Digital Archive







Lockheed Martin said they have proof that hackers breached its network by using data stolen from a vendor that supplies coded security tokens to tens of millions of computer users. These findings confirm the fears of security experts about the safety of the SecurID tokens and growing concerns that other companies or government agencies that could be vulnerable to similar attacks.

SecurID Tokens are used to allow remote access to computer networks and are sold by the RSA Security Division of the EMC Corporation. RSA disclosed in March that hackers had stolen data that could compromise a company’s SecurID system in a broader attack. The breach of Lockheed, the nation’s largest defense contractor is a first for such an intentional damaging attack.

Higher frequencies of security breaches bring increasing tensions over the sophistication of computer hacking. Google said this week that it believed an effort to steal hundreds of Gmail passwords for accounts of prominent people, including senior American government officials, had originated in China. These findings confirm the fears of security experts about the safety of the SecurID tokens and growing concerns that other companies or government agencies could be vulnerable to similar attacks.

US charged Chinese Hackers for Stealing Sensitive Defense Information From the Largest United States Defense Contractor Lockheed Martin.


The US government continues to put pressure on Chinese cyber-espionage activities that stress international informational relationships. The US Justice Department has filed charges against a Chinese national named Su Bin. The business owner is charged with working with two unknown hackers to illegally obtain information on military aircraft produced by US defense contractors. Bin was reportedly arrested in Canada on June 28th and is facing extradition.

The three conspirators worked from 2009 to 2013 on obtaining the information, and they were apparently successful in stealing some sensitive documents related to the Lockheed Martin-built F-22 and F-35 fighter jets, as well as Boeing's C-17 military transport aircraft. The complaint additionally alleges that the conspirators provided Bin with a 1,467-page document of potential hacking targets. Bin could then select attractive files that he could then potentially sell to state-owned aerospace companies in China. While it seems that he was working for monetary gains the information gathered ended up directly in the hands of companies owned by the Chinese government.

Earlier this year the US charged Chinese army hackers for economic espionage for the first time it formally accused another country of hacking for economic gain. That was merely a high water mark in what has long been a heated exchange of words as the US has repeatedly cautioned the Chinese over the dangers of its cyber-espionage programs. According to a national intelligence report, the country's efforts to steal US trade secrets are the most aggressive in the world.

Estimates say that these cyber-espionage activities cost the US anywhere from $24 billion to $120 billion per year. Lockheed Martin said they have proof that hackers breached its network by using data stolen from a vendor that supplies coded security tokens to tens of millions of computer users. These findings confirm the fears of security experts about the safety of the SecurID tokens and growing concerns that other companies or government agencies could be vulnerable to similar attacks.

Tokens that are used to allow remote access to computer networks are sold by the RSA Security Division of the EMC Corporation. RSA disclosed in March that hackers had stolen data that could compromise a company’s SecurID system in a broader attack. The breach of Lockheed, the nation’s largest defense contractor is a first for such a poorly intended and damaging attack.

Higher frequencies of security breaches bring increasing tensions over the sophistication and poor intent of computer hacking. Google said this week that it believed an effort to steal hundreds of Gmail passwords for accounts of prominent people, including senior American government officials, had originated in China. These findings confirm the fears of security experts about the safety of the SecurID tokens and growing concerns that other companies or government agencies could be vulnerable to similar attacks.

The Pentagon, which has long been concerned about efforts by China and Russia to obtain military secrets, announced separately that it would soon view serious computer attacks from foreign nations as acts of war that could result in a military response.
RSA officials noted that Lockheed said it planned to continue using the SecurID tokens, and they said they believed other customers would as well.

