Tag Archives: Cyber Attack

Intelligence Officials Admit China Has Hacked Obama Administration Emails Since 2010

Senior U.S. Intelligence officials are confirming that China has been hacking the emails of Obama Administration officials since 2010.

The National Security Agency (NSA) has confirmed the intrusions were first detected in April 2010 and that the hacking of various accounts is still taking place.  The NSA official said that all top national security and trade officials have been targeted by the attack including Joint Chiefs of Staff Chairman Adm. Mike Mullen and Chief of Naval Operations Adm. Gary Roughead.

Gmail accounts were specifically mentioned by the NSA official but other email providers were also confirmed to have violated by the attack.

NBC reported the hacks were first code-named Dancing Pandaand then Legion Amethyst.

“There’s no effective defense against these attacks and, as we’ve seen, there’s also no effective deterrence,” geopolitical expert Ian Bremmer told Business Insider in June.

“China isn’t trying to engage in ‘integrity’ attacks against the US they don’t want to destroy American institutions and architecture as, after all, they’re hugely invested in American economic success,” he added.

Russia Accused in Hacking of Joint Chiefs of Staff

Investigations into a hacking attack on the email system for the Joint Chiefs of Staff has revealed that Russia is behind the cyberassault that shut down their system for 11 days.

The hackers broke into an unclassified email network using malware or “phishing” attempts, meaning an email recipient had to open an infected attachment to an e-mail to allow the malicious programs to access the system.

An official with the joint chiefs called the attack the “most sophisticated” attack on their network.

Another official told CBS News that the attack impacted the 4,000 personnel who work for the Chairman of the Joint Chiefs.  Most of those personnel are military members.

Pentagon officials repeatedly stated that the classified email network was not impacted and said the Joint Chiefs were given an alternative method to send unclassified emails while the system was shut down to clear out the malicious software.

The attack is the latest in several high-profile attacks on the U.S. Government’s email systems this year.  Previous attacks were attributed to Chinese hackers.

Entire National Security System Possibly Compromised by Hacking

A new report from Fox News shows that the entire U.S. national security system was likely undermined by a year-long hacking attack that was spotlighted by the revelations of 21.5 million Americans having their data stolen from the Office of Personnel Management (OPM).

Experts who spoke with Fox say that the data taken is so sensitive that it could be used to blackmail leaders or those who could be elected to public office in the future.

“There may be people walking around with higher levels of clearance than they should have,” one expert told Fox. “I believe the entire national security apparatus is now at risk. It’s mind-boggling.”

“It’s the digital equivalent of Pearl Harbor,” another expert added. “Because people don’t see the carnage, they don’t recognize that this is the equivalent of an act of war. This is about espionage—Cold War tactics in the modern digital age.”

Also being revealed is that contractors to OPM that conducted background checks were hacked.  A firm named USIS who worked for Homeland Security was hacked in December 2014; Keypoint, who took over the USIS contract, was hacked in June 2015.

Director of National Intelligence James Clapper has said that China is the leading suspect behind the massive, year-long hacking attack.

The report comes a day after OPM said they are working with the Defense Department to notify anyone impacted by the attack and provide them with identify-fraud protection services.  The contractor for the project will likely not be chosen until mid-August.

OPM plans to provide the free monitoring for those victimized by the hack for three years.

Hackers Take Control of Jeep Cherokee From Miles Away

Two hackers have shown an exploit in the Jeep Cherokee that would allow them to take control of the vehicle from miles away.

In one demonstration, they caused the vehicle to crash.

Two cybersecurity experts, Charlie Miller and Chris Valasek, worked with Wired magazine to expose a flaw in the computer software that allows remote takeover the vehicle by anyone with knowledge of computer hacking.

In one test, Wired magazine staffer Andy Greenberg was driving 70 miles an hour near downtown St. Louis when the air conditioning suddenly blasted at maximum,  the radio changed to a new radio station and blasted full volume and the windshield wipers turned on while blasting wiper fluid making it almost impossible to see the road.

The hackers then put a picture of themselves on the car’s digital display.

The hackers had previously performed similar experiments with a Ford Escape and Toyota Prius, although they were in the backseats of the car.

In these tests, they were more than 10 miles away in the basement of one of the two security experts.

A test conducted away from traffic for safety reasons showed the hackers could lock up brakes, disable driving and transmission and kill the engine.  In one test, the driver was helpless as the car crashed off the road into a ditch.

The hackers can also track the car’s GPS, measure speed and drop pins on a map to track the car’s movements.

Chrysler responded while they appreciate the efforts to show exploits that can be corrected, they were not pleased the information was released.

“Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” the company’s statement reads. “We appreciate the contributions of cybersecurity advocates to augment the industry’s understanding of potential vulnerabilities. However, we caution advocates that in the pursuit of improved public safety they not, in fact, compromise public safety.”

Hack of Government Servers Much Larger Than First Disclosed

The attack on servers controlling data for the Office of Personnel Management (OPM) is now being reported as significantly larger than initially disclosed to the public.

Government investigators say the total number of people who had data taken in the attack suspected of being carried out by Chinese hackers was roughly 21.5 million, well above the initially released estimate of 4 million people.

The 21.5 million includes many non-government employees after the initial report claimed that it was only government workers who were at risk.

“If an individual underwent a background investigation through OPM in 2000 or afterwards … it is highly likely that the individual is impacted by this cyber breach,” OPM’s statement read.

