Wireless Cybercriminals Target Clueless Vacationers

The newest trend in Internet fraud is “vacation hacking,” a sinister sort of tourist trap.

Cybercriminals are targeting travelers by creating phony Wi-Fi hot spots in airports, in hotels, and even aboard airliners.

Vacationers on their way to fun in the sun, or already there, think they’re using designated Wi-Fi access points. But instead, they’re signing on to fraudulent networks and hand-delivering everything on their laptops to the crooks.

“More and more people are traveling with Wi-Fi devices like smartphones and laptops,” says Marian Merritt, Internet safety advocate at the computer-security giant Symantec. “Airports and airlines and hotels are responding. They’re setting up free Wi-Fi networks to lure in customers. Now they’re luring in hackers as

via Wireless Cybercriminals Target Clueless Vacationers – Science News | Science & Technology | Technology News – FOXNews.com.

Teen Hackers To Battle al-Qaeda

Security chiefs are hiring teenage computer hackers to spearhead a war on cyber terrorists.

A crack team of web whizz-kids is being set up to foil al-Qaeda internet-based attacks on the UK.

British spymasters fear terror groups, who already use the web to spread hate, aim to take it on as a “new weapon”.

A successful strike at the stroke of a computer key could hit energy supplies and paralyse Government or financial centres.

Security Minister Lord West issued the warning as he launched the Government’s new cyber security strategy.

Britain also faces a growing threat from hostile foreign governments and international crime gangs.

States such as China or Russia could target key businesses, the national power grid, finance markets and Whitehall departments.

In a major move to beef up our defences, a new Office for Cyber Security will be formed.

Source

Alleged Hacking-Terror Effort Thwarted

U.S. and Italian authorities said Friday they arrested a group of hackers and conspirators who allegedly stole from phone companies around the world. The illegal profits funded terrorist activities, Italian officials alleged.

A federal grand jury in New Jersey indicted three people Friday, including one man who has been linked to al Qaeda. The three suspects, who live in the Philippines, are accused of providing Pakistani nationals in Italy with access to stolen phone lines.

The same company that was used to pay the three hackers also financed the communications of terrorists in last year’s Mumbai attacks, in which a small group killed more than 170 people, people familiar with the matter alleged.

Meanwhile, Italian officials arrested five Pakistani nationals Friday in an early-morning raid on 10 call centers suspected of involvement in the alleged scheme. Among those arrested were a husband-and-wife team who managed call centers in Brescia, Italy — Mohammad Zamir, 40 years old, and Shabina Kanwal, 38.

Read Full Article

U.S. Cyberattack Console Aims to Turn Grunts into Hackers

The U.S. military is putting together a suite of hacking tools that could one day make breaking into networks as easy for the average grunt as kicking down a door.

That’s the word from Aviation Week, which snuck an unusual peek inside a “U.S. cyberwarfare attack laboratory.” There, researchers are building a “device” that would “weaponiz[e] cyberattack for the non-cyberspecialist, military user.”

In recent years, Defense Department officials have thumped their chests, hard, about how good the Pentagon is at hacking enemy networks. But discussing specific online attacks — ordinarily, that’s done mostly inside of secure facilities. A 2008 Danger Room post on an unclassified Air Force research project to give cyberwarriors “full control” of “any and all” computers set of a frenzy inside the service. Generals were pelted with questions about how such supposedly-sensitive information was allowed to escape into the public sphere. Since then, there have been increased calls within military circles to show off at least some of what the armed forces’ network attackers can do. It’s an effective way of detering potential foes online, the logic goes.

The device described to Aviation Week is designed “to tap into satellite communications, voice over Internet, proprietary Scada [supervisory control and data acquisition] networks — virtually any wireless network.” And it would be able to do so in a way that makes sense to n00bs.

via U.S. Cyberattack Console Aims to Turn Grunts into Hackers | Danger Room | Wired.com.

Hacked ATMs Steal $500G From Bank Customers

A sophisticated band of thieves managed to steal personal information and more than half a million dollars from hundreds of New York City bank customers by rigging ATMs in what police say is further evidence of the continued assault on personal data by identity thieves.

Police said the identity thieves installed devices on ATM machines at Sovereign Bank branches in Staten Island that enabled them to collect account and PIN numbers, the New York Daily News reported Monday.

First they placed skimmers on the slots where customers inserted their bank card that could read and store the information. Then a tiny camera was hidden in the lighted sign on the ATM that filmed customers typing in PIN codes, the Daily News reported.

“This crew is sophisticated,” Deputy Inspector Gregory Antonsen, head of the NYPD’s special investigations division, told the Daily News. “And they are coming up with new ways to steal your identity every day.”

