Tag Archive for: hackers

DC Police personnel files obtained by hackers in recent ransomware attack, acting police chief says

/in


Robert Contee wrote in an email to staff, “I can confirm that HR-related files with Personally Identifiable Information (PII) were obtained. As we continue to determine the size and scope of this breach, please note that the mechanism that allowed the unauthorized access was blocked.”

The police department is “working to identify all impacted personnel,” Contee wrote, acknowledging that the incident is “extremely stressful and concerning to our members.”

The attackers had posted a ransom note claiming they had stolen more than 250 GB of data and threatening to publish the material if they were not paid. The ransomware group Babuk claimed credit for the attack, posting screenshots of the note that were flagged by cybersecurity researchers.

“We are aware of unauthorized access on our server. While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter,” the Metropolitan Police said in a statement to CNN on Monday evening.

In its claims, the Babuk group suggested it had obtained information on Metropolitan Police informants and threatened to weaponize that information if the department did not respond within three days. The group also vowed additional attacks targeting the FBI.

Ransomware locks out the rightful user of a computer or computer network and holds it hostage until the victim pays a fee. Increasingly, ransomware attackers are also stealing victims’ data, government officials and cybersecurity researchers have warned.

The Babuk strain of ransomware was first discovered earlier this year, according to a February threat analysis paper published by the security firm McAfee.

Little is known about the group behind the malicious software, but it appears to fit the mold of other ransomware attackers in that it primarily targets large, well-funded organizations, the paper said.

Since January, 26 government agencies based within the United States have been hit by ransomware, Neal Dennis, a threat intelligence specialist at the cybersecurity firm Cyware, said. More than a dozen have involved cases of data theft and threatened extortion.

CNN’s Zachary Cohen, Brian Fung and Alex Marquardt contributed to this report.

Source…

cyber security hackers computer chip

/in


ANN ARBOR, Mich. – To build a computer chip with cyber security sufficient to resist hacking, University of Michigan students took inspiration from a structure uniquely designed to stop intruders: the human immune system. Government Technology reports. Continue reading original article

The Military & Aerospace Electronics take:

29 April 2021 — A professor and a group of graduate students at Michigan spent six years building Morpheus, a computer chip that sought to defeat the sort of cyber attacks that threaten Americans every day, from banking and financial systems to computer security and medical data.

The University of Michigan chip was put to the test from last June through August in a competition called Finding Exploits To Thwart Tampering (FETT) from the U.S. Department of Defense.

More than 500 hackers were offered up to $50,000 to try to crack Morpheus in a mock medical database. None succeeded. Because of Morpheus’ success in thwarting the hackers, experts plan to turn the chip into a commercial venture that can benefit government, industry, and perhaps consumers.

Related: Six companies and five universities pursue built-in trusted cyber security for complex digital chips

Related: Military cyber security: threats and solutions

Related: Military researchers eye built-in trusted computing and cyber security for complex digital chips

John Keller, chief editor
Military & Aerospace Electronics

Source…

10K Hackers Defend the Planet Against Extraterrestrials

/in


Hack the Planet’s Cyber Apocalypse capture-the-flag contest attracts 10,000 competitors from across the globe.

(image by Yulyia, via Adobe Stock)

(image by Yulyia, via Adobe Stock)

Extraterrestrial hackers pelted Earth with a hideous array of cyberattacks in a nefarious effort to take over the planet — and during Earth Day celebrations, no less. Fortunately, thousands of volunteer security defenders were at the ready to save the planet.   

So goes the tale of “Cyber Apocalypse 2021,” the first capture-the-flag (CTF) competition that Hack the Box (HTB) opened up to any and all players across the globe. HTB has a dedicated CTF platform, which has been used to host closed CTF events for universities and businesses. As Daphne Deiktaki, Hack the Box’s head of marketing, said in an interview before the event, Cyber Apocalypse was different because, “We are inviting absolutely everyone in the world. Anyone can join.”

By the time the CTF event closed Friday, 4,470 teams and 9,900 individual players had participated and collectively submitted over 23,000 flags. 

Why the week of Earth Day? “The message is, ‘It’s only you who can save us from this terrible fate,'” said Deiktaki. “It’s a way of raising awareness of environmental issues and educating people about cybersecurity at the same time.”

Challenges were created by subject matter experts from Hack the Box and partner CryptoHack, and ranged from difficulty level “beginner” to “insane.” The tasks fell into seven categories: Web, Pwn, Reversing, Cryptography, Forensics, Hardware, and Miscellaneous.

The most dominant flag catchers of the tournament were teams AIGenerated, HackTheCardboardBox, and bootplug. They didn’t just earn top bragging rights either. Prizes included cash, swag, VIP memberships, and credits for training courses, for a total value of US$16,000.

Another big winner of the event: Code.org, a nonprofit organization dedicated to expanding access to computer science education and increasing participation by young women and students from underrepresented groups.

“We wanted to give back,” Deiktaki said. “We wanted to find organizations that were close to our mission. And Code.org just seemed like a great match.” The Cyber Apocalypse event raised $3,000…

Source…

Hackers claim to have infiltrated internal D.C. police files

/in


Hackers who claim to have infiltrated the D.C. police department’s computer network are threatening to publicize confidential files that could reveal names of suspected gang members and intelligence from crime briefings, according to online posts reviewed by cybersecurity experts.

Loading...

Load Error

A ransomware entity called Babuk posted its warning on the dark Web, purporting to have downloaded a vast array of information, and warned police to “get in touch as soon as possible and pay us, otherwise we will publish the data.”

The group posted several pictures of suspected gang members and maps drawn by police of territories claimed by street crews, a sample of information experts say is meant to prove their threats are real. Babuk said it downloaded 250 gigabytes of data, which could be large enough to store up to 70,000 photos or tens of thousands of documents, according to computer security experts.

Babuk displayed screenshots of dozens of file folders, including ones dealing with discipline and listed by officer names, and others titled “known shooters,” “most violent person,” “RAP feuds,” “gang conflict report” and “strategic crime briefings.”

Authorities including the FBI are trying to determine whether Babuk actually has gained access to those files.

One security expert provided screenshots of the group’s online comments to The Washington Post. A D.C. official familiar with the investigation, who spoke on the condition of anonymity because a probe is underway, confirmed the city is looking into the claims believed to be made by Babuk.

“It’s fair to say it’s very serious,” said D.C. Council member Charles Allen (D-Ward 6), who chairs the public safety committee. “It’s open to assessment as to how serious.”

Allen said authorities “are trying to assess and understand what happened,” and what type of information may have been stolen. He said he learned the hackers probably did not get access to files shared by the District and federal law enforcement authorities.

But still, if the group has the documents it claims, revealing them could affect ongoing criminal investigations, publicize personal information about…

Source…