CISPA Bill Passed by Representatives Again – Trouble on the Horizon!

The Cyber Information Sharing and Protection Act, AKA CISPA, has once again passed in the US House of Representatives. Reminder that this bill gives government agencies and their other agencies access to personal, private user data to help monitor for the presence of hackers.

Now, when CISPA was first passed, Senate said NO! Also, President Barack Obama has said that he’d veto the bill if it came through his office. Because of the different privacy issues, many advocates against this bill will fight it to the end.

This bill has been backed by bigwig business for a long period of time, almost since the beginning of the talks of this bill. Maybe it could be the big government contract ($$$) for these big businesses that seem attractive or maybe could be the fact that these business truly believe to end hackers’ abilities.

Will it completely stop hacker initiatives? Probably not. However, it would provide the ability to try to limit some of the bigger initiatives.

Government sectors of China, Russia, etc. are a bit of a cyberthreat to the United States, information access is what the US will need if it wants ahead of the game. Do you agree?

Of course the president of the US doesn’t want it passed if it violates the rights of citizens. But, in the end, realize that if money among other things, like personally-identifiable-information were to be stolen every year — and people would realize this, then people should have no problem with their data being accessible to US authorities rather than hackers.

The bright side would be, is if government authorities have access to your private data, it isn’t going to spread around like wildfire, unlike what’d happen if a hacker got a hold of it.

It’s easy to do an Internet search for lists of email addresses, and pull up loads upon loads of private email addresses that hackers posted in public to humiliate those that haven’t been smart enough to keep it secret.

Spammers and phishers, all the time, access your private information on Facebook, if you accidentally click the wrong link or follow a malicious email link – which asks you to ‘enter your Facebook username and password to continue.’

Some people argue that the government doesn’t care for internet users but rather cares for the money they’d get. Well, actually, if you think about it, the government is paying these big businesses to participate in the information sharing process, so the American people’s pocketbooks/wallets can be protected, and their own privacy.

Who else has protested this? Anonymous:

Even the Reddit co-founder is urging the US Government to NOT pass it.

What should be our take? You decide. My vote is neutral. I see this bill as a good thing in spots (because of potentially ending hacker initiatives and malware/virus threats), however, it poses a major privacy threat. For most advocates of privacy, I agree with them.

Your opinion matters too! Contact your local senator and let your voice be heard. It’s usually best to write a letter, which provides good results. Providing written documentation of a fair but firm protest is the best way to go.

Mandiant is investigating hacks in efforts to better their research

Mandiant, the company behind the big research report we talked about on APT1, is now asking for people to talk about their hacking episodes they’ve been affected with. They’re trying to be the go-to investigators, it seems, for the Fortune 1000.

When trying for importance, first of all, let your work speak for yourself instead of trying so hard and stating your intents. Anyway, back on topic…When the New York Times was hacked back in late 2012, phone calls were made to Mandiant. When Mandiant investigated this issue, reports were shown that the hacks were coming from a hidden firm in the Chinese military, called APT1.

Sketch of the 12-Story Shanghai-based defense headquarters of unit 61398.

A 60-page report (PDF), which was created by Mandiant, detailed the issues behind cyber-espionage group APT1.  The New York Times detailed all about APT1 as well (which summarized some info in the 60-pg. report), and by rights done so out of anger/reply against the crime group.

One of the surprising aspects of the report, is that APT1 practiced spearphishing attacks on the NYT, but what were they targeting? A big organization with big media possibilities. That’s the point in spearphishing.

Mandiant’s data forensic capabilities are stepping it up, and now they want to know about your hacks that have been experienced. They’re looking to investigate more of the issues behind some of the hacks. They want to target the organizations, whomever they are, that are behind these small-to-large scale attacks.

Check out this video from Mandiant:

Some of Mandiant’s operations can be read on their annual report.

This proves that the investigations are continuing in trial for the cyberwars that are going on around the world. It’s still continuing, and even stepped up in some means.

Feel free to comment on this story below.

US and South Korea Embrace Partnership before North Korea Prowls

South Korea, unbelievably will be stepping up partnership with the US, as North Korea becomes a more emerging threat (after declaring war late last week). Seems like North Korea, recently, has made its intentions known to attack the United States and South Korea. Although it may not seem like a large attack, we must still keep guard.

A news agency in South Korea identified that its defense ministry is planning to increase their forces and attempt to deter any further attacks. A customized deterrence strategy is in the works between the US and South Korea. Therefore, it plans to begin military drills sometime late this Summer (some are thinking August).

