Cyber attacks on the USA (catch all)

[OUTLAW 09]

Whoops:
Link:http://www.voanews.com/a/russian-mal...d/3658860.html

A more polemical, almost funny in places given the author, but it does cite the WaPo story having an Editor's update:
Link:https://theintercept.com/2016/12/31/...electric-grid/

BUT is here the reality of a power grid network...had that computer been attached to the power grid and all grids are based on a network...once you gain entrance to any network a hacker can then work his way easily to the controlling network of power grids as they car inherently also connected to the power company management network for things like email....and computer updates.....

Take it from someone who works with power companies here in Europe...easy easy easy once you have a single infected computer on any network.....

And surprise surprise most of the power grid hacks conducted by Russians here in Europe come via email phishing....so much more needs to be done on the security education of the end users....

BTW...this was the entrance method for the election hacks of DNC....and the three State voting databases....just need one single inflected computer these days...

[AdamG]

Since May, hackers have been penetrating the computer networks of companies that operate nuclear power stations and other energy facilities, as well as manufacturing plants in the United States and other countries.
Among the companies targeted was the Wolf Creek Nuclear Operating Corporation, which runs a nuclear power plant near Burlington, Kan., according to security consultants and an urgent joint report issued by the Department of Homeland Security and the Federal Bureau of Investigation last week.
The joint report was obtained by The New York Times and confirmed by security specialists who have been responding to the attacks. It carried an urgent amber warning, the second-highest rating for the sensitivity of the threat.
The report did not indicate whether the cyberattacks were an attempt at espionage — such as stealing industrial secrets — or part of a plan to cause destruction. There is no indication that hackers were able to jump from their victims’ computers into the control systems of the facilities, nor is it clear how many facilities were breached.

https://www.nytimes.com/2017/07/06/t...ck-report.html

[AdamG]

WASHINGTON — The cybersecurity company FireEye says in a new report to private clients, obtained exclusively by NBC News, that hackers linked to North Korea recently targeted U.S. electric power companies with spearphishing emails.
The emails used fake invitations to a fundraiser to target victims, FireEye said. A victim who downloaded the invitation attached to the email would also be downloading malware into his or her computer network, according to the FireEye report. The company did not dispute NBC's characterization of the report, but declined to comment.
There is no evidence that the hacking attempts were successful, but FireEye assessed that the targeting of electric utilities could be related to increasing tensions between the U.S. and North Korea, potentially foreshadowing a disruptive cyberattack.

http://www.newsweek.com/yellowstone-...ecorded-677387

[AdamG]

The Department of Homeland Security and Federal Bureau of Investigation warned in a report distributed by email late on Friday that the nuclear, energy, aviation, water and critical manufacturing industries have been targeted along with government entities in attacks dating back to at least May.
The agencies warned that hackers had succeeded in compromising some targeted networks, but did not identify specific victims or describe any cases of sabotage.

http://www.reuters.com/article/us-us...-idUSKBN1CQ0IN

[davidbfpo]

The full title is 'Extremist Content and Russian Disinformation Online: Working with Tech to Find Solutions' and the author, Clint Watts (Forum member), gave evidence today before the Senate Judiciary Committee, Subcommittee on Crime and Terrorism.

There is much to learn; this sentence IMHO will resonate with Forum readers:

Stopping the false information artillery barrage landing on social media users comes only when those outlets distributing bogus stories are silenced – silence the guns and the barrage will end.

(He ends with) America’s war with itself has already begun. We all must act now on the social media battlefield to quell information rebellions that can quickly lead to violent confrontations and easily transform us into the Divided States of America.

Link:https://www.fpri.org/article/2017/10...ind-solutions/

[AdamG]

FBI Director Chris Wray and a team of security officials told the Senate Intelligence Committee on Tuesday that Huawei and ZTE pose threats to the US.

That position of power would allow Huawei or ZTE "the capacity to exert pressure or control over our telecommunications infrastructure, it provides the capacity to maliciously modify or steals information and provides the capacity to conduct undetected espionage."
He commended AT&T and Verizon for heeding the government's warnings regarding Huawei, which led to the Mate 10 Pro not getting carrier support in the US.

https://www.cnet.com/news/huawei-zte...hris-wray-nsa/

[AdamG]

Researchers Rickrolled Emergency Alert Sirens in Proof-of-Concept Hack
Security researchers found that it was relatively easy to hijack the signal of the emergency alert siren system in San Francisco.
https://motherboard.vice.com/en_us/a...ergency-sirens

[AdamG]

Senior U.S. and British officials on Monday blamed the Russian government for coordinated cyberattacks against internet infrastructure worldwide in an effort to conduct espionage and intellectual property theft.

Officials said that Russian hackers have been conducting a months-long cyber campaign against network devices used by government organizations, private industry and critical infrastructure operators. The hackers have tried to breach routers, switches and firewalls in an effort to breach organizations across the globe, officials said.

http://thehill.com/policy/cybersecur...ternet-devices