With their head in the clouds
by David Moss
updated November 2010
updated December 2010
updated January 2011
updated April 2011
updated May 2011
updated June 2011
updated July 2011
updated October 2011
updated November 2011
updated December 2011
updated January 2012
updated February 2012
updated March 2012
updated April 2012
updated May 2012
updated June 2012
updated August 2012
updated September 2012
updated November 2012
updated December 2012
updated January 2013
updated February 2013
|updated March 2013
updated May 2013
updated June 2013
updated September 2013
updated October 2013
updated November 2013
updated December 2013
updated January 2014
updated February 2014
updated March 2014
updated May 2014
Around about the Harvest Festival here in the UK there was a sudden crop
of articles in the media about breaches of website security:
Stuxnet Worm computer virus 'aims to sabotage Iran's nuclear
plant', said the Times:
"A computer virus that has infected more than 60,000 machines in
Iran may be a sophisticated cyber-warfare attack on Iran’s clandestine
nuclear arms programme".
E-crime detectives as vital as bobbies on beat, said the
"Online fraud generated £52 billion worldwide in 2007 – a staggering
sum. We believe there is major under-reporting of all types of cyber crime".
In the light of the ACS:Law leak, how safe is our data?,
asked the Guardian:
Late on 24 September an archive containing thousands
of emails from solicitors ACS:Law appeared on the internet ... This year
the Information Commissioner's Office (ICO) was granted powers to levy
fines of up to £500,000 for serious breaches of data protection 'principles'.
This contrasts with the powers of the Financial Services Authority, who
this summer levied a £2.27m fine on insurance firm Zurich for its failure
to adequately protect customer data.
Nothing new, it's been going on for years.
Back in 2003, the BBC
reported that a "computer hacker has gained access to more than 5
million Visa and Mastercard credit card accounts in the US".
You need a certain amount of expertise to carry out these crimes and
luckily, if that's the word, the inventiveness of the free market being
what it is, training
is available: "the websites shared tips on how to commit fraud
and provided a forum by which people could buy the information and tools
they needed to commit such crime".
Which could account for the increase
in the magnitude of cyber crime that we are seeing now: "Albert
Gonzalez ... is currently awaiting sentencing on charges that he and others
hacked into TJX, Office Max, Heartland Payment Systems and numerous other
companies to steal data on more than 100 million credit and debit card
It's not just banks and insurance companies and retailers and solicitors
and Iranian power plants that are affected. So are UK
government websites. Back in 2006, we read that:
Forty organised tax credit frauds involving the theft
of thousands of identities and worth at least £5 million are being investigated
by Revenue and Customs inspectors, it was disclosed yesterday ... This
is the latest problem to hamper Gordon Brown's beleaguered tax credit
scheme, which was criticised this week by an influential committee of
MPs after it overpaid £4 billion to claimants in two years ... Richard
Bacon, the Tory MP whose inquiries uncovered the illegal activities, said
he understood that manufacturers and large retailers were targeted. People's
identities were being stolen on 'an industrial scale' ...
What with the increase in supply, the
price of stolen identities has collapsed.
In 2005, a chap could get $60 a pop:
Cummings, who worked for Teledata Communications - a
New York-based software company which helps lenders access major credit
databases - had access to clients' codes and passwords. He would steal
people's credit reports and pass them on to an accomplice, who would sell
them on and share the profits with Cummings. The stolen identities, bought
by intermediaries for about $60 per name, were then used to access the
victims' bank accounts and use their credit cards.
A year later, the Sunday
Times told us that "the stolen identities of Britons
including their credit card details, home addresses and security passwords
are being sold on Russian websites for as little as £1 each".
You have to buy in bulk, of course, to get prices that low but, apparently,
you can sometimes get your money back if you're not satisfied this
professional and mature business with standards to maintain, international
brands to build, customer satisfaction to consider, loyalty and amour
The police do have their successes. In 2005, they "smashed"
a £25 million cheque fraud and they "foiled"
a £220 million bank theft. Which is good but it's an uphill struggle
when you consider the
geo-political scale of the threat:
American officials have been holding secret
talks with Russia and the United Nations in an attempt to strengthen internet
security and rein in the growing threat of cyberwarfare ... The potential
for online warfare has become a hot topic in recent years, after a string
of major incidents. Large-scale cyberattacks took place during last year's
conflict between Russia and Georgia
while the Estonian
government came grinding to a halt after an internet assault in 2007.
Wherever you see that a new application has been found for the
web, you need to be sceptical.
One last example. Washington
DC, for the most democratic of reasons, are trying to ensure that
temporarily absent residents do not lose their vote. The proposed web-based
voting system was "hijacked" by well-meaning (white hat) computer
scientists who demonstrated how easily black hat hackers could take over
and ensure the election result of their choice. The system has been scrapped.
As a spokesman for the Washington DC Board of Elections and Ethics says:
"This is an abundance-of-caution sort of thing".
Naturally the more punctilious website operators all proceed with an
abundance of caution. They all conform to an alphabet spaghetti of security
standards. But it doesn't seem to help the general impression remains
that if the hackers want to invade your website, they will, whoever you
Organisations which put their business applications and data on the web
take part in what is known as "cloud computing". It follows
from the evidence adduced above that anyone who can avoid putting their
head in the clouds should avoid it, it is a dangerous thing to do, imprudent
and inadvisable. Contra-indicated. Deprecated ...
Cloud computing sounds modern and exciting and is often promoted as efficient
and green and it sounds Luddite to attack it but just how modern, excited,
efficient and green will you feel when your bank account details are sold
for £1 and all your money disappears?
And with that question, finally, we get to the point, which is that the
UK government is currently considering civil service proposals
Programme to rain down public services on us from a G-Cloud.
There are 10
million people in the UK who, God bless them, have never used the
web. That's 10 million people who would be excluded by the G-Digital Programme.
It is dangerous to put public services on the web. And, arguably, pointless
they won't reach the people who need them most.
It is to be hoped that Rt Hon Francis Maude MP, Cabinet Office Minister,
will keep the G-Cheque book securely locked in his G-Plan desk.
Whatever else you may say about Mr Maude, he is not Tony Blair.
The Cabinet Office promised the credulous Mr Blair four years ago that
they would transform
government if only he gave them all the Christmas presents they asked
for. Which he did and yet there is nothing to show for their promises
today, there is no reason to give them a second chance, we know they can't
deliver, they've proved it.
And that's just as well, as we would all promptly be defrauded if they
ever did deliver, and the country would be brought to a halt by any of
our enemies who could be bothered.
September 2008: Cloud computing is a trap, warns GNU founder Richard Stallman:
"It's stupidity. It's worse than stupidity:
it's a marketing hype campaign" ... The 55-year-old New Yorker said that
computer users should be keen to keep their information in their own hands,
rather than hand it over to a third party.
His comments echo those made last week by Larry Ellison,
the founder of Oracle, who criticised the rash of cloud computing announcements
as "fashion-driven" and "complete gibberish".
"The interesting thing about cloud computing is
that we've redefined cloud computing to include everything that we already
do," he said. "The computer industry is the only industry
that is more fashion-driven than women's fashion. Maybe I'm an idiot,
but I have no idea what anyone is talking about. What is it? It's complete
gibberish. It's insane. When is this idiocy going to stop?"
March 2009: Spy chiefs fear Chinese cyber attack:
INTELLIGENCE chiefs have warned that China may
have gained the capability to shut down Britain by crippling its telecoms
They have told ministers of their fears that equipment
installed by Huawei, the Chinese telecoms giant, in BT’s new communications
network could be used to halt critical services such as power, food
and water supplies.
The warnings coincide with growing cyberwarfare attacks
on Britain by foreign governments, particularly Russia and China ...
Ministers expressed concern that replacing the
Chinese components with British parts would clash with government policy
March 2010: Cyberwar declared as China hunts for the West’s intelligence
Urgent warnings have been circulated throughout
Nato and the European Union for secret intelligence material to be protected
from a recent surge in cyberwar attacks originating in China.
The attacks have also hit government and military institutions
in the United States, where analysts said that the West had no effective
response and that EU systems were especially vulnerable because most
cyber security efforts were left to member states.