It’s hoped that South Korea could also aid as an ally, especially if it means the US has to battle North Korea in the future. Although this is like a small dog yapper trying to intimidate a big dog, a pre-meditated terror plot, like Al-Qaeda, is nothing to sneeze at.

The cyberwar continues to step it up little-by-little, but it seems like things have slowed a bit. Which is never a good sign, usually, because slowing down activity means that they are just meditating on a much bigger or more planned attack, and to take the US by surprise.

Stuxnet Attack on Iran was Illegal? Read more inside…

The North Atlantic Treaty Organization’s (NATO) researchers have uncovered a serious reality in the Stuxnet case against Iran (brought on by the US and Israel). NATO’s researchers call it an “act of force”, which was apparently an illegal move.

“Acts that kill or injure persons or destroy or damage objects are unambiguously uses of force” and likely violate international law, according to the Tallinn Manual on the International Law Applicable to Cyber Warfare, a study produced by international legal experts at the request of NATO’s Cooperative Cyber Defense Center of Excellence in Estonia.

Apparently, it is prohibited, “according to the U.N. charter, the use of force is prohibited, except in self-defense,” says Michael N. Schmitt, a lead author on The Tallinn Manual on the International Law Applicable to Cyber Warfare.

According to the Washington Times, The international group of researchers who wrote the manual were unanimous that Stuxnet — the self-replicating cyberweapon that destroyed Iranian centrifuges that were enriching uranium — was an act of force, said Mr. Schmitt, professor of international law at the U.S. Naval War College in Newport, R.I.

Also, the article stated that neither Israel nor the United States has publicly acknowledged being behind Stuxnet, but anonymous U.S. national security officials have told news outlets that the two countries worked together to launch the attack, which set the Iranian nuclear program back as much as two years, according to some estimates.

A manual produced by 20 researchers in NATO, as well as some legal scholars and senior military lawyers, details 300 pages worth of important cybersecurity analysis.

“We wrote it as an aid to legal advisers to governments and militaries, almost a textbook,” Schmitt told the paper. “We wanted to create a product that would be useful to states to help them decide what their position is. We were not making recommendations, we did not define best practice, we did not want to get into policy,” he said.

More detailed investigation is probable in this matter.

Another missing link in Stuxnet Reveals Earlier Infection Time

Stuxnet, the government malware believed to have been created by a dual-venture of the US and Israel, and the one used to attack the Iran nuclear enrichment facility, is now believed to have an earlier attack link. It is believed now that sometime in 2008 was when the facility may have been in progress of attacks from Stuxnet.

Iran leaders met in Kazakhstan this week to discuss with members of the UN Security Council the nuclear program. The researchers there announced a new variant of the sophisticated Stuxnet cyberweapon.

Some have noted that the US and Israel may have partnered way before doing similar activities to try to take down the nuclear enrichment program in Iran.

The new variant was designed as a different attack vector against the centrifuges for the uranium enrichment program, versus later versions released. This “new variant” was apparently released in 2007. Here we are six years later, knowing the discovery of such variant. This shows that the current versions of Stuxnet were made in 2009, which means this variant now recognized predated the original code that researchers found. Therefore, its first version may have been in 2007. That tells security experts this: Stuxnet was attacking much earlier than previously thought.

Still to make a rebuttal, Iran is awaiting and planning new cyberwarriors, which can construct cyberattacks and cyberterrorism on the US.

Looking in the code of the 2007 version, it was used for Siemens PLCs, which are used in the Iran nuclear enrichment program in Natanz. It was aimed at sabotaging the valves’ operations, by controlling the flow of uranium.

The list of new information goes on. According to Wired Magazine, the new finding, described in a paper released by Symantec on Tuesday (.pdf), resolves a number of longstanding mysteries around a part of the attack code that appeared in the 2009 and 2010 variants of Stuxnet but was incomplete in those variants and had been disabled by the attackers.

Feds Requiring All Vehicles to have Black Boxes

Federal regulators are proposing that new automobiles sold in the United States after September 2014 come equipped with black boxes, so-called “event data recorders” that chronicle everything from how fast a vehicle was traveling, the number of passengers and even a car’s location.

While many automakers have voluntarily installed the devices already, the National Transportation Safety Agency wants to hear your comments by February 11 on its proposal mandating them in all vehicles. Congress has empowered the agency to set motor-vehicle-safety rules.

