FBI Suspects Terrorists Are Exploring Cyber Attacks

According to a WSJ report today, The FBI is looking at groups suspected of having links to al Qaeda who have shown an interest in mounting an attack on computer systems that control critical U.S. infrastructure.

While there is no evidence that terrorist groups have developed sophisticated cyber-attack capabilities yet, a lack of security protections in U.S. computer software increases the likelihood that terrorists could execute attacks in the future, an official warned.

If terrorists were to amass such capabilities, they would be wielded with “destructive and deadly intent,” Steven Chabinsky, deputy assistant director of the FBI’s Cyber Division, told the Senate Judiciary Committee Tuesday.

“The FBI is aware of and investigating individuals who are affiliated with or sympathetic to al Qaeda who have recognized and discussed the vulnerabilities of the U.S. infrastructure to cyber-attack,” Mr. Chabinsky told the committee, without providing details.

Such infrastructure could include power grids and transportation systems.

The control systems of U.S. infrastructure as well as money transfers are now connected directly or indirectly to the Internet. Hackers have been able to penetrate computer systems running components of the U.S. electric grid as well as divert bank transfers.

Read Full Article

Military Source Warns of North Korea’s EMP Bomb

North Korea is developing a bomb that emits an electromagnetic field upon explosion and damages nearby electronic devices, a South Korean military source has revealed to the JoongAng Ilbo. The source said North Korea has been working on the electromagnetic pulse bomb, or EMP bomb, since the mid-1990s, with help from Russian scientists, adding that the weapon may be near completion.

The EMP bomb produces a short but strong electromagnetic pulse that, if exploded 40 kilometers (25 miles) above ground, would affect equipment within a 700-kilometer radius, including exposed electrical conductors, such as wires.

According to Australia-based defense analyst Carlo Kopp and his paper at the GlobalSecurity.org Web site, the EMP effect can cause irreversible damage to electrical and electronic devices, such as computers, radio and radar. He noted that EMP devices can render many modern military platforms useless because they are packed with electronic equipment. He argued that the damaged inflicted by such a bomb is akin to the harm caused by powerful bolts of lightning. The EMP bomb is not known to cause casualties. The U.S. forces used them at the onset of the war on Iraq in 2003.

The South Korean source said he expects the North to develop EMP bombs as warheads for aircraft bombs and for Scud-B missiles, warning that the North could use the weapons early and often if war broke out on the peninsula. South Korean and U.S. forces are vulnerable to EMP attacks since they rely on a great number of computer systems and their weapons are heavily equipped with electronic devices, the source explained.

Read Article

House Panel Examines EMP, Cyber Terror Threats to Electric Grid

Legislation must allow fast action in case of physical attacks, like an EMP pulse, or cyber attacks against the electric grid, experts say

Although some have considered an Electromagnetic Pulse (EMP) on the nation’s electric grid unlikely, experts told a panel of the House Homeland Security Committee Tuesday that if the US completely ignores the possibility of such an attack, the possibility of an attack gets much higher.

“Some in government have taken the position that EMP attack and geomagnetic storm disruption are low-probability events…” said William Graham, chairman for the Commission to Assess the Threat to the United States from Electromagnetic Pulse, a congressionally mandated commission to study the risk of EMP pulses. “By ignoring large scale, catastrophic EMP vulnerability, we invite such attack on our infrastructure by adversaries looking to attack us where we are weak, not where we are strong.”

A high-altitude EMP is the result of the detonation of a nuclear warhead at altitudes between 40-400 km above the Earth’s surface, Graham told the House Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology.

“The immediate effects of EMP are disruption of, and damage to, electronic systems and electrical infrastructure,” Graham said. “EMP is not reported in the scientific literature to have direct effects on people.”

Subcommittee chairwoman Yvette Clarke (D-NY) said the risk of an EMP attack or cyber attack is a significant threat to homeland security.

“Many nation states, like Russia, China, North Korea, and Iran, have offensive cyber attack capabilities, while terrorist groups like Hezbollah and al Qaeda continue to work to develop capabilities to attack and destroy critical infrastructure like the electric grid through cyber means,” Clarke said.

Homeland Security Today – preparedness and security news – House Panel Examines Threats to US Electric Grid

Congressman Calls For Cyber Reprisals Against North Korea

A Republican congressman has urged the US to unleash a retaliatory cyber-attack against North Korea over DDoS attacks supposedly launched against US and South Korean websites.

Congressman Peter Hoekstra of Michagan, the lead Republican on the House Intelligence Committee, urged President Obama to mount a “show of force” against North Korea over its alleged role in cyberattacks last week.