Nato diplomatic sources told The Times: "Everyone
has been made aware that the Chinese have become very active with cyber-attacks
and were now getting regular warnings from the office for internal
security." The sources said that the number of attacks had increased
significantly over the past 12 months, with China among the most active
In the US, an official report released on Friday said
the number of attacks on Congress and other government agencies had
risen exponentially in the past year to an estimated 1.6 billion every
October 2010: Worm cripples Iran nuclear plant:
For decades the possibility of a cyberwar has
fascinated experts. After land, sea and air engagements, battles in cyberspace
could require the rewriting of military doctrines for an era in which
a country could be brought to its knees by a few strokes of a laptop.
That moment appears to have arrived.
According to security experts, a computer worm that
has infested Irans Bushehr nuclear plant was launched by another
state. It has disrupted the production of nuclear material, proving
that a cybermissile can have as much impact as an airstrike.
2010: UK infrastructure faces cyber threat, says GCHQ chief:
The UK's critical infrastructure - such as
power grids and emergency services - faces a "real and credible"
threat of cyber attack, the head of GCHQ says.
The intelligence agency's director Iain Lobban said
the country's future economic prosperity rested on ensuring a defence
against such assaults.
November 2010: Europe attacks itself in cyber-warfare test As OECD
admits major security fail:
... it emerged today that the Organisation for
Economic Co-operation and Development (OECD), said it had been under sustained
cyber attack for the last few months and is still battling to get its
computers cleaned up.
OECD spokesman Stephen Di Biasio told EUobserver that
the organisation had a team trying to close entry points, but wasn't able
to definitely say that hackers were not still accessing its systems.
He said: "What we know is it's quite a sophisticated
attack. We've got quite high levels of security protocols at the OECD
and this has been able to bypass those security measures ..."
November 2010: Royal Navy website infiltrated by computer hacker:
The navy's website was shut down this morning
after a self-confessed security enthusiast claimed to have hacked into
the site and its databases.
In a new post on his blog the hacker, a Romanian
national known only as TinKode, claims to have penetrated the security
of the navy's site late on Friday night.
The shocking breach comes just weeks after the
coalition Government announced plans to make countering cyber-terrorism
a major defence priority.
November 2010: China 'hijacks' 15 per cent of world's internet traffic:
China "hijacked" 15 per cent of the world's
internet traffic for 18 minutes earlier this year, including highly sensitive
email exchanges between senior US government and military figures, a report
to the US Congress said.
November 2010: Government services to be online-only:
Britons will be forced to apply
online for government services such as student loans, driving licences,
passports and benefits under cost-cutting plans to be unveiled this week.
Officials say getting rid of all paper applications
could save billions of pounds. They insist that vulnerable groups will
be able to fill in forms digitally at their local post offices.
November 2010: US embassy cables: The background:
The latest batch of documents to be released
by Wikileaks is made up of diplomatic messages sent from US embassies
around the world.
The whistle-blowing website says it has obtained more
than 250,000 cables passed between the US State Department and hundreds
of American diplomatic outposts - but it has so far only published a
small sample of those messages.
December 2010: Hackers hit Mastercard and Visa over Wikileaks row:
Hackers have attacked the websites of credit
card giants Mastercard and Visa.
The attacks came after the Anonymous group of hackers
pledged to pursue firms that have withdrawn services from Wikileaks.
Mastercard payments were disrupted but the firm said
there was "no impact" on people's ability to use their cards.
Visa's website also experienced problems. The attacks
came after both companies stopped processing payments to the whistle-blowing
December 2010: Gawker falls victim to hackers:
Quarter of a million passwords published
and Twitter feed used to taunt 'arrogant' management in audacious security
The 24-hour attack penetrated deep into Gawker's computer
systems, shattering its security shield and catching its executives
December 2010: WikiLeaks: government websites could be hacked in revenge
Websites holding the personal data of British
taxpayers could be targeted by the computer hackers who are attacking
organisations seen as enemies of WikiLeaks, the national security adviser
Sir Peter Ricketts told senior civil servants that
Whitehall should be prepared to come under fire from "hacktivists" angry
at British authorities over the arrest of Julian Assange, the anti-secrecy
site's editor ...
He said there was particular concern about sites belonging
to the Department for Work and Pensions, which holds information on
benefits claimants, and HMRC, which has data on all taxpayers.
December 2010: Hackers leak e-mail account details of government and defence
The e-mail account details of government officials,
civil servants and defence company staff have been leaked online after
computer hackers attacked a prominent group of gossip and news websites,
a Times investigation shows.
The work e-mail addresses and passwords of senior staff
at the Crown Prosecution Service, officials at the Charity Commission
and employees of BAE Systems are among those in a file of more than
one million user names that is circulating online, putting highly sensitive
correspondence at risk.
The leaked details belong to people who used their
work e-mail to access websites run by the Gawker Media group, founded
by Nick Denton.
December 2010: English Defence League donor details 'stolen' after database
Supporters of the English Defence League (EDL)
are facing potential embarrassment after a database containing their personal
details was hacked into.
Police are believed to be investigating the security
breach, which also included the far-Right groupss payment system
being illegally accessed.
Amid fears of violence toward members, the EDL said
it will support vulnerable people. They also urged members to change
their online shopping details after concerns were raised that they would
be published on the internet.
December 2010: Gawker was hacked six months ago, say sources close to
Hackers had access to the gossip site Gawker's
content management system (CMS) and password files for around six months,
rather than the few days suggested by the company, the Guardian has learnt
from sources connected to the break-in ...
The hacking of Gawker and its associated sites led
to the usernames, email addresses and passwords of 1.3 million registered
users of the sites being made available – among them, those for Gawker
staff including its chief Nick Denton ...
The Guardian's sources insist that the Gnosis attack
was not a short-term thing. "They didn't just crack it in a day, they
spent a fair bit of time working on it and they had full access for
at least a month. Mind you, when the database leak rumour was going
around, Gawker publicly announced that they weren't compromised. Either
they were lying to the public and trying to fix the hole, or they didn't
even notice Gnosis in there – given the proper tools it's very easy
to hide yourself on a Linux system."
January 2011: Army adds cyberattack to arsenal:
“In the future I don’t think state-to-state
warfare will start in the way it did even 10 years ago,” he said.
“It will be cyber or banking attacks — that’s how I’d
conduct a war if I was running a belligerent state or a rebel movement.
It’s semi-anonymous, cheap and doesn’t risk people.”
The first known incidence of state-to-state cyberattacks
came in Estonia in 2007 when Russia caused chaos in the tiny Baltic
state by disabling the websites of government ministries, political
parties, newspapers, banks and companies in retaliation for the removal
of a Soviet war memorial in Tallinn, the capital. Estonia has mobilised
a cyberdefence league to protect itself.
Moscow used the same tactic the following year during
the Russian invasion of Georgia. It disabled government and commercial
More damaging still was the Stuxnet computer worm that
was used to attack the Iranian nuclear programme in 2009. It disabled
hundreds of centrifuges used to enrich uranium for possible use in weapons.
January 2011: Reducing Systemic Cybersecurity Risk (pp.8-9):
Three current trends in the delivery of ICT
services give particular concern: World Wide Web portals are being increasingly
used to provide critical Government-to-citizen and Government-to-business
facilities. Although these potentially offer cost savings and increased
efficiency, over-dependence can result in repetition of the problems faced
by Estonia in 2007. A number of OECD governments have outsourced critical
computing services to the private sector; this route offers economies
and efficiencies but the contractual service level agreements may not
be able to cope with the unusual quantities of traffic that occur in an
emergency. Cloud computing also potentially offers savings and resilience;
but it also creates security problems in the form of loss of confidentiality
if authentication is not robust and loss of service if internet connectivity
is unavailable or the supplier is in financial difficulties
January 2011: Security & Resilience in Governmental Clouds:
7. ... The cloud computing business model, on the one
hand, has the potential to offer public administrations substantial
benefits and improvements over current IT provisioning ...
On the other hand, it still shows weaknesses and exposures
to significant threats that could undermine the full exploitation of
all the benefits that such a model could offer. Weaknesses and threats
are mainly linked to the lack of governance and control over IT operations
and the potential lack of compliance with laws and regulations ...
The public cloud option is already able to provide
a very resilient service with an associated satisfactory level of data
assurance and is the most cost effective. Moreover public cloud offers
potentially the highest level of service availability, but due to the
current regulatory complexity of intra-EU and extra-EU trans-border
data transfer, its adoption should be limited to non-sensitive or non
critical applications and in the context of a defined strategy for cloud
adoption which should include a clear exit strategy.