But security experts said RSA’s reputation had most likely been seriously damaged, and many of its 25,000 customers, including Fortune 500 companies and government agencies around the world who face decisions about what to do next. RSA’s prospects for holding on to some of those customers certainly seems bleak said the chief technology officer at Bit9, a firm that provides other types of security products and does not compete with RSA. He and other experts said RSA might need to reprogram many of its security tokens or create an upgraded version to rebuild confidence in its systems. In response to questions on Friday,

Lockheed said in an e-mail that its computer experts had concluded that the breach at RSA in March was “a direct contributing factor” in the attack on its network. Government and industry officials said the hackers had used some of the RSA data and other techniques to piece together the coded password of a Lockheed contractor who had access to Lockheed’s system. Lockheed, which makes fighter planes, spy satellites and other confidential equipment, said it had detected the attack quickly and blocked it before any important data was compromised.

Lockheed said it was replacing 45,000 SecurID tokens held by workers who need to log into its system from customer offices hotels or their homes. They also required its employees to change their passwords and it added a step to its sign-on process. He said the company would discuss reprogramming tokens with companies. In some cases that may require more work than other measures they could take to beef up different parts of their security systems. RSA based in Bedford Mass has declined to specify what data was stolen in March. It has also said that it detected the attack as the hackers were removing the data and that the attack was only partly successful.

But independent security experts have speculated that the hackers obtained at least part of the databases holding serial numbers and other critical data for the tens of millions of tokens, and Lockheed’s confirmation that the stolen data played a role in its attack supported that theory.





The RSA tokens provide security beyond a user name or password by requiring users to enter a unique number generated by the token each time they connect to their networks. To make use of the data stolen from RSA, security experts said, the hackers would also have needed the passwords of one or more users on Lockheed’s network. RSA has said that in its own breach the hackers accomplished this by sending “phishing” e-mails to small groups of employees including one worker who opened an attached spreadsheet that contained a previously unknown bug. This let the hacker monitor the worker’s passwords. Security specialists suspect that something similar happened in the Lockheed attack, with the hackers using the data stolen from RSA to predict the security codes that the token would generate.

Mr. Sverdlove said that in mounting attacks many hackers now studied Facebook and other social media for information to personalize their phishing e-mails and increase the odds they will be opened. He said that over the last two years there have been dramatic increases of these kinds of attacks. Security experts said that the alternatives to the tokens, including computerized smart cards and biometric tools tended to be more expensive. They said Northrop another giant military contractor was shifting from SecurID tokens to smart cards which will potentially offer better security features.










A Glimpse of The Past and Future
BEJING - China 2012
In a balanced world light and darkness exist, for a new world a new balance must exist. With advancements in world technology, communications, and the abilities of nations and our people new technological playing fields with new battlefronts will ultimately emerge. A sad but intrepid one to watch today is the fight for freedom of speech and human rights in China today and years past.

Anonymous threw havoc at our Federal Trade Commission beginning in 2012, later they turned to US's partner China. Chinese government websites and several dozen websites belonging to Chinese companies and other groups appear to have been compromised over the past few days, many of them defaced with a message, accompanied by The Who’s “Baba O’Riley,” saying the sites were hacked by Anonymous.



The hacks were announced on March 30 on a Twitter feed, @AnonymousChina, and through a list posted to the programmer website Pastebin.
Government-owned websites targeted by the group include those belonging to the Central Business District in Chengdu a provincial capitol in South West China.
Qingniwaqiao sub-district office in the city of Dalian, both were still displaying the Anonymous message on Wednesday. Also hacked were three other sites belonging to lower-level government agencies in the cities of Taizhou, Zhongshan and Jiazhou. All three sites appeared to be broken Wednesday. They have been picking websites of interest over the years

April 10, Bejing - China Says CyberWar could be a Reality
What is Cyber Warfare and how does it effect us? Today cyber warfare is very much a reality and China has officially set up a specialized Online Blue Army to protect their country. Cyberwarfare refers to politically motivated hacking to strategize, spy or sabotage. It is a innovative form of information warfare.

Cultures and traditions as they are, there are some many opinions/feelings on what is the right and moral way to behave. It is still not correct to cast your opinions to inhibit or hurt other people. Now imagine your country tells you how to feel, walk, move, and believe even up to point where they sensor what you say, how you communicate and what you may learn. As happens in many countries like Iran, Thailand, China and many more. Anonymous is best known for attacking government agencies, businesses and political causes they believe are infringing on their rights to information.

