement which began on the Internet messageboard 4Chan in September 2010.

Operation Payback involved cyber attacks on the websites of the Motion Picture Association of America (MPAA), Recording Industry Association of America (RIAA) and others over their vigorous copyright protection efforts.

"Operation Payback stands for free speech and no censorship," an Anonymous member told AFP in an online chat at the time.

The RIAA and MPAA websites were also targeted by Anonymous on Thursday in retaliation for the US government shutdown of Megaupload.com, which the US authorities accused of massive copyright infringement.

Beyond DDoS attacks, Anonymous has also taken credit for numerous other hacks, most recently the theft of emails and credit card information for subscribers to US intelligence analysis firm Stratfor.

Anonymous said the Stratfor hack was in retaliation for the prosecution of Bradley Manning, the US Army private accused of leaking more than 700,000 US documents to WikiLeaks in one of the most serious intelligence breaches in US history.

A number of Anonymous members have been arrested in Britain and the United States, but law enforcement authorities have emphasized that it is difficult to trace savvy computer users who know how to hide their tracks.

In September, the FBI arrested a member of the Anonymous-affiliated Lulz Security in connection with a crippling cyberattack on Japanese electronic giant Sony's online operations.

Sony's PlayStation Network, Qriocity music streaming service and Sony Online Entertainment were targeted by hackers beginning in April of last year.

Over 100 million accounts were affected and it took Sony months to completely restore its online services.

The Sony hacks were both claimed and denied by Anonymous -- a not infrequent occurrence with a group that does not speak with a single voice.