January 2011: Carbon trade cyber-theft hits €30m:
Cyber-thieves have stolen as much as €30m in carbon
allowances from the European Unions emissions trading system,
authorities said, as exchanges across Europe halted trading on Thursday.
Exchanges including ICE Futures Europe, Nasdaq OMX
Commodities Europe and London-based LCH.Clearnet stopped trading of
emissions contracts, which are central to the blocs fight against
January 2011: Lush hackers cash in on stolen cards:
Cyber thieves are cashing in after stealing credit
cards in a hack attack on the website of cosmetics firm Lush.
The online shop was shut down on 21 January and its
home page replaced with a message revealing the attack.
Lush said anyone who placed an online order between
4 October and 20 January should contact their bank in case their card
details had been compromised.
January 2011: Facebook's Mark Zuckerberg 'attacked by hackers':
Last night Zuckerberg’s fan page on the website was
attacked by hackers, who took over his page and posted the following
message, pretending to be him...
The hacker attack comes just days after French President
Nicolas Sarkozy’s Facebook account was also breached.
January 2011: British and US stock exchanges fend off cyber raids:
Stock exchanges in Britain and the US have turned to
the security services for help after discovering they were the victims
of terrorist plots and attempted cyber attacks that aimed to spread
panic in leading global financial markets.
April 2011: Epsilon email hack: millions of customers' details stolen:
Computer hackers have stolen the names and email addresses
of millions of people in one of the largest internet security breaches
in US history.
April 2011: PlayStation Network hackers access data of 77 million users:
Sony has warned that the names, addresses and other
personal data of about 77 million people with accounts on its PlayStation
Network (PSN) have been stolen.
May 2011: Sony says 25m more users hit in second cyber attack:
Sony said hackers have stolen the personal information
from a further 25m users in a second massive breach of its online games
system ... The theft comes on top of the 77 million PlayStation accounts
taken in a cyberattack revealed last week.
May 2011: China admits training cyberwarfare elite unit:
China today admitted for the first time the existence
of a super-elite unit of cyberwarriors – a team supposedly trained to
protect the People’s Liberation Army from outside assault on its networks.
The revelation of the 30-strong crack unit, known as
the “Blue Army" ...
May 2011: Lockheed Martin computers under 'significant attack':
In what appeared to be one of the most audacious acts
of cyber-warfare conducted so far, the breach came against a backdrop
of repeated attempts by rivals of the US, chiefly China and Russia,
to infiltrate information networks and glean details of major weapons
May 2011: Cyber weapons 'now integral part of Britain's armoury':
A "toolbox" of offensive cyber weapons is being assembled
to fight hackers targeting military facilities, secret databases, critical
emergency services and Whitehall departments.
June 2011: Google phishing: Chinese Gmail attack raises cyberwar tensions:
Tensions between the US, UK and China over the issue
of cyber-attacks were set to escalate after it emerged that Chinese
hackers have stolen the login details of hundreds of senior US and South
Korean government officials as well as Chinese political activists.
June 2011: US could respond to cyber-attack with conventional weapons:
In an effort to lay down military guidelines for the
age of internet warfare, President Barack Obama's administration has
been formalising rules on cyberspace amid growing concern about the
reach of hackers.
Defence company Lockheed Martin, the biggest supplier
to the Pentagon, admitted over the weekend that its computer networks
had been subjected to a sustained attack, though it said security had
not been seriously compromised.
The White House's strategy statement on cybersecurity
said the United States "will respond to hostile acts in cyberspace
as we would to any other threat to our country".
June 2011: IMF hit by cyber attack from unknown nation state:
The International Monetary Fund has been the target
of a significant and sustained cyber attack by hackers working on behalf
of a nation state aiming to establish a “digital insider presence” on
June 2011: LulzSec hackers claim breach of CIA website:
The CIA has become the latest target of self-styled
"pirate ninja" hackers LulzSec.
The Central Intelligence Agency website was unavailable
for a few minutes on Wednesday evening as the group announced the attack
via Twitter: "Tango down cia.gov for the lulz".
"We are looking into these reports," a CIA
The hackers, who describe themselves as "the world's
leaders in high-quality entertainment at your expense", have gained
international notoriety this month with a series of security breaches.
Over the weekend LulzSec broke into a public website
of the US Senate and released data stolen from the legislative body's
Last week they hacked the website of an unnamed NHS
organisation one of England's primary care trusts. The Department
of Health said no patient's medical records were accessed during the
incident, which it described it as "a local issue" and "quite
a low-level" lapse in IT security.
Earlier this month LulzSec broke into the website of
Sony Pictures Entertainment and exposed information from 37,000 users,
including names, passwords, birthdates and email addresses. It also
hacked into a webserver belonging to Nintendo in the US.
The name of the group is derived from "LOL"
(laugh out loud) and "security".
In Malaysia, at least 51 state-linked websites have
been hit by cyber-attacks in recent days, the country's telecommunications
regulator has confirmed.
The sites are believed to have been targeted by the
Anonymous group of hackers, who had threatened to disrupt Malaysian
sites in protest at a crackdown on entertainment piracy.
July 2011: Government backs international cybercrime agency:
The International Cybercrime Security Protection Alliance
(ICSPA) will be a coalition of businesses, the Government and international
police forces such as Europol. Chaired by David Blunkett, the former
Home Secretary, the new body aims to stem the exponential growth of
cybercrime, which it is estimated will cost the UK £27 billion this
July 2011: Hackers steal 90,000 email addresses in cyber attack on US
military contractor Booz Allen Hamilton:
An arm of the online collective Anonymous said it had
broken into the computer systems of Booz Allen Hamilton and then posted
the details on the internet ...
The hackers also wiped out four gigabytes of Booz
Allen source code in an attack they called Military Meltdown Monday.
The group said: We infiltrated a server on their
network that basically had no security measures in place.
Booz Allen provides technological services including
cyber-security consulting to the military and other US government agencies
July 2011: Pentagon Tries to Lean Forward in Cyberdefense:
Aviation Week also reported that [Deputy Defense Secretary
William Lynn] said one U.S. weapon system under development may have
to undergo redesign following a cyber breach in March. He did not identify
the system. More than 24,000 files containing an unspecified but large
amount of data were copied from a defense contractor’s internal databases,
according to Lynn. Whether and how much redesign will be necessary is
still being studied.
July 2011: US forced to redesign secret weapon after cyber breach:
The United States may be forced to redesign an unnamed
new weapon system now under development – because tech specs and plans
were stolen from a defence contractor's databases.
July 2011: Pentagon reveals 24,000 files stolen in cyber-attack:
The Pentagon has disclosed that it suffered one of
its largest ever losses of sensitive data in March when 24,000 files
were stolen in a cyber-attack by a foreign government.
July 2011: Anonymous hacks Italy's critical-national-IT protection:
Hacktivists have posted "secret documents"
stolen from an Italian cybercrime unit.
The documents 8GB of files were extracted
from a system maintained by the Centro Nazionale Anticrimine Informatico
per la Protezione delle Infrastrutture Critiche (CNAIPIC), the organisation
charged with guarding the country's critical IT infrastructure.
July 2011: Head fed cyberspook resigns abruptly:
The head of a group that helps the federal government
ward off computer attacks abruptly resigned Friday, amid a spate of
high-profile assaults hitting government agencies and contractors.
The departure of US Computer Emergency Readiness Team
director Randy Vickers was first reported Monday by InformationWeek,
which cited an internal email sent to US-CERT staff. The email gave
no reason for the resignation, which is effective immediately.
Over the past six months, security breaches have hit a variety of government
contractors and partners, including Lockheed Martin, L3 Communications,
and affiliates of the FBI. Attacks have also successfully targeted the
CIA, the US Senate, and the Oak Ridge National Laboratory.
August 2011: LulzSec hacking: teenager ‘had cache of 750,000 passwords’:
Jake Davis, 18, used a network of 16 machines at his
home in the Shetland Islands, prosecutors said this morning. The information
held on the network included web log-in details of hundreds of thousands
of people, it is alleged ...
In June, Ryan Cleary, a 19-year-old from Wickford in
Essex, was also charged in relation to the attack on Soca's website.
A further arrest, of a 16-year-old boy from south London, followed in
July. He was released on police bail pending further inquiries.
October 2011: Flaw in software puts online savers at risk:
Millions of online banking customers are at risk of
fraud because of a "fundamental" flaw in key security software,
The Times has learnt.