April 5, BEJING 2012 The activist computer group Anonymous hacked hundreds of Chinese government Web sites in recent days, posting all the sites targeted on the Web. Anonymous hackers pledge to continue targeting China after hundreds of Chinese websites were attacked protesting against internet censorship and mere human rights in the country.

“Dear Chinese government, you are not infallible, today websites are hacked, tomorrow it will be your vile regime that will fall,” and “What you are doing today to your Great People, tomorrow will be inflicted to you. With no mercy.” -Anonymous

The hacked home page for Chengdu city’s business district.
An Anonymous China Twitter account said more than 400 Web sites were hacked, including the sites of government bureaus in several Chinese cities, including the city of Chengdu, whose Web site is pictured above.
On Thursday, a message on that site from the hacking group told Chinese citizens to “never, ever give up” in challenging their government about a “lack of democracy and justice.” The hack was significant in part because Anonymous previously stayed away from Chinese Web sites, according to al-Jazeera.


It is unclear whether the Chinese government’s army of Internet trolls will fire back on Anonymous for this attack. Internet freedom is a major problem in China, where government censors delete thousands of messages online, social media networks require users to use their real names, and the online media is often stifled.

CHINA employs an army of censors to police the internet, now has deployed legions of web commentators to flux opinions on the web.

Armed with an army of censers that police the internet, China also deploys legions of web commentators. With a skyrocketing population and millions of online users the internet is a forum for debates in the worlds most populous country and a big sound board. This has been noted by China's communist leaders, who pay careful attention to online conversations despite strict restrictions on what can be said in cyberspace.
Web commentators either anonymously or with pseudonyms spread politically correct arguments, many for money.
So who are they who infiltrate blogs, news sites, e-mails, and chat rooms? It's unknown as they do not talk to the media. Without Adversity Legends Do Not Exist.
What is Cyber Warfare and how does it effect us? Today cyber warfare is very much a reality and China has officially set up a specialized Online Blue Army to protect their country. Cyberwarfare refers to politically motivated hacking to strategize, spy or sabotage. It is a innovative form of information warfare.

April 10 Bejing 2012 - China Says Cyber-War could be a Reality At Briefing China's defense ministry spokesman, Geng Yansheng, announced that the 30 member team was formed to improve the military's security, Beijing News reported.


When asked if the Blue Army was set up in order to launch cyber attacks on other countries? Geng said that internet security was an international issue that impacted not only society but also the military field, adding that China was also a victim of cyber attacks and that the country's network security was currently relatively weak.

The online unit under the Guangdong Military Command is believed to have existed previously. Sources throughout the internet security industry have long believed that China-based hackers are the single largest source of worldwide cyber attacks.

What sounds a bit convenient is, the US anti-virus software maker Symantec reported last year that they found 30% of malicious emails were sent from China, with 21% percent of the attacks originating from the eastern city of Shaoxing.

Our Technology is advancing so quickly that very soon amazing diverse possibilities of technological use will be a part of our world. Technology has immerse varieties of prospects that will greatly impact our Quality of Life and Societies.

Sources of Global Cyber Issues



Known World History Cyber Securities
In 2009 President Barack Obama declared America's digital infrastructure to be a "strategic national asset," and in May 2010 the Pentagon set up its new U.S. Cyber Command (USCYBERCOM), headed by General Keith B. Alexander, director of the National Security Agency (NSA), to defend American military networks and potentially attack other countries' systems.

The EU has set up ENISA (European Network and Information Security Agency) which is headed by Prof. Udo Helmbrecht and there are now further plans to significantly expand ENISA's capabilities.

The United Kingdom has also set up a cyber-security/operations center in Government Communications Headquarters (GCHQ), the British equivalent of the NSA.
In the U.S. however Cyber Command is only set up to protect the military. Department of Homeland Security works with them for everything else. With rapidly advancing technology the threat of cyber-war or attack on telecommunications and computer networks is on the rise.
While China and Russia generally are considered by industry experts to be the leaders in state-sponsored cyber attacks against the United States, they are not the only countries to have sophisticated espionage infrastructures in place. Other nations with sophisticated capabilities include North Korea, Iran, France, Israel and the United States.

