Tag Archive for: united

How the United States Lost to Hackers

/in


There’s a reason we believed the fallacy that offense could keep us safe: The offense was a bloody masterpiece.

Starting in 2007, the United States, with Israel, pulled off an attack on Iran’s Natanz nuclear facility that destroyed roughly a fifth of Iran’s centrifuges. That attack, known as Stuxnet, spread using seven holes, known as “zero days,” in Microsoft and Siemens industrial software. (Only one had been previously disclosed, but never patched). Short term, Stuxnet was a resounding success. It set Iran’s nuclear ambitions back years and kept the Israelis from bombing Natanz and triggering World War III. In the long term, it showed allies and adversaries what they were missing and changed the digital world order.

In the decade that followed, an arms race was born.

N.S.A. analysts left the agency to start cyber arms factories, like Vulnerability Research Labs, in Virginia, which sold click-and-shoot tools to American agencies and our closest Five Eyes English-speaking allies. One contractor, Immunity Inc., founded by a former N.S.A. analyst, embarked on a slippier slope. First, employees say, Immunity trained consultants like Booz Allen, then defense contractor Raytheon, then the Dutch and the Norwegian governments. But soon the Turkish army came knocking.

Companies like CyberPoint took it further, stationing themselves overseas, sharing the tools and tradecraft the U.A.E. would eventually turn on its own people. In Europe, purveyors of the Pentagon’s spyware, like Hacking Team, started trading those same tools to Russia, then Sudan, which used them to ruthless effect.

As the market expanded outside the N.S.A.’s direct control, the agency’s focus stayed on offense. The N.S.A. knew the same vulnerabilities it was finding and exploiting elsewhere would, one day, blow back on Americans. Its answer to this dilemma was to boil American exceptionalism down to an acronym — NOBUS — which stands for “Nobody But Us.” If the agency found a vulnerability it believed only it could exploit, it hoarded it.

This strategy was part of what Gen. Paul Nakasone, the current N.S.A. director — and George Washington and the Chinese strategist Sun Tzu before him…

Source…

Opinion | With Hacking, the United States Needs to Stop Playing the Victim

/in


As solid as the U.S. cyberoffense is, the defense leaves much to be desired, richly demonstrated by the litany of digital disasters, including the hacks of SolarWinds, the Office of Personnel Management, Equifax and Sony. The reality is that the U.S. government and private companies both underinvest in cybersecurity. Effective defense is a collective effort, but agencies and companies are often clueless and defenseless when it comes to countering the intrusions of countries like Russia, China or Iran.

In recent years, there have been suggestions that the United States might explore international agreements by which nations would agree to put constraints on cyberwarfare and espionage. But this idea isn’t really taken seriously. There’s a sense that rules are written by those with the biggest guns — that is Washington — can unilaterally impose global cyberorder.

The SolarWinds hack lays waste to that notion. Confidence that the United States possesses a monopoly on cyberweapons borders on hubris. Even though federal agencies do possess some of the greatest cyberespionage and warfare tools and talent on the planet, the playing field is disturbingly even.

Unlike nuclear weapons, or even sophisticated conventional arms, powerful cyberweapons are cheap to produce, proliferate with alarming speed and have no regard for borders. Unable to match the United States in military spending, Russia, China, Iran and even North Korea view cybertools as a great equalizer. Why? Because the United States is singularly vulnerable to cyberattack: America is more reliant on financial, commercial and government networks than our adversaries, and, at the same time, our systems are frighteningly open and vulnerable to attack. American networks represent targets for our adversaries that are simply too soft, juicy and valuable to resist.

So, does the United States give up and do nothing? Of course not.

First, the United States should recognize that it has entered an age of perpetual cyberconflict. Unlike conventional wars, we cannot end this fight by withdrawing troops from the battlefield. For the indefinite future, our adversaries, large and small, will test our defenses, attack our networks and steal…

Source…

Manchester United hack: UK’s cyber security agency assisting the club

/in


The UK’s cyber security agency is assisting Manchester United over a cyber attack earlier this month which has left the football club unable to yet fully restore their computer systems.

The Premier League club confirmed the hacking on November 20 and said it was not “aware of any breach of personal data associated with our fans and customers”.

Source…

Premier League clubs to tighten cyber security methods after Manchester United hack

/in


Premier League clubs are expected to tighten cyber security methods as investigators warn a hack on Manchester United is just the tip of an iceberg.

United are believed to be facing a seven-figure ransom demand over the attack, which has left the club unable to yet fully restore its computer systems. GCHQ cyber security agents have been called in to help.

The National Cyber Security Centre recently published a report showing 70 per cent of major sports organisations are targeted by hackers every 12 months.

Ciaran Martin, a professor at the University of Oxford’s Blavatnik School, told Telegraph Sport on Friday night how he saw attacks on sporting organisations rise while he was chief executive at the NCSC.

“The risk to sport was on the up, not markedly, but incrementally, because of the realisation by potential attackers of rich sources of data and money that might be available from sporting organisations,” he said. “It’s big business, as we all know.”

Manchester City say it is a “matter of public record” that they have also been repeatedly targeted. In February, an IT worker was arrested amid claims he got players’ personal details and records of confidential transfer talks from Pep Guardiola’s email account. Last week, it also emerged British athletes were among hundreds of female sports stars and celebrities whose personal photographs had been breached in an iCloud attack.

“Sports organisations are at risk from cyber attacks for two reasons,” Martin, one of the leading figures in the UK’s fight against cyber crime, said. Nation-state attacks – such as Russia’s breach against the World Anti-Doping Agency in August 2016 – are high profile, but rare, he explained. “The other, which looks more likely here – although I must stress I don’t know the details because I’m not in Government any more – would appear to be a standard criminal ransom attempt to extort money by encrypting data or otherwise compromising data.”

The Football Association beefed up its security ahead of the World Cup in Russia in 2018, but many Premier League clubs have yet to bring their security levels in line with some other sectors.

Government has no powers to…

Source…