FBI Suspects Terrorists Are Exploring Cyber Attacks

According to a WSJ report today, The FBI is looking at groups suspected of having links to al Qaeda who have shown an interest in mounting an attack on computer systems that control critical U.S. infrastructure.

While there is no evidence that terrorist groups have developed sophisticated cyber-attack capabilities yet, a lack of security protections in U.S. computer software increases the likelihood that terrorists could execute attacks in the future, an official warned.

If terrorists were to amass such capabilities, they would be wielded with “destructive and deadly intent,” Steven Chabinsky, deputy assistant director of the FBI’s Cyber Division, told the Senate Judiciary Committee Tuesday.

“The FBI is aware of and investigating individuals who are affiliated with or sympathetic to al Qaeda who have recognized and discussed the vulnerabilities of the U.S. infrastructure to cyber-attack,” Mr. Chabinsky told the committee, without providing details.

Such infrastructure could include power grids and transportation systems.

The control systems of U.S. infrastructure as well as money transfers are now connected directly or indirectly to the Internet. Hackers have been able to penetrate computer systems running components of the U.S. electric grid as well as divert bank transfers.

Read Full Article

DHS Seeks Veteran Owned Business To Assist With Cyber Wiki

The Homeland Security Department’s National Cyber Security Center is looking for a veteran-owned small business to operate its Cyber Operations Wiki System.
The goal of the wiki is to provide a platform for collaboration to support at least six federal cyber mission centers.

The department published an amended draft statement of work on the Federal Business Opportunities Web site on Sept. 9. The acquisition is a set aside for service-disabled, veteran-owned small businesses. Previously, the department had designated a specific company for the work.

According to the draft, the vendor will support design, system development, staging, and implementation of the wiki, including the training of users and post-implementation documentation requirements.

“The wiki platform is intended to foster information sharing and provide knowledge management services, while dramatically reducing traditional skilled webmaster support in favor of immediate open interaction of participants, at all three classification levels,” reads the draft statement. “Use of the wiki is intended to leverage the strengths of individual subject matter expertise and exploit the collective intellectual contribution of all of the centers and their customers that participate in the use of the Cyber Ops Wiki.”

Source

Military Source Warns of North Korea’s EMP Bomb

North Korea is developing a bomb that emits an electromagnetic field upon explosion and damages nearby electronic devices, a South Korean military source has revealed to the JoongAng Ilbo. The source said North Korea has been working on the electromagnetic pulse bomb, or EMP bomb, since the mid-1990s, with help from Russian scientists, adding that the weapon may be near completion.

The EMP bomb produces a short but strong electromagnetic pulse that, if exploded 40 kilometers (25 miles) above ground, would affect equipment within a 700-kilometer radius, including exposed electrical conductors, such as wires.

According to Australia-based defense analyst Carlo Kopp and his paper at the GlobalSecurity.org Web site, the EMP effect can cause irreversible damage to electrical and electronic devices, such as computers, radio and radar. He noted that EMP devices can render many modern military platforms useless because they are packed with electronic equipment. He argued that the damaged inflicted by such a bomb is akin to the harm caused by powerful bolts of lightning. The EMP bomb is not known to cause casualties. The U.S. forces used them at the onset of the war on Iraq in 2003.

The South Korean source said he expects the North to develop EMP bombs as warheads for aircraft bombs and for Scud-B missiles, warning that the North could use the weapons early and often if war broke out on the peninsula. South Korean and U.S. forces are vulnerable to EMP attacks since they rely on a great number of computer systems and their weapons are heavily equipped with electronic devices, the source explained.

Read Article

Study Warns of Cyberwarfare During Military Conflicts

An independent research group predicts that cyberwarfare will accompany future military conflicts and is recommending international action to blunt its impact. The nonprofit U.S. Cyber Consequences Unit studied the cybertactics used against the country of Georgia during its military conflict with Russia last year. Cyberattacks in August 2008 shut down the Web sites of crucial Georgian government agencies, the media and banks.

“The Russians have developed a model here that is very effective,” said Scott Borg, director of US-CCU. “We can expect to see the Russians use it in the future, and other countries as well.”

