Watching Chinese Cyber Attacks against US as they Happen

Cyber Attack 4

I just happened to be up very early this morning and caught some of the chatter on Twitter about massive incoming cyber attacks against the US. So I pulled up the Live Attack map from Norse to check it out and saw the amazing image above.

From what I have seen, usually America and China are fairly even in the attack origins category.  But this morning there just seemed to be a flood of attacks from China being recorded by the Norse honeypot systems in St. Louis.

Stunning that the image just represents a fraction of real world attacks that are happening at any moment.



New NSA Director Rogers Speaks on NSA Spying, Snowden

Last week a host of government and industry security experts met at the Reuters Cybersecurity Summit in Washington. During the summit NSA Director and CyberCommand Commander Admiral Rogers shared his views on NSA privacy issues, Snowden and the threats we face today.

Director Rogers, the new head of the NSA, inherits a mess. American citizen trust in the NSA and other government intelligence organizations hit an all time low after Edward Snowden “blew the whistle” on questionable practices at the agency.

Rogers will not only have to try to restore public faith in the NSA, he will have to deal with the fallout.

“They’re changing the way they communicate,” Admiral Rogers said concerning NSA targets. Foreign nations, terror groups and others targeted by the NSA have taken direct measures to protect themselves from current American collection techniques.

And while many see Snowden as a hero, they neglect to see that his actions go far beyond bringing attention to NSA spying and US citizen privacy.

“Mr. Snowden stole from the United States government and national security a large amount of very classified information, a small portion of which is germane to his apparent central argument regarding NSA and privacy issues. The great majority of which has zero to do with those viewpoints,” Director Rogers said.

“I would characterize it as … a broad range about NSA capabilities against a range of traditional military targets, issues of concern to the nation,” Rogers added. “Nothing to do with privacy rights or actions that NSA does or does not take involving citizens of the United States.”

Snowden then took this classified information and ended up seeking asylum in Russia, of all places…

Director Rogers has a full plate in front of him – leading US CyberCommand, and not only directing but fixing the public image of the NSA. And, honestly I could not think of a better man for the job.

When watching news about government spying in the ’70s with his family, Rogers turned to his father and said, “Dad, what kind of nation would we ever want to be that would allow something like this to happen?

What kind of nation indeed.

Rogers is highly regarded in both the military and the intelligence community. He also seems to be a man of integrity and a great leader. If anyone can right the ship, my money is on him.

Chinese Clothes Irons, Coffee Pots and Online Thermostats… That can Hack You…

The BBC covered some interesting news coming out of Russia this week. Apparently Russian hackers put chips inside Chinese made irons and kettles that would hack local networks. This shouldn’t be too shocking as for years security researchers have been warning of the dangers of embedded devices.

Welcome to the new world of computer security!

When is the last time you updated the system patches on your Coffee Pot? Downloaded the latest Anti-Virus for your Thermostat? These may be questions that become common in the next decade. Especially as the push to put everything online climbs and the “Internet of Things” continues to grow.

According to the BBC report, Russian hackers put chips inside Chinese made clothes Irons and electric kettles that look for local Wi-Fi networks, and then hacks them. The devices then spreads malware to systems it finds:

“Its correspondent said the hidden devices were mostly being used to spread viruses, by connecting to any computer within a 200m (656ft) radius which were using unprotected Wi-Fi networks.”

Security experts have been talking about the subject for years now. And this exact scenario sounds eerily familiar to a couple recent security conference talks by Daniel Buentello about weaponizing innocuous every day items like Coffee Pots and Thermostats:

In the talks, Buentello mentions the possibility of compromising an online thermostat and using it to hack systems on local networks and infect them with malware. He also explained that the device could be programmed to monitor the compromised computers and re-infect a system in the case someone removed the virus.

And of course the compromised thermostat would be programmed to continue to also act like a normal thermostat to belie its true intention.

Attacks like this are made possible by the use of embedded servers that are being used in these online devices. These chips are basically fully functional (mostly) Linux based servers that are vulnerable to attack just like any other server on the web.

Except that companies normally don’t make Anti-Virus for thermostats…

Sadly now we will need to keep an eye out for firmware updates and security issues for any electronic devices in our homes or companies that connect out to the internet.

It was just a matter of time before hackers started taking advantage of these embedded chips and it seems that Russian hackers may be leading the charge.

And as a twist to what one Reddit commenter mentioned, In Soviet Russia you don’t hack the Coffee Pot, The Coffee Pot hacks you!

Bank Cyber Security tested in ‘Quantum Dawn 2’ Drill

July 18 Trustedsec CEO David Kennedy on Bloomberg Television's "Taking Stock."
July 18 Trustedsec CEO David Kennedy on Bloomberg Television’s “Taking Stock.”

Major players in the financial industry are currently under a massive cyber attack. But no worries the attack is simulated and is being used to test bank security planning and response to a large scale attack.

Dubbed ‘Quantum Dawn 2’, the drill sounds like a large multi-player online game. The exercises that started today and will continue into tomorrow, will test how well financial institutions can work together to respond to and mitigate a large simultaneous attack on multiple areas of the financial market.

“Players” will use a software tool called “the Distributed Environment for Critical Infrastructure Decision-making Exercises — Finance Sector (DECIDE-FS).”

Basically the participants will be tasked with keeping the money flowing, as it were, in the face of scripted and timed attacks.

The drills could not be more timely as a recent report showed that nearly half of the worlds financial markets have come under some level of cyber attack in the last year. And many are not satisfied that their defense is up to the task of stopping advanced intruders:

Top bankers are increasingly aware of the possible threat but have little confidence in their ability to thwart attacks, with one quarter of respondents admitting their “current preventative and disaster recovery measures may not be able to stand up against a large-scale and coordinated attack”.

In the video link above, one of our favorite security gurus David Kennedy, CEO of Trustedsec currently gives our country’s financial cyber capabilities an ‘F’:

Bank Cyber Report Card

But his company and others are working hard to ensure that our financial cyber woes are fixed and exercises like “Quantum Dawn 2” will go a long way in preparing financial system for the worst before it happens.

For more information, check out David and Security Compass Managing Director Sahba Kazerooni in the video above discussing the “War Games on Wall Street” on Bloomberg Television’s “Taking Stock“.

Nice job guys!