Hoekstra made the call to fire up the cyber-equivalent of B-52 bombers despite absolutely no evidence that the impoverished, hard-line communist state is involved in the assault. This lack of evidence didn’t prevent Hoekstra from warning about possible “cyber-geddon” if the US failed to act on last week’s attacks.

If action is not taken, he said during an appearance on American radio show, “next time they’ll go in and shut down a banking system…or manipulate the electrical grid either here or in South Korea. Or they will try and miscalculate, and people will be killed.”

via Congressman calls for ‘cyber-reprisals’ against North Korea • The Register.

Government Agencies, Washington Post Targeted in Cyberattack

A widespread and coordinated cyberattack during the past few days has targeted Web sites operated by major government agencies, including the departments of Homeland Security and Defense, the Federal Aviation Administration and the Federal Trade Commission, according to several computer security researchers.

The attacks involved thousands of computers around the globe infected with rogue software that told them to repeatedly attempt to access the targeted sites, a tactic aimed at driving up traffic beyond the sites’ normal capacity and denying access to legitimate users, according to the researchers, many of whom spoke on condition of anonymity because they are helping with the investigation.

Department of Homeland Security spokeswoman Amy Kudwa said that the agency was aware of ongoing attacks and that the government’s Computer Emergency Response Team had issued guidance to public and private sector Web sites to stem the attacks.

Read Full Article

Cyber Attack Hits South Korean Web Sites

A number of South Korean government Web sites were inaccessible on Wednesday, apparently taken offline by a large cyber-attack that had earlier hit U.S. government sites.

The Web site for South Korea’s president, the Blue House, and those for the National Assembly and Ministry of National Defense were all offline at Wednesday lunchtime. Also inaccessible was the home page of the Grand National Party and the Chosun Ilbo national newspaper

The Korea Internet Security Center’s security index was set at “substantial,” which is the middle of its five levels and signifies regional Internet security problems and advises all Internet users to take urgent security measures.

Local press reports said around 25 sites had been hit since late Tuesday including those of major banks including Shinhan Bank and Korea Exchange Bank and major portal Naver. All three appeared to be operating normally at Wednesday lunchtime but a prompt on the page of Shinhan Bank referenced a distributed denial of service (DDOS) attack and advised users to download security software.

Read Full Article

Cybercriminals Steal $415,000 From Bullitt County Kentucky

Sophisticated international cybercriminals stole $415,000 from a bank account belonging to Bullitt County, Ky. last month — and got two dozen regular citizens to help them.

[...]

A gang based in the former Soviet Union used viruses to secretly take control of computers used by county officials, including the country treasurer and a local judge, according to the Washington Post.

Then they secretly re-routed e-mails containing one-time passwords that both the treasurer and the judge would have to use to authorize wire transfers from the account, which belonged to Bullitt County Fiscal Court in Shepherdsville and was used to make payroll.

Beginning on June 22, the hackers began sending transfers, each under $10,000 so as not to alert federal watchdogs, to the bank accounts of 25 different Americans who’d been unwittingly recruited as “mules” by the Eastern European criminals.

The mules, who’d responded to ads for temporary at-home editing work on the job-placement Web site CareerBuilder.com, were instructed to keep 5 percent of the transfers as “commissions” and wire the rest of the money to accounts in Ukraine and Russia.

One mule found herself out thousands of dollars once Bullitt County got wise to what was happening and its bank started recalling the transfers.

Read Full Article

Defcon Founder Joins Homeland Security Advisory Council

Forget the new cyber security czar position that President Barack Obama announced last week.

The real sign that the White House might be finally taking cyber security seriously came in an announcement on Friday that Jeff Moss, aka “Dark Tangent” and the former hacker behind the annual DefCon hacker confab in Las Vegas, has been appointed to the Department of Homeland Security’s Advisory Council (HSAC).

He was among 16 people (.pdf) sworn in to the council by Homeland Security Secretary Janet Napolitano. Former CIA Director WIlliam Webster and former FBI Director Louis Freeh are also on the council, which provides advice and recommendations to the secretary. Webster is the council chair.

Moss, who lives in Seattle, says he was really surprised when he got a call about three weeks ago inviting him to join.

“I always figured that because of my associations in the past that I would be kind of out of the running for anything like this,” he told Threat Level. “DefCon started as a hacking conference . . . and I just figured that that past, in a nontraditional beginning, people wouldn’t know how to relate to that. To me it shows that they’re really looking for fresh perspectives.”

Moss, who’s 39, was a phreaker in high school — someone who cracks into phone systems to make calls on the telecom’s dime.