Major British banks, including HSBC and Santander,
strongly advise customers to install specialist software called Trusteer
Rapport in order to protect themselves from fraudsters when logging
into banking websites ...
Times Money has seen evidence that the software's
keylogger protections — designed to prevent fraudsters recording users'
login and credit card details — can be hacked by computer security specialists
with "minimal effort" in less than a minute ...
Neil Kettle, a computer security researcher who discovered
the problem, says that it was "almost inevitable" that criminals
would start exploiting the weakness, particularly because the software
allows them to identify online banking customers.
October 2011: Stuxnet-based cyber espionage virus targets European firms:
... while Stuxnet was created to cause physical damage
to Irans uranium enrichment facilities by surreptitiously adjusting
machinery, Duqu is an intelligence-gathering tool.
The new virus precise targets have not been
disclosed, but they include European firms that make the software that
controls power stations and other industrial facilities. By infiltrating
their computer networks, it aims to steal confidential information and
potentially reveal vulnerabilities that could be exploited in later
October 2011: Chinese hackers suspected of interfering with US satellites:
Chinese hackers are suspected of having interfered
with the operation of two US government satellites on four occasions
via a ground station, according to a report being prepared for the US
October 2011: Strong protection is vital to keep a force for good:
The volume of e-crime and attacks on government and
industry systems continue to be disturbing. I can attest to attempts
to steal British ideas and designs in the IT, technology, defence,
engineering and energy sectors, as well as other industries to
gain commercial advantage or to profit from secret knowledge of contractual
arrangements. Such intellectual property theft doesnt just cost
the companies concerned: it represents an attack on the UKs continued
We are also aware of similar techniques being employed
to try to acquire sensitive information from British government computer
systems, including one significant (but unsuccessful) attempt on the
Foreign Office and other government departments this summer.
Criminals are using cyberspace to extort money and
steal identities, as well as exploit the vulnerable. Increasingly sophisticated
techniques target individuals. We are witnessing the development of
a global criminal market place a parallel black economy where
cyber dollars are traded in exchange for UK citizens credit card
Iain Lobban is the Director of GCHQ
November 2011: Cyber-attack claims at US water facility:
US homeland security and FBI officials are investigating
an apparent cyber-attack on a water utility near Springfield, Illinois.
The attack may have been the cause of a water pump
shutdown, and could be the first case of foreign hackers successfully
targeting a US industrial facility.
US press reported that the company's database was compromised
with hackers retrieving the supervisory control and data acquisition
(Scada) software. During the attack the Scada system was turned on and
off, burning out the water pump.
November 2011: Lockheed Martin set to open British cyber security division:
The worlds largest defence company is to establish
a cyber security division in Britain to counter the growing threat from
Lockheed Martin will open its Security Intelligence
Centre at Farnborough in Hampshire next week and expects to employ up
to 300 people there by 2015.
The American company is hoping to challenge rivals
such as BAE Systems, EADS and Thales, which already provide cyber protection
in the UK.
Cyber attack has been identified as one of the four most serious threats
to national security as amateur hackers and criminal gangs, as well
as nations, look to exploit system weaknesses.
According to a recent report from the Cabinet Office,
cyber crime costs British business about £21 billion a year.
25 November 2011:
cyber security strategy due to be unveiled
cyber crime unit to launch attacks on ‘enemies’
to sell off spy expertise
to offer British firms expertise in cybercrime
December 2011: Hidden Dragon: The Chinese cyber menace:
Cybercrooks and patriotic state-backed hackers in China
are collaborating to create an even more potent security threat, according
to researchers ...
The Wall Street Journal reported
last Tuesday that US authorities have managed to trace several high-profile
hacking attacks, including assaults against RSA Security and defence
contractor Lockheed Martin, back to China. Information obtained during
an attack on systems behind RSA's SecurID tokens was later used in a
failed attack against Lockheed Martin.
December 2011: Hackers 'steal US data in Christmas-inspired assault':
Hackers with the loose-knit movement "Anonymous" have
claimed to have stolen a raft of emails and credit card data from US-based
security think tank Stratfor, promising it was just the start of a weeklong,
Christmas-inspired assault on a long list of targets ...
Hours after publishing what it claimed was Stratfor's
client list, Anonymous tweeted a link to encrypted files online. It
said the files contained 4,000 credit cards, passwords and home addresses
belonging to individuals on the think tank's private client list.
January 2012: Hackers expose defence and intelligence officials in US
Thousands of British email addresses and encrypted
passwords, including those of defence, intelligence and police officials
as well as politicians and Nato advisers, have been revealed on the
internet following a security breach by hackers.
Among the huge database of private information exposed
by self-styled "hacktivists" are the details of 221 British
military officials and 242 Nato staff. Civil servants working at the
heart of the UK government including several in the Cabinet Office
as well as advisers to the Joint Intelligence Organisation that acts
as the prime minister's eyes and ears on sensitive information
have also been exposed.
The exposure of the database came after hackers
who are believed to be part of the Anonymous group gained unauthorised
access over Christmas to the account information of Stratfor ...
January 2012: Israel hit by cyber-attacks on stock exchange, airline and
Hackers disrupted online access to the Tel Aviv stock
exchange, El Al airlines and three banks on Monday, in what the government
described as a cyber-offensive against Israel.
The attacks came just days after an unidentified hacker,
proclaiming Palestinian sympathies, posted the details of thousands
of Israeli credit card holders and other personal information on the
internet in a mass theft.
Stock trading and El Al flights operated normally despite
the disruption, which occurred as Israeli media reported that pro-Palestinian
hackers had threatened at the weekend to shut down the Tase stock exchange
and airline websites.
While apparently confined to areas causing only limited
inconvenience, the attacks have caused particular alarm in a country
that depends on high-tech systems for much of its defence against hostile
neighbours. Officials insist, however, that they pose no immediate security
February 2012: Anonymous spies on FBI / UK Police hacking investigation
A recording of a confidential conference call between
the FBI and UK law enforcement officers at the Metropolitan Police has
been released by Anonymous on the internet.
The inference has to be that hackers were able to secretly
access the call because they have compromised a police investigator's
March 2012: LulzSec leader Sabu was working for us, says FBI:
The world's most notorious computer hacker has been
working as an informer for the FBI for at least the last six months,
it emerged on Tuesday, providing information that has helped contribute
to the charging of five others, including two Britons, for computer
March 2012: Chinese steal jet secrets from BAE:
CHINESE spies hacked into computers belonging to BAE
Systems, Britain’s biggest defence company, to steal details about the
design, performance and electronic systems of the West’s latest fighter
jet, senior security figures have disclosed. The Chinese have exploited
vulnerabilities in BAE’s computer defences to steal vast amounts of
data on the £200 billion F-35 Joint Strike Fighter (JSF), a multinational
project to create a plane that will give the West air supremacy for
years to come, according to the sources. The attack has prompted fears
that the jet’s radar capabilities could have been compromised.
March 2012: NSA Chief: China Behind RSA Attacks:
China is stealing a "great deal" of military-related
intellectual property from the United States and was responsible for
last year's attacks against cybersecurity company RSA, U.S. Cyber Command
commander and National Security Agency director Gen. Keith Alexander
told the Senate Armed Services Committee on Tuesday ...
"The ability to do it against a company like RSA is
such a high-order capability that, if they can do it against RSA, that
makes other companies vulnerable ..."
March 2012: Hackers steal details of millions of credit cards:
Hackers have stolen the details of millions of credit
cards in the US, exposing customers of Visa, Mastercard and American
Express to fraud.
The US Secret service confirmed it was investigating
a major cyber intrusion at Processor Global Payments, an Atlanta-based
payment processor which said it had discovered unauthorised access
on its system early this month ...
Individual banks and processors said they had not yet
determined the full extent of the breach, but the blog Krebs on Security,
which first reported the breach, said it was “massive” and could affect
more than 10 million cardholders.
April 2012: comment on DMossEsq blog
A comment kindly posted on the DMossEsq blog brings attention to a
paper on cyberwarfare written by Dr Thomas Rid, Reader in the Department
of War Studies at King's College London. According to Dr Rid in his February
Cyber War Will Not Take Place, cyber attacks do not amount to acts
of war. Sabotage, espionage and subversion yes. But not war. Dr
Rid also downplays the impact of distributed denial of service attacks
(DDoS) such as those carried out by Anonymous. Are we all talking nonsense
when we talk about the dangers of cyberwar/sabotage/espionage/subversion?