Because of the sensitive nature of much of the information, the full 100-page report is being released only to U.S. government officials and selected cybersecurity professionals. CNN was provided a nine-page summary.

The study concludes that the cyberattacks against Georgian targets were carried out by civilians, many of them recruited via social networking forums devoted to dating, hobbies and politics.

“There was a large-scale collaboration on these forums,” said US-CCU’s chief technical officer, John Bumgarner. “They were used to recruit potential actors to launch attacks, to collaborate on what types of attacks worked and what types of attacks didn’t work. They were used to collaborate on how to bypass security controls and share attack codes.”

As a result, Borg said, Russian sympathizers who were not hackers, and who didn’t even know much about computers, could participate.

Read Full Article

House Panel Examines EMP, Cyber Terror Threats to Electric Grid

Legislation must allow fast action in case of physical attacks, like an EMP pulse, or cyber attacks against the electric grid, experts say

Although some have considered an Electromagnetic Pulse (EMP) on the nation’s electric grid unlikely, experts told a panel of the House Homeland Security Committee Tuesday that if the US completely ignores the possibility of such an attack, the possibility of an attack gets much higher.

“Some in government have taken the position that EMP attack and geomagnetic storm disruption are low-probability events…” said William Graham, chairman for the Commission to Assess the Threat to the United States from Electromagnetic Pulse, a congressionally mandated commission to study the risk of EMP pulses. “By ignoring large scale, catastrophic EMP vulnerability, we invite such attack on our infrastructure by adversaries looking to attack us where we are weak, not where we are strong.”

A high-altitude EMP is the result of the detonation of a nuclear warhead at altitudes between 40-400 km above the Earth’s surface, Graham told the House Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology.

“The immediate effects of EMP are disruption of, and damage to, electronic systems and electrical infrastructure,” Graham said. “EMP is not reported in the scientific literature to have direct effects on people.”

Subcommittee chairwoman Yvette Clarke (D-NY) said the risk of an EMP attack or cyber attack is a significant threat to homeland security.

“Many nation states, like Russia, China, North Korea, and Iran, have offensive cyber attack capabilities, while terrorist groups like Hezbollah and al Qaeda continue to work to develop capabilities to attack and destroy critical infrastructure like the electric grid through cyber means,” Clarke said.

Homeland Security Today – preparedness and security news – House Panel Examines Threats to US Electric Grid

Congressman Calls For Cyber Reprisals Against North Korea

A Republican congressman has urged the US to unleash a retaliatory cyber-attack against North Korea over DDoS attacks supposedly launched against US and South Korean websites.

Congressman Peter Hoekstra of Michagan, the lead Republican on the House Intelligence Committee, urged President Obama to mount a “show of force” against North Korea over its alleged role in cyberattacks last week.

Hoekstra made the call to fire up the cyber-equivalent of B-52 bombers despite absolutely no evidence that the impoverished, hard-line communist state is involved in the assault. This lack of evidence didn’t prevent Hoekstra from warning about possible “cyber-geddon” if the US failed to act on last week’s attacks.

If action is not taken, he said during an appearance on American radio show, “next time they’ll go in and shut down a banking system…or manipulate the electrical grid either here or in South Korea. Or they will try and miscalculate, and people will be killed.”

via Congressman calls for ‘cyber-reprisals’ against North Korea • The Register.

North Korea May Be Behind Wave of Cyberattacks

South Korean intelligence officials believe it was North Korea or pro-Pyongyang forces that committed cyber attacks that paralyzed major South Korean and U.S. government Web sites, aides to two lawmakers said Wednesday.

Read the related stories.

Government Agencies, Washington Post Targeted in Cyberattack

Cyber Attack Hits South Korean Web Sites

Source

Government Agencies, Washington Post Targeted in Cyberattack

A widespread and coordinated cyberattack during the past few days has targeted Web sites operated by major government agencies, including the departments of Homeland Security and Defense, the Federal Aviation Administration and the Federal Trade Commission, according to several computer security researchers.

The attacks involved thousands of computers around the globe infected with rogue software that told them to repeatedly attempt to access the targeted sites, a tactic aimed at driving up traffic beyond the sites’ normal capacity and denying access to legitimate users, according to the researchers, many of whom spoke on condition of anonymity because they are helping with the investigation.