The ATM-riggers managed to steal more than $500,000 from more than 250 victims.

They also created fake ATM cards with the same magnetic codes as the victims and used the cards at different banks, police said.

via Hacked ATMs Steal $500G From Bank Customers – Science News | Science & Technology | Technology News – FOXNews.com.

Electric Grid Hacked By Chinese and Russian Cyberspies

The intruders, who came from countries including China and Russia, were believed to be attempting to map the US electrical system and work out how it was controlled, according to reports in the Wall Street Journal.

Officials said the cyberspies had not tried to damage the grid, but warned they could during a crisis or war.

“The Chinese have attempted to map our infrastructure, such as the electrical grid,” a senior intelligence official told the paper. “So have the Russians.”

The intrusion spread across the country and didn’t target any specific companies or regions, a former Department of Homeland Security official said. “There are intrusions, and they are growing,” the former official said, referring to electrical systems. “There were a lot last year.”

Source

From The Wall Street Journal

Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.

The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven’t sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.

“The Chinese have attempted to map our infrastructure, such as the electrical grid,” said a senior intelligence official. “So have the Russians.”

The espionage appeared pervasive across the U.S. and doesn’t target a particular company or region, said a former Department of Homeland Security official. “There are intrusions, and they are growing,” the former official said, referring to electrical systems. “There were a lot last year.”

Many of the intrusions were detected not by the companies in charge of the infrastructure but by U.S. intelligence agencies, officials said. Intelligence officials worry about cyber attackers taking control of electrical facilities, a nuclear power plant or financial networks via the Internet.

Authorities investigating the intrusions have found software tools left behind that could be used to destroy infrastructure components, the senior intelligence official said. He added, “If we go to war with them, they will try to turn them on.”

Officials said water, sewage and other infrastructure systems also were at risk.

Source

GhostNet – Canadians Find Vast Computer Spy Network

Canadian researchers have uncovered a vast electronic spying operation that infiltrated computers and stole documents from government and private offices around the world, including those of the Dalai Lama, The New York Times reported on Saturday.

In a report provided to the newspaper, a team from the Munk Center for International Studies in Toronto said at least 1,295 computers in 103 countries had been breached in less than two years by the spy system, which it dubbed GhostNet.

Embassies, foreign ministries, government offices and the Dalai Lama’s Tibetan exile centers in India, Brussels, London and New York were among those infiltrated, said the researchers, who have detected computer espionage in the past.

They found no evidence U.S. government offices were breached.

The researchers concluded that computers based almost exclusively in China were responsible for the intrusions, although they stopped short of saying the Chinese government was involved in the system, which they described as still active.

“We’re a bit more careful about it, knowing the nuance of what happens in the subterranean realms,” said Ronald Deibert, a member of the Munk research group, based at the University of Toronto.

“This could well be the CIA or the Russians. It’s a murky realm that we’re lifting the lid on.”

A spokesman for the Chinese Consulate in New York dismissed the idea China was involved. “These are old stories and they are nonsense,” the spokesman, Wenqi Gao, told the Times. “The Chinese government is opposed to and strictly forbids any cybercrime.”

Source

Report: Smart-grid Hackers Could Cause Blackouts

Deployments of smart grids should be slowed until security vulnerabilities are addressed, according to some cybersecurity experts, citing tests showing that a hacker can cause a major blackout after breaking into a smart-grid system.

The idea behind smart grids, a burgeoning energy sector in which even Google is playing a role, is that automated meters and two-way power consumption data can be used to improve the efficiency and reliability of an electrical system’s power distribution. A washing machine in a household hooked up to a smart meter, for instance, could be set up to run only at lower-cost, off-peak hours, and a home sporting solar panels could give power back to the grid.

Through the U.S. economic-stimulus package, the Department of Energy is set to invest $4.5 billion in smart-grid technology. And while many utilities are embracing the initiative by installing smart meters in millions of homes nationwide, security experts and others caution that the technology may not be ready for prime time. According to a CNN report published Friday evening:

Cybersecurity experts said some types of meters can be hacked, as can other points in the smart grid’s communications systems. IOActive, a professional security services firm, determined that an attacker with $500 of equipment and materials, and a background in electronics and software engineering, could “take command and control of the (advanced meter infrastructure), allowing for the en masse manipulation of service to homes and businesses.”

Experts said that once in the system, a hacker could gain control of thousands, even millions, of meters and shut them off simultaneously. A hacker also might be able to dramatically increase or decrease the demand for power, disrupting the load balance on the local power grid and causing a blackout. These experts said such a localized power outage would cascade to other parts of the grid, expanding the blackout. No one knows how big it could get.

via Read Full Article