No. Dr Rid gives the following example of the consequences of defective
... A second example is Anonymous’ perhaps most
striking operation, a devastating assault on HBGary Federal, a technology
security company. HBGary’s clients included the US government and companies
like McAfee. The firm with the tag-line detecting tomorrow’s malware
today had analyzed GhostNet and Aurora, two of the most sophisticated
known threats. In early February 2011, Aaron Barr, then its chief executive
officer (CEO), wanted more public visibility and announced that his company
had infiltrated Anonymous and planned to disclose details soon. In reaction,
Anonymous hackers infiltrated HBGary’s servers, erased data, defaced its
website with a letter ridiculing the firm with a download link to a leak
of more than 40,000 of its emails to The Pirate Bay, took down the company’s
phone system, usurped the CEO’s twitter stream, posted his social security
number, and clogged up fax machines. Anonymous activists had used a number
of methods, including SQL injection, a code injection technique that exploits
faulty database requests. ‘You brought this upon yourself. You’ve tried
to bite the Anonymous hand, and now the Anonymous hand is bitch-slapping
you in the face’, said the letter posted on the firm’s website. The attack
badly pummeled the security company’s reputation.
April 2012: How tiny Estonia stepped out of USSR's shadow to become an
Some revisionism going on here?
In 2007, the government infuriated its Russian-speaking
minority by moving a Soviet war memorial from central Tallinn to a cemetery
on the city's outskirts. Violence flared on the streets, and later reached
the internet. The first cyberattack was simplistic, and easily dealt
with: thousands of unknown individuals bombarding government, media
and banking websites with "denial of service" (DoS) attacks.
"It was like an internet riot," said Hillar
Aarelaid, who led Estonia's response, at the time.
But what started as an emotional backlash soon became
a far larger, longer and better co-ordinated assault on Estonia's very
It lasted three weeks and could only be contained by
restricting internet traffic in and out of the country. It was, in effect,
"This is how a lot of myths were created,"
remembered Pärgmäe. "Those outside the country couldn't
access Estonian websites, but they didn't realise that people inside
Rumours circulated about the collapse of the Estonian
online banking system, and how people were struggling to buy groceries.
"But actually the longest downtime for a bank's website was just
one and a half hours."
April 2012: Iranian oil ministry hit by cyber-attack:
Iran's oil ministry has called a crisis meeting after
its main website and internal communications system were hit by an apparent
cyber-attack that forced authorities to cut off the country's oil export
terminal from the internet.
Local news agencies reported on Monday that a virus
had struck the computer and communication systems of Iran's main oil
export facilities on Kharg Island as well as the internal network and
the websites of its oil ministry and subsidiary organisations.
May 2012: Attack takes Soca crime agency website down:
The website of the UK's Serious Organised Crime Agency
(Soca) has been taken offline following a cyber-attack.
Soca confirmed to the BBC that soca.gov.uk had suffered
a Distributed Denial of Service (DDoS) attack.
A spokesman said the site was taken offline at 22:30
on Wednesday, but that the attack did not "pose a security risk
to the organisation".
Soca has recently shut down 36 websites believed to
be selling stolen credit card information.
May 2012: Hackers have breached top secret MoD systems, cyber-security
Computer hackers have managed to breach some of the
top secret systems within the Ministry of Defence, the military's head
of cyber-security has revealed.
Major General Jonathan Shaw told the Guardian the number
of successful attacks was hard to quantify but they had added urgency
to efforts to beef up protection around the MoD's networks.
"The number of serious incidents is quite small,
but it is there," he said. "And those are the ones we know
about. The likelihood is there are problems in there we don't know about."
Government computer systems come under daily attack,
but though Shaw would not say how or by whom, this is the first admission
that the MoD's own systems have been breached.
May 2012: Computer worm that hit Iran oil terminals 'is most complex yet':
A cyber-attack that targeted Iran's oil ministry and
main export terminal was caused by the most sophisticated computer worm
yet developed, experts have warned ...
Orla Cox, a senior analyst at Symantec, the international
computer security firm, said: "I would say that this is the most sophisticated
threat we have ever seen" ...
Analysis now shows that the worm has been around, undetected,
for at least two years, and experts are confident it was responsible
for the disruption to Iran's oil industry last month.
According to reports, the cyber-attack forced Iran
to convene a "crisis committee" that ordered the disconnection
of six of its main oil terminals from the internet, to stop the worm
The Iranian Students' News Agency said that the virus
had successfully erased information on hard disks at the oil ministry's
Though the oil ministry insisted that the worm had
been contained and that no significant data had been erased, the likelihood
is that W32.Flamer had been inside the network for many months and may
already have completed its primary mission. Cox said the worm was designed
to gather and send information covertly unlike Stuxnet, which
was built to identify and destroy equipment.
"Once the attacker has that level of access, then
all bets are off," she said. "Once the worm has infected a
system, it would be possible to add new commands over time, to add an
element of disruption" ...
June 2012: US role in cyber attack on Iran nuclear plant revealed:
A computer worm designed to cripple Irans uranium
enrichment programme was the result of a joint operation between the
US National Security Agency and a secret Israeli cyberwarfare unit,
American officials have confirmed for the first time.
The officials, interviewed by a reporter from the New York Times, say
that the Stuxnet worm was originally commissioned by President Bush
but has been enthusiastically embraced by his successor, Barack Obama.
June 2012: LinkedIn passwords leaked by hackers:
Social networking website LinkedIn has said some of
its members' passwords have been "compromised" after reports
that more than six million passwords had been leaked onto the internet.
Hackers posted a file containing encrypted passwords
onto a Russian web forum.
They have invited the hacking community to help with
June 2012: eHarmony, Last.fm hit by same hackers that leaked LinkedIn
Internet dating mainstay eHarmony bills itself the
"No 1 Most Trusted Dating Site," but the company confirmed
Thursday that an unspecified number of its users' passwords were compromised
and allegedly posted to a hacker network this week.
Hours later the music website Last.fm announced that
it, too, is investigating the leak of "some" of its members'
June 2012: Flame and Stuxnet virus makers 'co-operated at least once':
The new findings reveal that the teams shared source
code of at least one module prior to 2010. What we have found
is very strong evidence that Stuxnet/Duqu and Flame cyber-weapons are
connected, said Alexander Gostev, Chief Security Expert at Kaspersky
June 2012: Frustrated firms go on the offensive against hackers:
AMERICAN companies under siege from hackers increasingly
taking retaliatory action against their assailants, cyber
Frustrated by their inability to stop breaches or use
the law to punish attackers, a number are using active defence
or strike back reprisals, which range from steps to distract
and delay a hacker to more radical measures.
August 2012: Iranian state goes offline to dodge cyber-attacks:
Iran is to move key ministries and state bodies off
the worldwide internet next month in an effort to shield them behind
a secure computer wall from disruptive cyber attacks like the Stuxnet
and Flame viruses.
September 2012: UK boffins get £3.8m pot to probe 'science of cyber-security':
GCHQ, the UK's nerve-centre for eavesdropping spooks,
has established what's billed as Blighty's first academic research institute
to investigate the "science of cyber security".
The lab - which was set up with the Research Councils'
Global Uncertainties Programme and the government's Department for Business,
Innovation and Skills - is a virtual organisation involving several
September 2012: Chinese hacktivists launch cyber attack on Japan:
Chinese hackers have taken up cyber arms and followed
up widespread anti-Japan protests in the People’s Republic over a set
of disputed islands by attacking at least 19 Japanese government and
other web sites ...
Things got even worse for the the Tokyo Institute of
Technology, whose site was defaced endured an attack that saw names
and telephone numbers of over 1,000 members of staff leaked.
September 2012: The internet in pieces:
New evidence that Iran is following through on its
dramatic plan to
move large parts of its networked computer systems off the web reflects
how the global struggle for the internet has reached a new intensity
over the last 12 months ...
Two months ago the situation had become sufficiently
grave to lure Jonathan
Evans, the head of MI5, out of his traditional obscurity. "The extent
of what's going on is astonishing with industrial scale processes involving
many thousands of people" he said, pointing out that one British company
had lost a staggering £800m as a consequence of a recent hack.
October 2012: One million Facebook users' names and email addresses: $5:
Name and email addresses of Facebook users are available
online at prices as low as $5 per million.
trade was uncovered by Bogomil Shopov, an internet marketeer and
blogger in the Czech Republic. Shopov said he approached the social
network about the problem. He said Facebook asked him to forward and
then delete the data, which came in the form on a compressed spreadsheet.