Harvard Law Post/ Known Cyber Law


Other Known Cyber Attacks

January 2009 the world witnessed the third successful cyber attack on a country. The target was Kyrgyzstan. The country is only about 77,000 square miles in size with a population of just over 5 million. The attackers focused on the three of the four Internet service providers. They launched a distributed denial of service attack traffic and quickly overwhelmed the three and disrupting all Internet communications. The IP traffic was traced back to Russian-based servers primarily known for cyber crime activity. Multiple sources have blamed the cyber attack on the Russian cyber militia and/or the Russian Business Network (RBN). RBN is thought to control the world’s largest botnet with between 150 and 180 million nodes. These reports go on to say that Russian Officials hired the technically capable group to do this. It is widely believed that this group also played a substantial role in the Estonia Attack in 2007 and the attack on Georgia in 2008.

The mechanism of attack was a fairly large botnet with nodes distributed in countries around the world. One significant difference in the Kyrgyzstan attack is that most of the DDoS traffic was generated in Russia.

INTEL: One source reports that this attack was commercial — insinuating the civilian organization (attackers) may have been paid to carry this out.

ANALYSIS: The commercial sourcing of the cyber attack is believed to have been done to put the Russian government an arms length away from the hostile act.
The attack seems to be politically motivated and is an example of geopolitical disputes being fought with cyber weapons.
March 30, 2012
The mysterious group of hackers who go by the name "Anonymous" has threatened to take down the Internet.



The group Anonymous has threatened to take down the Internet on Saturday to protest anti-piracy proposals that they consider online censorship. Here, a masked protester demonstrates against one such measure last month in Zagreb, Croatia, last month.
The confusion comes from the very nature of the group, which is amorphous and has no identifiable leadership. Several weeks ago, a group identifying itself as Anonymous announced "Operation Global Blackout," the effect of which would be to bring Web surfing to a halt.

Jan 8, 2012
Unknown hackers expose defense and intelligence officials in US and UK Security breach by 'hacktivists' reveals email addresses of 221 British military staff and 242 Nato officials.


Nato secretary general Anders Fogh Rasmussen. "More than 200 of his staff have been exposed by Anonymous hacktivists'"

Thousands of British email addresses and encrypted passwords, including those of defense, intelligence and police officials as well as politicians and Nato advisers, have been revealed on the internet following a security breach by hackers.

Among the huge database of private information exposed by self-styled "hacktivists" are the details of 221 British military officials and 242 Nato staff. Civil servants working at the heart of the UK government – including several in the Cabinet Office as well as advisers to the Joint Intelligence Organization, which acts as the prime minister's eyes and ears on sensitive information – have also been exposed.

The hackers are believed to be part of the Anonymous group, gained unauthorized access over Christmas to the account information of Stratfor, a consultancy based in Texas that specializes in foreign affairs and security issues. The database had recorded in spreadsheets the user IDs usually email addresses and encrypted passwords of about 850,000 individuals who had subscribed to Stratfor's website.

75,000 paying subscribers also had their credit card numbers and addresses exposed, including 462 UK accounts. The leaked email addresses are those of 221 Ministry of Defense officials identified by Bumgarner, including army and air force personnel. Details of a much larger group of US military personnel were leaked. The database has some 19,000 email addresses ending in the .mil domain of the US military.


