Tag Archive for: Enforcement

Hackers Reportedly Gain Access to Drug Enforcement Administration Data Portal

/in


It’s thought hackers have managed to compromise a data portal run by the US Drug Enforcement Administration (DEA), unlocking access to a wealth of information.

As cybersecurity journalist Brian Krebs reports, the breach would have allowed the attackers to prowl through 16 federal law enforcement databases covering a wide variety of investigative data. How did this happen? A failure to implement multi-factor authentication seems to be a key cause.

Krebs wrote that he’s learned “the alleged compromise is tied to a cybercrime and online harassment community that routinely impersonates police and government officials to harvest personal information on their targets.”

He said a tip for this story came from an unnamed administrator at Doxbin—“a highly toxic online community that provides a forum for digging up personal information on people and posting it publicly.” Krebs further noted that this unauthorized access could be abused to upload fake data about suspects, citing commentary from Nicholas Weaver, a researcher at the University of California at Berkeley’s International Computer Science Institute.

False tips have often been used to initiate “swatting” attacks, in which hoax reports about crimes in progress lead to police swarming a residence with heavily armed SWAT teams. The target–or a random bystander–can wind up dead in the process. 

Unfortunately, Krebs has personal experience with that scenario. In 2013, Fairfax County, Va., police showed up at his door, guns drawn after getting a phony tip that Russians had broken in and shot his wife. The perpetrator was caught after participating in an online forum clandestinely run by the FBI, and subsequently got sentenced in 2016.

The login page for the DEA’s El Paso Intelligence Center (yes, EPIC) invites users to log in with a government-issued Personal Identity Verification card, but also allows traditional username and password access. The source Krebs spoke to told him that “the hacker who obtained this illicit access was able to log in using the stolen credentials alone, and that at no time did the portal prompt for a second authentication factor.”

That would be a serious security risk for a webmail…

Source…

Open-source Leader Advocates Strong FCC Enforcement of Routing Security

/in


The Federal Communications Commission should consider imposing comprehensive tests and fines—after fair warning and guidance—to ensure internet service providers are taking minimal steps to protect the global internet routing system from malicious hackers, according to comments a leader in the open-source security community submitted to the agency.

“Voluntary compliance has failed to ensure compliance with even basic measures; companies have negligently allowed hijacking for decades, even when well-known and practical countermeasures exist,” wrote David Wheeler, director of open source supply-chain security for the Linux Foundation. “The FCC should establish a testing regime to ensure that Internet routing, if depended on by others, strongly resists hijacks using currently practical measures such as [Resource Public Key Infrastructure]”

Comments were due Monday in response to an inquiry the FCC made on the issue in the wake of the Russia-Ukraine conflict. The commission is concerned about hackers’—particularly powerful nation-state actors’—ability to manipulate the Border Gateway Protocol to redirect internet traffic by pretending to offer a more efficient network path. Resource Public Key Infrastructure, or RPKI, refers to a system of certificates and cryptographic attestation for stakeholders to validate the origin and authorize the route internet traffic should take. 

In response to the FCC asking about the extent to which network operators have implemented available security measures, Wheeler pointed to a test established by the content distribution network Cloudflare. The test is a simple red-team exercise that advertises a route known to be spurious. Cloudflare committed to implementing RPKI in the fall of 2018.   

“Those US organizations who fail should be notified, provided guidance on how to fix the problem, & given a grace period … to (re)gain compliance,” Wheeler said. “After the grace period there need to be incentives for failing US organizations to change to implement at least minimal efforts … These incentives should include grants if the organization is a not-for-profit, publishing a list of non-compliant entities, and then…

Source…

U.S. Law Enforcement Charges Russian Nationals In Global Energy Hacking Scheme

/in


The Department of Justice unsealed charges brought against four Russian nationals who are accused of working for the Russian government while simultaneously attempting to hack into the online infrastructure of the global energy sector.

In two indictments, the defendants are accused of hacking thousands of computers across hundreds of companies and firms in 135 individual countries participating within the energy industry.

“Russian state-sponsored hackers pose a serious and persistent threat to critical infrastructure both in the United States and around the world,” said Deputy Attorney General Lisa O. Monaco. “Although the criminal charges unsealed today reflect past activity, they make crystal clear the urgent ongoing need for American businesses to harden their defenses and remain vigilant.”

The prosecutors allege that three officers of Russia’s Federal Security Service and other co-conspirators targeted software systems in the global energy sector to give the Russian government the ability to compromise the overall industry.

One indictment alleges that Pavel Aleksandrovich Akulov, 36, Mikhail Mikhailovich Gavrilov, 42, and Marat Valeryevich Tyukov, 39, of engaging in a two-part hacking attempt to further the Russian state agenda, targeting international oil and gas companies between 2012 and 2017. They allegedly targeted hardware and software devices that control power generation equipment. 

The hacking infected legitimate software updates with malware to provide a “backdoor” entrance for hackers to access infected networks. 

The second phase involved targeting individuals and engineers with spearphishing attacks—some of which were successful—and infecting sites commonly visited by energy sector engineers with malware.

The defendants are charged with conspiracy to cause damage to the property of an energy facility and commit computer fraud and abuse, and conspiracy to commit wire fraud. Akulov and Gavrilov are also charged with multiple counts of wire fraud and illegally obtaining information stored on computer networks. Akulov and Gavrilov also face three counts of aggravated identity theft.

In the second indictment, Evgeny Viktorovich Gladkikh, 36, is accused of…

Source…

AnyVision OnPatrol: A tactical surveillance mobile app for law enforcement and military personnel

/in


AnyVision announced the availability of OnPatrol, a tactical surveillance mobile application that protects law enforcement and military personnel by recognizing persons of interest and alerting officers in real-time via their mobile device (e.g., phone or bodycam).

“Public trust in the safety and security provided by law enforcement agencies is of paramount importance. AnyVision OnPatrol can help de-escalate potential threats and prevent physical harm by identifying criminals and dangerous individuals in real-time through our Recognition AI technology,” said Dieter Joecker, AnyVision’s CTO. “It is designed specifically to recognize and check individual faces against a designated watchlist — even when people are in motion, captured in poor lighting, or partially obscured by surrounding people.”

This type of watchlist alerting stands in stark contrast to other facial recognition solutions, which leverage neural networks to compare photos at a crime scene against a massive database of pictures to find possible matches. Instead, OnPatrol identifies only persons of interest that have already been flagged as a dangerous or missing person, protecting the privacy of bystanders.

The timing of the release dovetails with the recent announcement by the U.S. Justice Department that the Bureau of Justice Assistance is releasing $7.65 million USD in a competitive microgrant grant solicitation that will fund body-worn cameras to any law enforcement department with 50 or fewer full-time sworn personnel, rural agencies (those agencies within non-urban or non-metro counties), and federally-recognized tribal agencies.

Some of OnPatrol’s key benefits include:

  • Police protection: Improve police safety, situational awareness, and community service by allowing officers to assess the threat level of people around them in either 1:1 encounters or in group environments.
  • Low- or no-bandwidth environments: Whether underground or in remote areas, OnPatrol can still provide security alerts in real-time if a person of interest is identified from the body camera or camera glasses. Thanks to edge computing, the entire video analytics process happens offline within the officer’s body camera…

Source…