Facebook representatives also wanted to know where he'd bought the data
and what payment systems were used, he said, adding that he had been
happy to answer.
However, the Czech blogger said he objected to requests
he says were made by the Facebook representatives to keep his conversations
with with them about the matter a secret ...
November 2012: Conmen swipe 100,000 Brits' sensitive info in UK.gov fraud
Crooks attempted to defraud the UK government after
swiping sensitive details on tens of thousands of civil servants, postmen,
BT staff and public-sector workers, The Register has learnt ...
The non-profit sports body, which organises activities
and leisure facilities, was alerted to the breach when a criminal investigation
into fraud attempts on central government traced the data used in the
scams to CSSC's [Civil Service Sports Council] database.
November 2012: Hackers hit International Atomic Energy Agency server:
A group of hackers leaked email contact information
of experts working with the International Atomic Energy Agency (IAEA)
after breaking into one of the agency's servers ...
The hacker group calls itself Parastoo and wants the
IAEA to investigate Israel's nuclear activities at the Negev Nuclear
Research Center near Dimona, an Israeli city located in the Negev desert.
"Israel owns a practical nuclear arsenal tied to a growing military
body and it is not a member of internationally respected nuclear, biochemical
and chemical agreements," the group said ...
December 2012: 10,000 Indian government and military emails hacked:
India’s government and military have suffered one of
the worst cyber attacks in the nation’s history, after over 10,000 email
accounts belonging to top officials were compromised, despite a warning
from the country’s cyber security agency ...
December 2012: La SNCB Europe divulgue les données personnelles de plus
d'un million d'usagers:
Pendant plusieurs semaines, les données personnelles
de millions de clients de la SNCB Europe étaient librement accessibles
sur Internet. Si l'on ignore les termes exacts de la requête effectuée
par l'internaute à l'origine de la divulgation, les données étaient
bel et bien accessibles via une simple requête dans un moteur de recherche
CUST_ID, CONTACT_STATE, ACTIVE, DISTRIBUTOR, CUST_TYPE,
GENDER, FIRSTNAME, LASTNAME, BIRTHDATE, LOGON_ID, REGISTERED, CONTACT_LANGUAGE,
CONTACT_LANGUAGE_XX, STREET, HOUSE_NR, ADDITIONAL_NR, POSTAL_CODE, CITY,
COUNTRY, PRIVATE_FIXED_TELEPHONE, PRIVATE_MOBILE_TELEPHONE, BUSINESS_TELEPHONE,
... le fichier comporte 1 460 734 entrées. Chaque
ligne concerne un client de la SNCB Europe ...
January 2013: ENISA Threat Landscape:
6 Threat Trends: The Emerging Threat Landscape
6.1 Threat Trends in Mobile Computing
6.2 Threat Trends in Social Technology
6.3 Threat Trends in Critical Infrastructures
6.4 Threat Trends in Trust Infrastructure
6.5 Threat Trends in Cloud Computing
6.6 Threat Trends in Big Data
January 2013: Exclusive: hackers posing as Wikipedia researchers hit mining
The chairman of one of the world’s biggest mining companies
was targeted by hackers who disguised themselves as Wikipedia researchers
in order to retrieve explosive confidential documents from his computer,
according to documents
seen by The Times.
The report added: “Sensitive documents and communications,
which have only resided on the chairman’s laptop, have since been published
in the public domain.” Investigators believe that the computer was hacked
using “suspicious” e-mails sent to Mr Tan during July and August last
year. The e-mails purported to have been sent by “Steve”, who falsely
claimed to be associated with Wikipedia, with a falsified account email@example.com.
January 2013: Anonymous takes down US Sentencing Commission website:
Hacktivist group Anonymous
said Saturday it had hijacked the website of the US Sentencing Commission
in a brazen act of cyber-revenge for the death of internet freedom advocate
Aaron Swartz ...
The website of the commission, an independent agency
of the judicial branch involved in sentencing, was replaced with a message
warning that when Swartz killed himself two weeks ago "a line was
crossed." In a message posted on the website and in an accompanying
YouTube video, the hackers said they had infiltrated several government
computer systems and copied secret information they threatened to make
January 2013: Hackers in China Attacked The Times for Last 4 Months:
The timing of the attacks coincided with the reporting
Times investigation ... that found that the relatives of Wen Jiabao,
China’s prime minister, had accumulated a fortune worth several billion
dollars through business dealings ...
The hackers tried to cloak the source of the attacks
on The Times by first penetrating computers at United States universities
and routing the attacks through them ... the hackers stole the corporate
passwords for every Times employee ...
Last year, Bloomberg News was targeted by Chinese hackers
... after Bloomberg published an article on June 29 about the wealth
accumulated by relatives of Xi Jinping, China’s vice president at the
time ... The intelligence-gathering campaign ...is as much about trying
to control China’s public image, domestically and abroad, as it is about
stealing trade secrets ...
AT&T informed The Times that it had noticed behavior
that was consistent with other attacks believed to have been perpetrated
by the Chinese military ... The Times notified and voluntarily briefed
the Federal Bureau of Investigation on the attacks ... when it became
clear that attackers were still inside its systems despite efforts to
expel them, The Times hired Mandiant ... Investigators still do not
know how hackers initially broke into The Times’s systems. They suspect
the hackers used a so-called spear-phishing attack, in which they send
e-mails to employees that contain malicious links or attachments. All
it takes is one click on the e-mail by an employee for hackers to install
“remote access tools” — or RATs. Those tools can siphon off oceans of
data — passwords, keystrokes, screen images, documents and, in some
cases, recordings from computers’ microphones and Web cameras — and
send the information back to the attackers’ Web servers ...
In the case of a 2011 breach at the United States Chamber
of Commerce ... the trade group worked closely with the F.B.I. to seal
its systems ... But months later, the chamber discovered that Internet-connected
devices — a thermostat in one of its corporate apartments and a printer
in its offices — were still communicating with computers in China ...
hashed passwords can easily be cracked using so-called
rainbow tables ... the attackers cracked the passwords and used them
to gain access to a number of computers ... "They could have wreaked
havoc on our systems," said Marc Frons, the Times’s chief information
officer. "But that was not what they were after." ... What
they appeared to be looking for were the names of people who might have
provided information to Mr. Barboza ...
After Google was attacked in 2010 and the Gmail accounts
of Chinese human rights activists were opened, for example, investigators
were able to trace the source to two educational institutions in China,
including one with ties to the Chinese military ...
February 2013: Twitter: hackers may have stolen passwords of 250,000 users:
The security breach is one of the biggest to ever affect
Twitter, which has 200 million active users, and highlights growing
concerns over the danger of so-called cyber attacks ...
February 2013: 'Massive' Credit Card Fraud Steals $200M:
Eighteen people have been charged in what federal prosecutors
in New Jersey called one of the largest credit card fraud schemes ever
uncovered by the U.S. Department of Justice, spanning 28 states and
"The defendants are part of a massive international
fraud enterprise involving thousands of false identities, fraudulent
identification documents, doctored credit reports and more than $200
million in confirmed losses," FBI Special Agent James Simpson said
in court records ...
February 2013: Apple, Macs hit by hackers who targeted Facebook:
Apple Inc was recently attacked by hackers who infected
Macintosh computers of some employees, the company said Tuesday in an
unprecedented disclosure describing the widest known cyber attacks targeting
Apple computers used by corporations ...
The same software, which infected Macs by exploiting
a flaw in a version of Oracle Corp's Java software used as a plug-in
on Web browsers, was used to launch attacks against Facebook, which
the social network disclosed on Friday.
March 2013: Yes, Microsoft Azure Was Downed By Leap-Year Bug:
Microsoft has confirmed that Wednesday’s Windows Azure
outage that left some customers in the dark for more than 12 hours was
the result of a software bug triggered by the Feb. 29 leap-year date
that prevented systems from calculating the correct time.
March 2013: Evernote hacked, forces millions of users to reset their passwords:
Evernote is asking its millions of users to reset their
passwords following an attempt to hack the note-taking network.
In a blog post acknowledging the security breach Evernote's
chief technology officer, Dave Engberg, explained that usernames and
email addresses had been accessed along with encrypted password information.
March 2013: RBS and NatWest FAIL downs services across UK:
Thirsty NatWest and RBS customers across the UK are
finding it difficult to get the last round in tonight, as the banks'
systems have failed.