Read Full Article

Pentagon Plans New Cyber-Command Center

The Obama administration is finalizing plans for a new Pentagon command to coordinate the security of military computer networks and to develop new offensive cyber-weapons, sources said last night.

Planning for the reorganization of Defense Department and intelligence agencies is underway, and a decision is imminent, according to a person familiar with the White House plans.

The new command would affect U.S. Strategic Command, whose mission includes ensuring U.S. “freedom of action” in space and cyberspace, and the National Security Agency, which shares Pentagon cybersecurity responsibilities with the Defense Information Systems Agency.

The Pentagon plans do not involve the Department of Homeland Security, which has responsibility for securing the government’s non-military computer domain.

Read Full Article

Cyber Terrorism Threat Increasing – How To Prevent A Digital 9/11

Following a two-day wargame exercise on cyber-security issues, Homeland Security Secretary Michael Chertoff today said that no one person should be in charge of cyber-security, despite the growing and emerging future threats.  Read More

So might such a threat play out? Pajamas Media provides additional details…

It starts on a cold November night. You went to sleep, comfortably warm, after listening to the late news: a nor’easter coming through, the worst storm in several years. You go to bed, quietly excited at the thought of the fairly certain snow day — build a snowman with the kids, maybe work through the email that has piled up, and do a little online shopping; after all Christmas is coming.

That’s not the way it works out, though — about 3 a.m., you awaken, cold. The house is too cold. You get out of bed — the hardwood floor icy against your feet — and when you flip the hall light switch, nothing happens. Odd, the power is out. Automatically, you look out the window and realize the whole neighborhood is dark; in fact, there is no sky glow — usually, you can see the red shimmer of New York City on a cloudy night. It’s darker than you’ve ever seen it.

Sounds like a Tom Clancy novel, doesn’t it? It’s all too realistic, though. This is based on a scenario that was war-gamed by the “U.S. Professionals for Cyber Defense” in the months after 9/11. I talked it over with Dr. John McHugh, Canada Research Chair in Privacy and Security of the faculty of computer science at Dalhousie University in Halifax, Nova Scotia, one of the members of the committee. They investigated whether or not there was a credible threat from a first-strike cyberattack. Their answer was frightening.

Railroads are largely controlled by computers; change a switch while a train is passing over it and you have an instant derail. Gas pipelines are also computer controlled; to my surprise, you can blow them up entirely by computer control — reverse the pumps on the ends, pressure builds up in the middle, and something, somewhere, will eventually give way.

Traffic flow, the electrical system, all much the same. To give the most effect, attack during a major storm — the nor’easter — and apply a few “kinetic” attacks read “bombs” at critical points. Dr. McHugh says they found the most credible attacks combined large-scale cyberattacks with a few small conventional acts of terrorism at vulnerable points, in order to surgically cause the most damage. The attacks were low effort, but high skill, and they could cripple the U.S. economy for years.

You have to fumble in the dark to find the phone; it’s dead. You try your cell phone; no service. And the house is getting colder.

You were better prepared than a lot of people: you have a portable radio and flashlight combination, and it’s even one of the ones that can be hand-cranked. It’s more work than you thought to crank it up, but now you’re getting nervous. You turn it on — and you need to search for a station. You finally find a distant station, CJCL in Toronto. They are reading news, in a hushed and controlled voice. Power out over large parts of the East Coast, in California, and across the Midwest. Explosions reported in Texas and Oklahoma, trains derailed all over the country, the tunnels into Manhattan closed. Telephone systems out over much of the country — and the president will be speaking soon. He’s been moved to a secret, secured location. Once again, like on September 11, 2001, the world wonders: is it war?

via Pajamas Media

World Bank Under Cyber Siege in Unprecedented Attack

It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution’s highly-restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank’s network for nearly a month in June and July.

In total, at least six major intrusions — two of them using the same group of IP addresses originating from China — have been detected at the World Bank since the summer of 2007, with the most recent breach occurring just last month.

In a frantic midnight e-mail to colleagues, the bank’s senior technology manager referred to the situation as an “unprecedented crisis.” In fact, it may be the worst security breach ever at a global financial institution. And it has left bank officials scrambling to try to understand the nature of the year-long cyber-assault, while also trying to keep the news from leaking to the public.

[...]

While it remains unclear how much data has been pilfered from the bank, it’s a lot. According to internal memos, “a minimum of 18 servers have been compromised,” including some of the bank’s most sensitive systems — ranging from the bank’s security and password server to a Human Resources server “that contains scanned images of staff documents.”

http://www.foxnews.com/story/0,2933,435681,00.html