Department of Homeland Security spokeswoman Amy Kudwa said that the agency was aware of ongoing attacks and that the government’s Computer Emergency Response Team had issued guidance to public and private sector Web sites to stem the attacks.

Read Full Article

Cyber Attack Hits South Korean Web Sites

A number of South Korean government Web sites were inaccessible on Wednesday, apparently taken offline by a large cyber-attack that had earlier hit U.S. government sites.

The Web site for South Korea’s president, the Blue House, and those for the National Assembly and Ministry of National Defense were all offline at Wednesday lunchtime. Also inaccessible was the home page of the Grand National Party and the Chosun Ilbo national newspaper

The Korea Internet Security Center’s security index was set at “substantial,” which is the middle of its five levels and signifies regional Internet security problems and advises all Internet users to take urgent security measures.

Local press reports said around 25 sites had been hit since late Tuesday including those of major banks including Shinhan Bank and Korea Exchange Bank and major portal Naver. All three appeared to be operating normally at Wednesday lunchtime but a prompt on the page of Shinhan Bank referenced a distributed denial of service (DDOS) attack and advised users to download security software.

Read Full Article

Cybercriminals Steal $415,000 From Bullitt County Kentucky

Sophisticated international cybercriminals stole $415,000 from a bank account belonging to Bullitt County, Ky. last month — and got two dozen regular citizens to help them.

[...]

A gang based in the former Soviet Union used viruses to secretly take control of computers used by county officials, including the country treasurer and a local judge, according to the Washington Post.

Then they secretly re-routed e-mails containing one-time passwords that both the treasurer and the judge would have to use to authorize wire transfers from the account, which belonged to Bullitt County Fiscal Court in Shepherdsville and was used to make payroll.

Beginning on June 22, the hackers began sending transfers, each under $10,000 so as not to alert federal watchdogs, to the bank accounts of 25 different Americans who’d been unwittingly recruited as “mules” by the Eastern European criminals.

The mules, who’d responded to ads for temporary at-home editing work on the job-placement Web site CareerBuilder.com, were instructed to keep 5 percent of the transfers as “commissions” and wire the rest of the money to accounts in Ukraine and Russia.

One mule found herself out thousands of dollars once Bullitt County got wise to what was happening and its bank started recalling the transfers.

Read Full Article

Al-Qaeda Planning Cyber Terror War Against Britain

Al-Qaeda is intent on using the internet to launch a cyber-warfare campaign against Britain, Lord West, the Security Minister, has warned.

Terrorist groups, which already use the internet for recruitment, propaganda and communication purposes, want to turn it into a dangerous weapon, he said.

Lord West issued the warning as he published the Government’s new Cyber Security Strategy aimed at heading off online threats.

As well as potential cyber-attacks from terrorists, Britain faces a real and growing threat from foreign governments such as China and Russia, and from organised criminal gangs, he said.

Targets include key businesses, the national power grid, financial markets and Whitehall departments.

As part of attempts to beef up defences, a new Office for Cyber Security will be set up to co-ordinate Government policy.

Another new development will see the creation of a “cyber-forensics” team based at GCHQ, the Government’s eavesdropping centre in Cheltenham, Gloucestershire.

The Cyber Security Operations Centre will constantly monitor, analyse and counter cyber attacks as they happen.

Source

Cyber Terrorism Threat Increasing – How To Prevent A Digital 9/11

Following a two-day wargame exercise on cyber-security issues, Homeland Security Secretary Michael Chertoff today said that no one person should be in charge of cyber-security, despite the growing and emerging future threats.  Read More

So might such a threat play out? Pajamas Media provides additional details…

It starts on a cold November night. You went to sleep, comfortably warm, after listening to the late news: a nor’easter coming through, the worst storm in several years. You go to bed, quietly excited at the thought of the fairly certain snow day — build a snowman with the kids, maybe work through the email that has piled up, and do a little online shopping; after all Christmas is coming.

That’s not the way it works out, though — about 3 a.m., you awaken, cold. The house is too cold. You get out of bed — the hardwood floor icy against your feet — and when you flip the hall light switch, nothing happens. Odd, the power is out. Automatically, you look out the window and realize the whole neighborhood is dark; in fact, there is no sky glow — usually, you can see the red shimmer of New York City on a cloudy night. It’s darker than you’ve ever seen it.