The megabork, which began at around 9:30pm, has taken
down cash machines, online banking and telephone banking for the majority
of its customers across the UK ...
The failure is also affecting debit card payments,
according to multiple reports on twitter of problems processing transactions
at petrol stations and supermarkets.
March 2013: Australian Central Bank Hit by Cyberattack:
The Australian central bank confirmed Monday that it
had been hit by cyberattacks, but it said no data had been lost or systems
March 2013: US security agency database hacked:
A US government computer vulnerability database and
several other websites at the National Institute of Standards and Technology
have been down for nearly a week after workers there found malware on
two Web servers.
March 2013: Details on the denial of service attack that targeted Ars
It is recommended that you read the entire Ars Technica article:
(a) People need to test the defences of their websites to see how
well they can withstand attacks. So services grow up which allow them
to launch a test attack. It's all perfectly legitimate-looking, you open
an account, you pay $10 a month, or whatever, you get bulk purchase discounts,
etc ... It's all made easy, with simple drop-down menus from which you
choose the type of attack you would like to launch. But everything
in the web security world is double-edged and, if the test site isn't
too choosy, there's nothing to stop rogue account-holders from using the
test site to launch real attacks ...
(b) There is a great variety of attack tactics, like chess gambits,
which exploit the very virtues of web communications. When a message is
sent to a site, it responds and, as a matter of good housekeeping, the
site waits for an acknowledgement of its response. If you simply don't
send that acknowledgement, the site can sit there waiting forever. Do
that over and over again and the site's resources start to be eaten up
... Double-edged again, the protocol for orderly communications
is itself used to disrupt communications.
(c) The attacker may be an engineer legitimately testing the defences
he or she has designed. Or a rogue. Or "simply" someone playing
competitive games trying to slow down his or her opponents. Double-edged,
the tools designed to gain an advantage in something as apparently trivial
as computer games are just the tools you need for carrying out the less
trivial exploits listed on this page ...
March 2013: Hackers paralyse South Korean banks and broadcasters:
National broadcasters KBS, MBC and YTN reported shortly
after 2pm that their computer networks had inexplicably come to a complete
halt. Editing equipment had also been affected, affecting broadcasts.
Shinhan Bank and Nonghyup Bank reported that their systems had also
been affected at the same time ...
To date, Seoul has identified 442 sites and organisations
that are dedicated to attacking South Korean interests through the Internet,
including Uriminzokkiri, the [North Korean] regime's main Internet-based
media and propaganda site ...
There is particular concern about the South's nuclear
energy facilities, which supply nearly 36 percent of the nation's electricity
and could be susceptible to viruses.
The report also indicated that South Korea's KTX high-speed
railway network is vulnerable as it is controlled from a single command
centre. A failure in the operating system would mean trains could no
longer control speeds, routes or signals and - in a worst-case scenario,
the report warned - they could be re-routed so they collide, causing
hundreds of deaths.
Air traffic is also at risk, while the South Korean
stock market could be immobilised or see fake transactions being made,
contributing to a crash in the market.
April2013: Syrian Electronic Army: Assad's cyber warriors:
In recent weeks, the self-styled Syrian Electronic
Army (SEA) has launched hacking attacks on the BBC, the Associated Press
(AP) and most recently the Guardian. Last week the group succeeded
in hijacking AP's main Twitter account, with 1.9 million followers.
It falsely claimed that President Obama had been injured in an explosion.
AP corrected the message, but not before $130bn had been briefly wiped
off the value of stocks.
May 2013: China’s Cyberspies Outwit Model for Bond’s Q:
It is recommended that you read the entire Bloomberg article
or the DMossEsq
summary, "When it comes to cyber security QinetiQ couldn’t grab their
ass with both hands".
May 2013: 'Chinese' attack sucks secrets from US defence contractor:
It is recommended that you read the entire ElReg article or
summary, "When it comes to cyber security QinetiQ couldn’t grab their
ass with both hands".
May 2013: On the frontline of the fight against cybercrime:
Inside the tightly controlled security area of Symantec's
Dublin headquarters, a screen on the wall flashes up hacking hotspots
as they are detected around the world. Last year the company estimated
it blocked nearly 250,000 cyber-attacks. One out of every 532 websites
was infected with viruses, it said, and 1.6 million instances of malware
Overall, cyber-attacks were up 42% in 2012. They range
from "hacktivist" targeting of industries such as defence
to the fast-growing area of "ransomware" blackmail attempts,
but more than a third of attacks focused on small- to medium-size businesses
employing fewer than 500 people.
... there were now online toolkits hackers could buy
on the internet to enable them to break into bank accounts.
May 2013: Chinese hackers breach US, Australian defence:
Designs for more than two dozen major US weapons systems
including programmes critical to missile defence and combat aircraft
and ships have been compromised by Chinese hackers, according to a Pentagon
Chinese hackers have also reportedly stolen top-secret
blueprints to the new $600 million (£385 million) headquarters for the
Australian Security Intelligence Organisation (ASIO) in Canberra.
May 2013: China calls Australian spy HQ plans hacking claims 'groundless':
China has shrugged off allegations by Australian media
that Chinese hackers have stolen the blueprints for the new Australian
spy headquarters ...
"In many cases, [the defence contractors] don't know
they've been hacked until the FBI comes knocking on their door," an
unidentified senior military official told the newspaper. "This is billions
of dollars of combat advantage for China. They've just saved themselves
25 years of research and development. It's nuts."
June 2013: US and China to hold talks on cyberhacking:
The United States and China have agreed to hold regular,
high-level meetings aimed at setting standards of behaviour on cybersecurity
and commercial spying in the first diplomatic move to defuse tensions
over cyberattacks ...
However, officials said they did not expect the meetings
to lead immediately to a reduction in the daily attacks by China, described
by General Keith Alexander, head of the United States Cyber Command
and director of the National Security Agency, as “the greatest transfer
of wealth in history”.
September 2013: Vodafone Hacker Accesses 2 Million Customers’ Banking
An intruder hacked into a Vodafone
Group Plc (VOD) server in Germany, gaining access to 2 million customers
personal details and banking information.
A person with insider knowledge stole data including
names, addresses, birth dates, and bank account information, the worlds
second-biggest mobile-phone carrier said in a statement
today. The hacker had no access to credit-card information, passwords,
PIN numbers or mobile-phone numbers, Vodafone said ...
Vodafone, based in Newbury, England, is the latest
high-profile company to announce a security breach. Last month there
were hacker attacks on Google
Inc. (GOOG), Twitter Inc. and the New
York Times. KT Corp., South Korea’s largest phone and Internet company,
fell the most in seven months in July last year after saying customer
data were leaked by hackers.
September 2013: Bank raiders tried to snatch millions with a remote control:
A dozen men have been arrested after police foiled
a daring attempt to steal millions of pounds from a high-street bank
armed with nothing more deadly than a remote-control transmitter.
The raid, in which an electronic device was fitted
to a computer in the Surrey Quays branch of Santander, in East London,
was described by police as a very significant and audacious
attempted cyber robbery.
September 2013: Data Broker Giants Hacked by ID Theft Service:
An identity theft service that sells Social Security
numbers, birth records, credit and background reports on millions of
Americans has infiltrated computers at some of America’s largest consumer
and business data aggregators, according to a seven-month investigation
by KrebsOnSecurity ...
Two of the hacked servers were inside the networks
of Atlanta, Ga.-based LexisNexis Inc., a company that according to Wikipedia
maintains the world’s largest electronic database for legal and public-records
related information ...
Two other compromised systems were located inside
the networks of Dun & Bradstreet, a Short Hills, New Jersey data aggregator
that licenses information on businesses and corporations for use in
credit decisions, business-to-business marketing and supply chain management.
October 2013: Experian Sold Consumer Data to ID Theft Service:
An identity theft service that sold Social Security
and drivers license numbers — as well as bank account and credit card
data on millions of Americans — purchased much of its data from Experian,
one of the three major credit bureaus, according to a lengthy investigation
October 2013: British man charged with hacking U.S. military networks:
(Reuters) - A British man has been arrested in England
and charged by the United States and Britain with hacking into U.S.
government computer systems, including those run by the military, to
steal confidential data and disrupt operations, authorities said.
Lauri Love and three co-conspirators allegedly infiltrated
thousands of systems including those of the Pentagon's Missile Defense
Agency, the U.S. Army Corps of Engineers, the U.S. space agency NASA
and the U.S. Environmental Protection Agency, according to a U.S. grand
jury indictment made public on Monday.
