Tag Archive for: department

Hackers took down U.S. airport websites, Department of Homeland Security confirms

/in


Unknown hackers attacked and temporarily shut down the public-facing websites of at least several major U.S. airports on Monday, a Department of Homeland Security official confirmed to USA TODAY.

The official from DHS’ Cybersecurity and Infrastructure Security Agency, or CISA, declined to comment on who might have been behind what appeared to be a coordinated series of distributed denial of service (DDoS) incidents, which did not affect the actual operations of the airports or planes flying into and out of them.

“CISA is aware of reports of DDoS attacks targeting multiple U.S. airport websites. We are coordinating with potentially impacted entities and offering assistance as needed,” said the official, who declined to speak on the record or provide any more information about the cyberattacks and who might have been responsible.

Russian-speaking “hacktivists” from a group calling itself KillNet claimed responsibility for the attacks, which took down websites at 14 airports, including Hartsfield-Jackson Atlanta International Airport (ATL) and Los Angeles International Airport (LAX), according to the official Twitter account of the Russian service of the Voice of America.

Hackers can overwhelm computer servers by sending them many thousands of requests at the same time, disrupting companies and organizations.

Hackers can overwhelm computer servers by sending them many thousands of requests at the same time, disrupting companies and organizations.

DDoS attacks are used to overwhelm computer servers by sending them many thousands of requests at the same time, according to CISA. In this case, the servers hosting the airport sites were swamped with thousands of requests, making it all but impossible for travelers to connect and to get updates about their scheduled flights or book airport services, according to Frank Cilluffo, a former White House cybersecurity official. 

Smart analysis delivered to your inbox: Sign up for the OnPolitics newsletter

Cilluffo said such attacks usually are intended to generate attention rather than to cause significant destruction or even disruption, such as taking down airport operations.

“But they are not trivial and in this case they could be the beginnings of a larger trend,” said Cilluffo, director of the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn…

Source…

Hackers took down U.S. airport web sites, Department of Homeland Security confirms

/in


Unknown hackers attacked and temporarily shut down the public-facing websites of at least several major U.S. airports on Monday, a Department of Homeland Security official confirmed to USA TODAY.

The official from DHS’ Cybersecurity and Infrastructure Security Agency or CISA, declined to comment on who might have been behind what appeared to be a coordinated series of Distributed Denial of Service (DDoS) incidents, which did not affect the actual operations of the airports or planes flying into and out of them.

“CISA is aware of reports of DDoS attacks targeting multiple U.S. airport websites. We are coordinating with potentially impacted entities and offering assistance as needed,” said the official, who declined to speak on the record or provide any more information about the cyber attacks and who might have been responsible.

Russian-speaking “hacktivists” from a group calling itself KillNet claimed responsibility for the attacks, which temporarily took down websites at 14 airports, including the Hartsfield-Jackson Atlanta International Airport (ATL) and Los Angeles International Airport (LAX), according to the official Twitter account of the Russian service of the Voice of America.

A recently discovered cyber attack, most likely tied to Russia, has the potential to affect many companies and organizations.

A recently discovered cyber attack, most likely tied to Russia, has the potential to affect many companies and organizations.

DDoS attacks are used to overwhelm computer servers by sending them many thousands of requests at the same time, according to CISA. In this case, the servers hosting the airport sites were swamped with thousands of requests, making it all but impossible for travelers to connect and to get updates about their scheduled flights or book airport services, according to Frank Cilluffo, a former White House cybersecurity official. 

Smart analysis delivered to your inbox: Sign up for the OnPolitics newsletter

Cilluffo said such DDoS attacks usually are intended to generate attention rather than to cause significant destruction or even disruption, such as taking down the operations of airports.

“But they are not trivial and in this case they could be the beginnings of a larger trend,” said Cilluffo, the director of the McCrary Institute for Cyber and Critical Infrastructure Security…

Source…

Department Press Briefing – October 6, 2022

/in


 

2:13 p.m. EDT

MR PATEL: Good afternoon, everybody. And sorry that we are running just a smidge tardy.

As I promised, we have a special guest with us today. Today it is my pleasure to introduce Ambassador-at-Large for Cyberspace and Digital Policy Nate Fick, who started just a couple weeks ago and had his swearing-in ceremony earlier this week, on October 4th, just in time to kick off Cyber Security Awareness Month.

Last year and over the course of his tenure as Secretary of State, Secretary Blinken has laid out an ambitious modernization agenda to help the State Department lead in the policy areas that will define the coming decades. Cyberspace and digital policy are at the top of that list, and this is the arrival of our first-ever ambassador-at-large to lead our new Cyberspace and Digital Policy Bureau. And this is a key milestone in delivering on the Secretary’s agenda.

Ambassador Fick was unanimously confirmed by the Senate, has an impressive and impeccable record of leadership in both the public and private sector, and is an expert on many issue areas in the cyberspace and digital policy arenas.

I am pleased to have him here. He’s going to have some remarks for you, and then we’ll take a few questions, before he has to continue on with some meetings throughout the day. So Ambassador Fick, please. The floor is yours.

AMBASSADOR FICK: Thank you. Hi, everybody. I don’t know if you keep it like this in here to keep you brief or keep me brief, but it may have that effect. I hope we all have our flu shots. (Laughter.)

My name’s Nate Fick. I’m the new ambassador-at-large leading the Bureau for Cyberspace and Digital Policy. And as you heard, it is – this is my first week in the building. So I will play the new guy card shamelessly.

The – I couldn’t be more excited about this opportunity to lead State’s newest bureau, to lead an organization focused on integrating and elevating the United States approach to technology diplomacy with our partners and allies, and to uphold a vision for how we can all use technology to enrich our lives and uphold democratic values.

I bring to this some personal, visceral convictions. I was a…

Source…

Department of Defense Forks Over $110K to Hackers Who Discovered 349 Bugs

/in


The US Department of Defense (DoD) has paid out $110,000 in bounties and bonuses to ethical hackers who discovered 349 “actionable” vulnerabilities on its networks.

As The Record reports(Opens in a new window), the vulnerabilities were discovered at a week-long “Hack U.S.(Opens in a new window)” event held in July through a partnership with Hackerone. It tasked so-called white hat (ethical) hackers with finding “High” and “Critical” severity vulnerabilities on any publicly accessible information systems, including web property or data owned, operated, or controlled by the DoD.

In total, 349 actionable vulnerabilities were discovered, leading to the DoD paying out $75,000 in bounties. A further $35,000 was paid out in bonuses and awards.

Melissa Vice, the Vulnerability Disclosure Program director, said in a statement, “in just seven days, Hack U.S. ethical hackers submitted 648 reports, including numerous which would be considered critical had they not been identified and remediated during this bug bounty challenge … This bounty challenge shows the extra value we can earn by leveraging their subject matter expertise in an incentivized manner.”

Hack U.S. is just the latest successful bug bounty program run to discover vulnerabilities and make the US government’s networks more secure. It all started back in 2016 with the launch of a “Hack the Pentagon” program, which discovered 138 problems.

Recommended by Our Editors

Katie Olson Savage, deputy chief digital and artificial intelligence officer and Defense Digital Service director, said “this crowd-sourced security approach is a key step to identifying and closing potential gaps in our attack surface.” We should therefore expect another DoD bug bounty to run in 2023.

PCMag Logo Readers’ Choice Awards 2021: Antivirus Software and Security Suites

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

Source…