Republicans in Congress were calling on the President to replace OPM Director Katherine Archuleta.

“It has taken this administration entirely too long to come to grips with the magnitude of this security breach — a breach that experts agree was entirely foreseeable. Americans who serve our country need to be able to trust that the government can keep their personal information safe and secure,” House Speaker John Boehner said in a statement.

Jason Chaffetz, the head of the House Oversight and Reform Committee, called on the President to not only fire Archuleta but also Chief Information Officer Donna Seymour.

“Their negligence has now put the personal and sensitive information of 21.5 million Americans into the hands of our adversaries. Such incompetence is inexcusable,” Chaffetz, a Republican, said Thursday in a statement.

Army Website Hit By Syrian Hackers

The U.S. Army’s official website was taken down Monday by hackers who claim they were the Syrian Electronic Army.

The attack forced the Army to take army.mil offline to protect from further damage.

The hacking comes less than a week after the discovery of Chinese hackers breaking into several important federal government servers that housed the personal information of millions of federal employees.

“Today an element of the Army.mil service provider’s content was compromised,” Army Brig. Gen. Malcolm Frost said in a statement. “After this came to our attention, the Army took appropriate preventive measures to ensure there was no breach of Army data by taking down the website temporarily.”

The Syrian Electronic Army launched in 2011 with a stated goal of attacking the enemies of the Syrian government.  They claim to not be officially connected to the Syrian government.

The Army has been the target of hacking in the recent past.  Five months ago the website was hit by pro-ISIS hackers who posted messages on the Army’s YouTube and twitter accounts.

Hackers Strike Israeli Websites

Anti-Semitic hackers attacked Israeli websites Tuesday after an international hacking collective threatened to launch an “electronic Holocaust.”

The hacking campaign is timed to strike the country during Israel’s annual “Holocaust Remembrance Day.”

The hackers struck the websites of Israeli musicians and non-profit groups according to the Israeli Computer Emergency Response Team.  The hackers replaced the sites with photos of Muslim holy sites and photos of ISIS terrorists holding their militant flag.

“We are always here to punish you! Because we are the voice of Palestine and we will not remain silent!” the message read.

The cyber terrorists had vowed to take down Israeli government sites, banks and other public institutions.  However, their attempts to breach advances security measures apparently failed as no major disruptions were reported by any major organization.

Israel’s national cyber bureau admitted they boosted defenses before the beginning of the announced attack.

ISIS Breaks Into U.S. Government Twitter Accounts

And now, we have a cyber war.

A group calling themselves Cyber Caliphate and expressing their support for ISIS has taken over the Twiiter and YouTube accounts of the United States Central Command Monday.

The group used the hack to post their own images and statement of support for the terrorist group.  They also posted Pentagon documents, army rosters and even the home addresses of military generals.

The hack took place on the same day that President Obama was introducing new legislation aimed at enhancing cybersecurity.

While the actual method of the hack has not been determined, cyber security experts believe it was likely a phishing attack against the person who heads CENTCOM’s social media account. Phishing is when an e-mail is sent with an attachment that will return the passwords saved on a computer to a hacker.

CENTCOM confirmed the hack but would provide no other information to the press.

The White House downplayed the incident.

“There’s a pretty significant difference between what is a large data breach, and the hacking of a Twitter account,” White House spokesman Josh Earnest told reporters.

FBI Confirms North Korea Behind Hacker Attack on Sony

The FBI announced Friday that North Korea was definitively behind the cyberattack against Sony that released movies, damaging e-mails and other personal information about employees and celebrities.

“The FBI now has enough information to conclude that the North Korean government is responsible for these actions,” the FBI said in a statement on Friday.  “[There is] significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea.”

The investigators say that North Korea’s intentions were to clearly harm not only Sony but the rights of Americans.

“We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there,” the FBI said in its statement. “Further, North Korea’s attack on SPE reaffirms that cyber threats pose one of the gravest national security dangers to the United States. Though the FBI has seen a wide variety and increasing number of cyber intrusions, the destructive nature of this attack, coupled with its coercive nature, sets it apart.”

Former U.S. ambassador to the U.N. John Bolton told Fox News that unless the United States responds strongly to this attack, it will be open season on the U.S. from hackers in other countries.

“I think it is correct to treat it as a national security threat because it really could have been in a serious place,” Bolton said. “If we can conclude it was North Korea, we need to put them back on the list of state sponsors of terrorism, we need to put all the economic sanctions back in place.  If you treat this simply as an inconvenience, other countries will conclude that they can attack and get away with it.”

Syrian Electronic Army Makes Thanksgiving Cyber Attack

The Syrian Electronic Army decided to take American Thanksgiving and use it to remind the world they are still watching.

A number of major websites, including major media organizations, were targeted by the SEA.   Their websites were met with an error message that read “you’ve been hacked by the Syrian Electronic Army (SEA).”

Other websites featured nothing but the SEA logo.

Dell, Microsoft, Ferrari and even UNICEF were hit by the group.

“It is PR move to show they have the skills, but what they are doing is not dramatically sophisticated,” Ernest Hilbert, managing director of cybercrime at investigations firm Kroll, and former FBI agent, told CNBC, who had been a victim of the group.

“This is a defacement of a website and they redirected traffic from the real site to a site with their stuff on it instead.”

The SEA are a group of hackers that support the government of Bashir al-Assad and claim that western media outlets are backing the terrorist groups that have been fighting against the Syrian regime.