November 2013: Hackers for hire can rob you blind for $300 an hour:
Hackers for hire are offering bespoke services at an
hourly rate of $100 to $300 depending on their reputation. For “Fullz”
— a dossier of personal information about an individual, usually including
name, address, phone numbers, e-mail addresses and passwords, date of
birth, bank account details and credit card information — the price
is $25 in the US or $30 to $40 in the UK.
December 2013: Target card heist hits 40 million:
Payment details from up to 40 million credit cards
could have been stolen after they were used in the stores of US retail
giant Target ...
Target said the thieves had taken credit card numbers,
names, expiration dates and security codes for the cards ...
... sources at credit card payment processing firms
had told him the thieves had installed data-stealing code on to card-swipe
machines at tills in all 1,797 Target stores ...
The largest ever credit card breach at a US retailer
took place in 2007 when cyber-thieves managed to steal information related
to almost 46 million credit and debit cards from TJ Maxx and Marshalls
January 2014: Hackers steal Snapchat users’ numbers:
A smartphone app [Snapchat] that can send potentially
embarrassing photos and videos that are supposed to disappear once viewed
has been hacked, exposing the phone numbers of 4.6 million users ...
The hacked phone numbers were posted online, with partially edited user
January 2014: Korean credit card bosses offer to RESIGN over huge data
An IT contractor has been arrested over the theft of
credit card and personal details of 20 million South Koreans ...
The huge breach was apparently only possible because
the sensitive data wasn't encrypted, according to an official at the
country's Financial Services Commission ...
The Korea Credit Bureau's role as a national credit
reference agency gave it access to databases maintained by South Korea's
three largest credit card firms: KB Kookmin Card, Lotte Card and NH
Chiefs of the three firms publicly apologised for the
leaks before offering to resign, owing up to responsibility over the
whole sorry mess in a classy move we doubt many Western execs in the
same situation would follow.
See 20 February 2014 follow-up: Korean
credit card companies hit with 90-day, $100m sales ban
January 2014: Botnet Bust SpyEye Malware Mastermind Pleads Guilty:
SpyEye infected more than 1.4 million computersmany
located in the U.S.obtaining victims financial and personally
identifiable information stored on those computers and using it to transfer
money out of victims bank accounts and into accounts controlled
Ultimately, though, Panin sold his malware online to
the wrong customeran undercover FBI employee. And after an investigation
involving international law enforcement partners as well as private
sector partners, a dangerous cyber threat was neutralized.
February 2014: Orange France hack sees 800,000 customer details compromised:
The attack, which affected 800,000 customers, apparently
took place on 16 January 2014, through the company's website at Orange.fr,
and includes names, email addresses, phone numbers and more ...
A similar hack on Adobe's customer base in October
2013, which the company initially said only affected 2.9 million users,
was eventually shown to have affected 38 million.
The unsecured state:
March 2014: UK Parliament XSS Flaw
March 2014: EduBase XSS
March 2014: 2,000+ NHS Security Vulnerabilities
March 2014: UK Government Websites Spewing Spam
March 2014: Abandoned Inquiries
There needs to be a radical re-think in the way that
the state approaches digital infrastructure. This means long term legacy
planning - not just thinking in terms of election cycles. It means employing
people who know what they are talking about - not just the heads of
"Think Tanks". It means no longer being afraid of technology
- but rather embracing the promise it brings of a better world for
Sadly, for now, when dealing with the UK Government's
attitude to their websites, I think it best to hang a large banner above
your browser reading "Lasciate ogne speranza, voi ch'entrate".
March 2014: New design flaw found in crypto's TLS: Pretend to be a victim
Security researchers have developed a new man-in-the-middle
attack against the cryptographic protocol TLS – a protocol that is used
to encrypt online banking and shopping, and other sensitive connections,
to thwart eavesdroppers.
March 2014: Ukraine and Russia locked in a cyber stand-off:
Security experts have warned that Ukraine and neighbouring
Russia are locked in a cyber stand-off amid diplomatic efforts to reduce
political tensions between the two countries.
Ukraine has accused Russia of disrupting mobile communications
in the wake of smaller-scale attacks in which Ukraine websites have
been defaced with propaganda messages, reports the BBC.
In response, Ukrainian hacktivist group Cyber-Berkut
claims to have vandalised 40 Russian websites since the dispute began,
prompting speculation about an escalation of cyber conflict.
Russia is suspected of conducting distributed denial
of service (DDoS) attacks on neighbouring Georgia in the run up to conventional
military conflict in 2008.
Russia denied being behind the DDoS attacks on Georgia
and has not commented on accusations that it is disrupting mobile communications
in Ukraine and tampered with fibre-optic networks.
However, experts say it is unlikely that Ukraine will
experience cyber attacks on the same scale as Estonia in 2007, when
the country was hit by 10 days of attacks on its internet services.
March 2014: Twelve million hit as Korea suffers ANOTHER massive data breach:
The South Korean government was forced to launch an
inquiry today after another massive data breach rocked the country,
time the theft of account information belonging to 12 million customers
of telco KT Corp ...
The data grab apparently went undetected by KT for
an entire year with the suspects allegedly snatching up to 300,000 records
in a single day. The nabbed details included names, registration numbers
and bank account info ...
This is the third time in two years that the country’s
second biggest carrier has been hit with a major data breach.
March 2014: Experian Lapse Allowed ID Theft Service Access to 200 Million
Last week, Hieu Minh Ngo, a 24-year-old Vietnamese
national, pleaded guilty to running an identity theft service out of
his home in Vietnam ...
Experian came into the picture in March 2012, when
it purchased Court Ventures (along with all of its customers
including Mr. Ngo). For almost ten months after Experian completed that
acquisition, Ngo continued siphoning consumer data and making his wire
Ngos ID theft business attracted more than 1,300
customers who paid at least $1.9 million between 2007 and Feb. 2013
Until last week, the government had shared few details about the scope
and the size of the data breach, such as how many Americans may have
been targeted by thieves using Ngos identity theft service. According
to a transcript of Ngos guilty plea proceedings obtained by KrebsOnSecurity,
Ngos ID theft business attracted more than 1,300 customers who
paid at least $1.9 million between 2007 and Feb. 2013 to look up Social
Security numbers, dates of birth, addresses, previous addresses, phone
numbers, email addresses and other sensitive data.
The government alleges that the services customers
used the information for a variety of fraud schemes, including filing
fraudulent tax returns on Americans, and opening new lines of credit
and racking up huge bills in the names of unsuspecting victims. The
transcript shows government investigators found that over an 18-month
period ending Feb. 2013, Ngos customers made approximately 3.1
million queries on Americans.
14 March 2014: Morrisons
staff payroll data stolen and published on the internet:
"The information included names, addresses and bank
account details of colleagues. This affects colleagues from all levels
of the organisation. Our immediate priority is the security of your
financial information. We are currently working with Experian and the
major banks to ensure that we provide full support and assistance to
all affected colleagues. This will include support and advice around
protection of your bank account."
March 2014: Notorious hacker caught in Bangkok:
Essebar, who is from Morocco and a Russian citizen,
was detained by officials officials from the Department of Special Investigation
(DSI), the Immigration Bureau, and the Office of the Attorney-General
The 27-year-old Russian citizen is wanted on a computer
crime charges arrest warrant in Switzerland. He is accused of cracking
banking computer systems and hacking bank websites in the country, causing
damage worth more than US$4 billion or 128 billion baht to customers
in Europe in 2011, the DSI official said ...
He and another person spread the Zotob computer worm
targeting Windows 2000 in 2005. The computer virus disrupted operations
at CNN, ABC News, the New York Times, Caterpillar, United Parcel Service,
Boeing and the United States Department of Homeland Security.
May 2014: Ebay urges users to reset passwords after cyberattack:
Auction site eBay has urged users to change their passwords
after suffering what may have been the biggest-ever cyber-attack when
hackers broke into a database holding its 233m customers personal
May 2014: Wacky 'baccy making a hash of FBI infosec recruitment efforts:
FBI Director James Comey ... reportedly told the White
Collar Crime Institute that he needs a "great work force"
to compete with the black hats, but "some of those kids want to
smoke weed on the way to the interview".
David Moss has spent seven
years campaigning against the Home Office's ID card scheme.
- © 2010 Business
Consultancy Services Ltd
- on behalf of Dematerialised