Jan 19, 2012
Anonymous Hackers Take Down Justice Dept Website over Megaupload.com
WASHINGTON – Hackers aligned with the global cyber-collective known as Anonymous have claimed responsibility for taking down at least six prominent websites, including those of the US Department of Justice and Universal Music Group, in retaliation for charges levied earlier Thursday against content-sharing site Megaupload.com.
The group also said it brought down the websites of the Recording Industry Association of America (RIAA), the Motion Picture Association of America (MPAA), the US Copyright Office and the Utah Chiefs of Police Association. The RIAA site and the Copyright Office sites were both down, while the Utah Chiefs of Police site had been altered to show the logo for Megaupload.com.
The account, under the name @YourAnonNews identifies itself on Twitter as the infamous hacker collective, saying "We are Anonymous, We are legion, We never forgive, We never forget, Expect us."Earlier that week the FBI shut down Megaupload.com and charged the site's founders and five others with internet piracy crimes for running "an international organized criminal enterprise."

Anonymous Hacks 2011
Anonymous Hackers Release Evidence of Brazilian Government Corruption Back in August, Anonymous released a series of files "allegedly" proving corruption within the Brazilian Government. Links to the data were posted alongside a statement on the pastebin website, on Wednesday 10 Aug, 2010. In its accompanying statement Anonymous claimed to have released "evidence revealing government cover-up of a corruption investigation involving the CIA, the Brazilian telecom industry, and multiple US corporations."
The files were reportedly taken from evidence collected during Operation Satiagraha an investigation aimed to expose corruption in the Brazilian Federal Police force carried out between 2004 to 2008

Anonymous OpPayPal hits Ebay, it's parent company where it hurts. As well as seeing an alleged 20K-plus users close their PayPal accounts, Anonymous' OpPayPal reportedly led to a $1 billion loss for PayPal's parent company eBay.
The entirely legal campaign began in July when Anonymous called for "anyone using PayPal to immediately close their accounts and consider an alternative."

The campaign was reportedly motivated by the U.S. FBI and PayPal's treatment of alleged Anonymous hacker Mercedes Renee Haefer an American journalism student who was arrested by the FBI for alleged involvement in a number of Anonymous hacks.
With the Op's primary goal being to affect eBay's stock value, upon the opening of NASDAQ the stock had seen a marked decrease, starting with a rough 1.7 per cent decrease before peaking at a sizable 3 per cent-plus drop, leaving it with a $33.47 value. The day before eBay stock had been selling for around $34.4.
As well as the drop in stock value, Anonymous also reported the campaign had seen 20,000-plus users cancel their PayPal accounts.







In March 2013 Spamhaus added Cyberbunker to a blacklist claiming that they host spam websites. This was the catalyst to the biggest cyber attack in history. Shortly afterwards a distributed denial of service (DDoS) attack of previously unreported scale (peaking at 300 gigabites per second; an average large scale attack might reach 50 Gbps, and the largest previously publicly reported was 100 Gbps was launched against Spamhuas's Domain Name System (DNS) servers exploiting a known vulnerability of DN.


After a week of cyber attacks Spamhuas is still undefeated. Spamhuas operates a number of databases linked to spamming, malware, and nefarious content in order for internet service providers to restrict or block access.


In October 2011 Spamhuas identified Cyberbunker as providing hosting for spammers and contacted thier upstream provider A2B, asking that service their be cancelled. A2B initially refused, blocking only a single IP address linked to spamming. Spamhuas responded by blacklisting all of A2B address space. A2B capitulated, dropped Cyberbunker and then filed complaints with the Dutch police for extortion.


Cyberbunker has a long history of run-ins with the law. It was also host of the infamous Russian Business Network cyber crime gang broken up by the FBI and other law enforcement agencies.
Hackers and your iPhone

With technology at a new peak you have to know what's around you. Take care with your information. As more smartphones populate our pockets expect hackers and bad actors to target your smartphone. Smartphone owners are increasingly paying a high price for free mobile applications, with 2012 set to be a disruptive year of widespread mobile hacking,” Dr. Jeffrey Voas, whose research has found malware in more than 2,000 free smartphone apps, told FoxNews.com.

Also, be weary giving your info out online to websites that sell or send your info along to others network. It often leaks to people you don't want to have it, especially when regarding financial information which can result in information leaks, identity theft, blackmailing or fraud. Take care. Think twice.

No comments:

Post a Comment