Clearly, regulators’ intentions are about safety, as the devices would trigger — for about 30 seconds — during so-called “events” such as during sudden breaking, acceleration, swerving or other types of driving that might lead to an accident. The data, which can either be downloaded remotely or by a physical connection, depending upon a vehicle’s model, is to be used by manufacturers and regulators “primarily for the purpose of post-crash assessment of vehicle safety system performance,” according to an announcement in the Federal Register. (.pdf)

Read more on Wired.com

Obama Urged by US House Republicans to not issue Cybersecurity Order

46 US House of Representatives Republicans joined in a letter (PDF) to urge President Barack Obama not to issue the executive order on cybersecurity. The White House is currently drafting an executive order that encourages operators of critical infrastructures (like banks, power grids, etc.) to meet cybersecurity standards.

“Instead of preempting Congress’ will and pushing a top-down regulatory framework, your administration should engage Congress in an open and constructive manner to help address the serious cybersecurity challenges facing our country,” the lawmakers wrote.

The executive order is expected for release in January, which will help protect these vital systems from hackers. It’s highly important that this gets put into action, or the United States can see some issues happen such as power loss, plane crashes, train derailments, etc.

“This framework will work better than attempts to place the government in charge of overseeing minimum standards for industries seeking to invest in new and innovative security solutions,” the Republicans wrote.

The letter of urgency, led by Representatives Marsha Blackburn (Tennessee) and Steve Scalist (Louisiana) is aimed at helping to reduce the amount of government involvement in cyberwar, in hopes not to stir rages with hackers and other pests. However, if something isn’t done very soon, America as we know it could be in a lot of trouble.

 

 

Drones Becoming Better Used for Surveillance in the US

Drones are being used for extensive surveillance in the United States, and reportedly have been used before in other countries for spying and targeted assassinations. There’ve been numerous reports of Customs and Border Protection that utilized Predator drones.

The Electronic Frontier Foundation (EFF) had provided evidence of its use by federal government and also local law enforcement. There are a lot of license records for drones, and the tracking of them on domestic flights. According to the organization, “EFF filed suit against the U.S. Department of Transportation (DOT), demanding data on certifications and authorizations the agency has issued for the operation of unmanned aircraft, also known as drones.”

These government surveillance issues outline a risky pattern that goes beyond internet monitoring, crazy intersection cameras, etc. These drones have impressive yet disturbing functionality to civil liberties advocates. According to the FOIA complaint, they carry equipment that can, “conduct highly sophisticated and almost constant surveillance. Including video cameras, infrared cameras and heat sensors, and radar.”

According to CSO, “The complaint quoted a description of the U.S. Army’s A160 Hummingbird Drone-Copter that includes, “super-high-resolution ‘gigapixel’ cameras that can track people and vehicles from altitudes above 20,000 feet, … can monitor up to 65 enemies of the State simultaneously, and … see targets from almost 25 miles down range.”

The CSO has a collaborative article about the situation, with more information.

Data Leak about the US/UK reported by Swiss Spy Firm

Secret information on counter-terrorism shared by foreign governments may have been compromised by a massive data theft by a senior IT technician for the NDB, Switzerland’s intelligence service, European national security sources said.

Intelligence agencies in the United States and Britain are among those who were warned by Swiss authorities that their data could have been put in jeopardy, said one of the sources, who asked for anonymity when discussing sensitive information.

Swiss authorities arrested the technician suspected in the data theft last summer amid signs he was acting suspiciously. He later was released from prison while a criminal investigation by the office of Switzerland’s Federal Attorney General continues, according to two sources familiar with the case.

The suspect’s name was not made public. Swiss authorities believe he intended to sell the stolen data to foreign officials or commercial buyers.

A European security source said investigators now believe the suspect became disgruntled because he felt he was being ignored and his advice on operating the data systems was not being taken seriously.

read more in this Reuters’ report

China Largest Cyber Threat Says US Panel

A draft of a recent congressional report highlighted by Bloomberg, says China as the largest cyber threat to the US and the world. Apparently, as the report shows, hackers in China are increasingly targeting the US military and defense contractor computers.

The Bloomberg article highlighted: “China’s persistence, combined with notable advancements in exploitation activities over the past year, poses growing challenges to information systems and their users,” the U.S.- China Economic and Security Review Commission said in the draft obtained by Bloomberg News. “Chinese penetrations of defense systems threaten the U.S. military’s readiness and ability to operate.”

It appears the volume of activity from China, even though their attacks are not of much substance, still makes them quite a threat in the cyberwar landscape. Some of the simple things, including hacking and exploitation, are no surprise to US security experts and military intelligence workers. Most of the time, the report states, intelligence or technology information was collected. An actual attack was not always, necessarily, the aim. With China’s cyberwarfare militia gaining, it’ll become quite an opponent in cyberwar.

The report is scheduled for November 14 of this year, and will provide an establishment for the United States to punish and penalize foreign countries or firms for cyber (industrial) espionage.