Sounds like a Tom Clancy novel, doesn’t it? It’s all too realistic, though. This is based on a scenario that was war-gamed by the “U.S. Professionals for Cyber Defense” in the months after 9/11. I talked it over with Dr. John McHugh, Canada Research Chair in Privacy and Security of the faculty of computer science at Dalhousie University in Halifax, Nova Scotia, one of the members of the committee. They investigated whether or not there was a credible threat from a first-strike cyberattack. Their answer was frightening.

Railroads are largely controlled by computers; change a switch while a train is passing over it and you have an instant derail. Gas pipelines are also computer controlled; to my surprise, you can blow them up entirely by computer control — reverse the pumps on the ends, pressure builds up in the middle, and something, somewhere, will eventually give way.

Traffic flow, the electrical system, all much the same. To give the most effect, attack during a major storm — the nor’easter — and apply a few “kinetic” attacks read “bombs” at critical points. Dr. McHugh says they found the most credible attacks combined large-scale cyberattacks with a few small conventional acts of terrorism at vulnerable points, in order to surgically cause the most damage. The attacks were low effort, but high skill, and they could cripple the U.S. economy for years.

You have to fumble in the dark to find the phone; it’s dead. You try your cell phone; no service. And the house is getting colder.

You were better prepared than a lot of people: you have a portable radio and flashlight combination, and it’s even one of the ones that can be hand-cranked. It’s more work than you thought to crank it up, but now you’re getting nervous. You turn it on — and you need to search for a station. You finally find a distant station, CJCL in Toronto. They are reading news, in a hushed and controlled voice. Power out over large parts of the East Coast, in California, and across the Midwest. Explosions reported in Texas and Oklahoma, trains derailed all over the country, the tunnels into Manhattan closed. Telephone systems out over much of the country — and the president will be speaking soon. He’s been moved to a secret, secured location. Once again, like on September 11, 2001, the world wonders: is it war?

via Pajamas Media

World Bank Under Cyber Siege in Unprecedented Attack

It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution’s highly-restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank’s network for nearly a month in June and July.

In total, at least six major intrusions — two of them using the same group of IP addresses originating from China — have been detected at the World Bank since the summer of 2007, with the most recent breach occurring just last month.

In a frantic midnight e-mail to colleagues, the bank’s senior technology manager referred to the situation as an “unprecedented crisis.” In fact, it may be the worst security breach ever at a global financial institution. And it has left bank officials scrambling to try to understand the nature of the year-long cyber-assault, while also trying to keep the news from leaking to the public.

[...]

While it remains unclear how much data has been pilfered from the bank, it’s a lot. According to internal memos, “a minimum of 18 servers have been compromised,” including some of the bank’s most sensitive systems — ranging from the bank’s security and password server to a Human Resources server “that contains scanned images of staff documents.”

http://www.foxnews.com/story/0,2933,435681,00.html

U.S. At Risk of Cyberattacks According To Experts

The next large-scale military or terrorist attack on the United States, if and when it happens, may not involve airplanes or bombs or even intruders breaching American borders.

Instead, such an assault may be carried out in cyberspace by shadowy hackers half a world away. And Internet security experts believe that it could be just as devastating to the U.S.’s economy and infrastructure as a deadly bombing.

Experts say last week’s attack on the former Soviet republic of Georgia, in which a Russian military offensive was preceded by an Internet assault that overwhelmed Georgian government Web sites, signals a new kind of cyberwar, one for which the United States is not fully prepared.

“Nobody’s come up with a way to prevent this from happening, even here in the U.S.,” said Tom Burling, acting chief executive of Tulip Systems, an Atlanta, Georgia, Web-hosting firm that volunteered its Internet servers to protect the nation of Georgia’s Web sites from malicious traffic.

“The U.S. is probably more Internet-dependent than any place in the world. So to that extent, we’re more vulnerable than any place in the world to this kind of attack,” Burling added. “So much of what we’re doing [in the United States] is out there on the Internet, and all of that can be taken down at once.”

Source