Archive for December 31, 2016

North Korean Hackers Could Weaken US Pacific Command

(pc-Google Images)
A cyberattack by North Koreans could potentially knock out the computer network for the US Pacific Command, warned a report issued out by a South Korean state-run agency.

According to a report by the South Korean Defence Agency for Technology and Quality (DATQ), North Korea’s cyber warfare specialists could “paralyze” the networks for the U.S. Pacific Command’s control center and cripple parts of the U.S. power grid.

Pyongyang has around 6,800 cyber warfare specialists, according to the South Korean Ministry of National Defense. Some experts believe the North could have as many as 30,000 hackers in its employ.

"The enemy (North Korea) will seek to disable our cyber capacity at a critical point via an all-out cyberattack. ... It is crucial (for South Korea) to establish an asymmetrical cyber warfare capacity to overwhelm that of the North," the report said.

North Korea has been the primary suspect in a number of cyber attacks in recent years.

Local cyber expert Lim Jong In, a professor at the graduate school of information security at Korea University, said cyber terrorism appeals to poorer countries like North Korea, as it can be done on a relatively small budget but still has a large impact.

Cyber tension between North and South have recently escalated, amid a wave of allegations and cyberattacks.

The South Korean military reported that its cyber command, a division set up to prevent hacking, was breached by North Korea earlier this month. Over a period of several years, North Korea hacked into over 140,000 computers and breached the security systems of more than 160 South Korean firms and government agencies.

Bangladesh bank heist: Police suspect IT technicians

(pc-Google Images)
One of the biggest bank hacks of 2016 was the Bangladesh bank hack. The hackers successfully broke into the Central Bank of Bangladesh and stole nearly $1 Billion, of which $81m (£65.9m) still remains unrecovered.

Mohammad Shah Alam, a Bangladesh police deputy inspector general who is heading investigations in Dhaka, went into some detail about how insiders at Bangladesh Bank may have helped in the execution of one of the world's biggest cyber-heists last February.

The suspect in this case are now considered to be IT technicians from the bank hooking up its transactions to the public internet, giving access to the hackers.

"There were a number of other things, which if the Bangladesh Bank people had not done, the hacking would not have been possible," said Alam.

Alam said he was focusing on why a password token protecting the SWIFT international transactions network at Bangladesh Bank was left inserted in the SWIFT server for months leading up to the heist. It is supposed to be removed and locked in a secure vault after business hours each day.The failure to remove the token allowed hackers to enter the system when it was not being monitored, first to infect it with malware and then to issue fake transfer orders, he said.

Alam said that he was waiting for "specific information" on any communications between the suspects and the hackers, which may help further solidify the case.

No suspects have been named or arrested yet. The Bangladesh bank, Swift and the FBI, which also launched its own probe into the attack, are yet to comment on that matter.

Obama imposes sanctions on Russia

The Treasury Department of United States has announced the new sanctions against five entities and four individuals after President Barack Obama has signed the papers on Wednesday night.
In the executive order, the president said “additional steps to deal with the national emergency with respect to significant malicious cyber-enabled activities… in view of the increasing use of such activities to undermine democratic processes or institutions.”

The five institutions included in the list are: the Professional Association of Designers of Data Processing Systems, an autonomous non-commercial organization; Federal Security Service (Federalnaya Sluzhba Bezopasnosti or FSB); Main Intelligence Directorate (Glavnoe Razedyvatelnoe Upravelenie or GRU); Special Technology Center; and Zorsecurity, formerly known as Esage Lab or Tsor Security.

The list of sanctioned people includes:  GRU's  first deputy chief,  Vladimir Stepanovich Alexseyev; the deputy chief,  Sergey Gizunov; Igor Korobov, chief of the GRU; and Igor Kostyukov, the first deputy chief of the GRU. The Treasury Department included two other names to the list "for malicious cyber-enabled activities," Aleksey Alekseyevich Belan and Evgeniy Mikhaylovich Bogachev.

In retaliation for reports of harassment of US diplomats in Moscow, White House has expelled 35 Russian intelligence officials,  giving them 72 hours to leave the country. However, there is no correlation between both the cases.

“These actions follow repeated private and public warnings that we have issued to the Russian government, and are a necessary and appropriate response to efforts to harm U.S. interests in violation of established international norms of behavior,” Obama said in a statement.

Cisco India Introduces 3 Cyber Security Initiatives

(pc-Google Images)
Cisco India has announced three new initiatives to help the country build a transparent and secure digital infrastructure environment.

Cisco will open a new Security Operations Centre (SOC) in Pune which will provide services in monitoring and management to comprehensive threat solutions and hosted security that can be customised.

The company’s Cisco Cyber Range Lab in Gurugram will provide specialised technical training workshops to help security staff build the skills and experience necessary to combat new-age cyber threats.

Cisco's global Security & Trust Organization (S&TO) and Cisco India announced the formation of Cisco S&TO-India that will help the government shape the national cyber-security strategy and initiatives.

Meanwhile, Cisco and Ministry of Electronics and Information Technology's (MeitY) Indian Computer Emergency Response Team (CERT-In) signed a Memorandum of Understanding (MoU) in the presence of Electronics and IT Minister Ravi Shankar Prasad.

"In light of rapidly evolving cyber tactics and shared risks in cyberspace, the need to work side-by-side with industry partners on pressing cyber-challenges becomes increasingly important. We are happy to have Cisco collaborate with us to enhance the security of India's digital infrastructure," said Prasad.

Cisco's "Active Threat Analytics" provides round-the-clock monitoring and advanced-analytics capabilities combined with industry-leading threat intelligence and expert investigators to rapidly detect advanced threats.

Cisco will also provide 24-hour service for customers regardless of time zone. "As India digitises, security will become fundamental to seizing the unprecedented opportunities for businesses, cities and citizens. Cisco is committed to enable a digital-ready infrastructure and security everywhere. Today's cyber-security announcements reaffirm Cisco's long-term commitment to India," added Dinesh Malkani, President, Cisco India and SAARC.

"By 2020, the Indian digital payments industry will grow 10 times and mobile transactions will grow 90 per cent per year by 2020. As of 2016, three new Indians join internet every second and by 2030, one billion Indians will be online so digital security is paramount," Malkani added.

New York Financial Regulator Delays Cyber Security Rules

(pc-Google Images)
The New York Department of Financial Services (NYDFS) will delay the effective date of their proposed cybersecurity regulation until March 1, 2017. Earlier the anticipated deadline was January 1 for banks and insurers doing business in the state to comply with controversial cyber security rules.

Banks and insurers have been fighting for an extension of the compliance deadline and other changes ever since the regulator formally unveiled the proposed rules in September.

Banking and insurance industry representatives raised their objections that included the fact that ‘The rules did not distinguish between small and large financial institutions and would possibly conflict with future U.S. government cyber security rules.’

The original proposed regulation met with significant resistance, including reportedly more than 150 comment letters. Many of the comments identified the proposed regulation as highly prescriptive and lacking allowance for Covered Entities to make risk-based decisions on certain important technology matters.

A number of comments also requested the ability to distinguish between small and large Covered Entities in structuring cybersecurity programs based on size and risk. Some comments expressed concern that inconsistencies with federal and other state regulations, which are anticipated in the future, would make compliance highly complicated.