web analytics
December 5, 2016 / 5 Kislev, 5777

Posts Tagged ‘computer security’

Two Israeli Hackers Arrested for Grand Scale Denial of Service

Sunday, September 11th, 2016

Two Israeli hackers, Itay Huri and Yarden Bidany, were arrested last Thursday, according to police, in response to an FBI request. The two were remanded to house arrest under constant supervision on Friday, and their passports were confiscated. Brian Krebs, who blogs on cyber security, reported on Friday that the two Israelis are behind a service that brought in an estimated $600,000 in two years for selling customers denial-of-service (DDoS) attacks that knock websites offline. According to Krebs, the hackers have been themselves hacked “massively,” revealing the identities of thousands of paying customers and the websites they wanted to target.

Krebs says the attack website, named vDOS (the URL is marked as risky by most browsers), was “responsible for a majority of the DDoS attacks clogging up the Internet over the past few years,” as the two hackers were selling their services for between $20 and $200 a pop, depending on the duration of the attacks. It appears that in the four months between April and July 2016, “vDOS was responsible for launching more than 277 million seconds of attack time,” or just under 9 years of denial of service packed into 120 days.

According to Krebs, “vDOS had a reputation on cybercrime forums for prompt and helpful customer service,” which is why its leaked databases “offer a fascinating glimpse into the logistical challenges associated with running a criminal attack service online that supports tens of thousands of paying customers — a significant portion of whom are all trying to use the service simultaneously.”

Itai Huri recently co-authored an article published by an Israeli cyber security website named Digital Whisper, discussing ways to initiate large scale DDoS attacks using limited computing power. Huri’s bio under the article reads: Itai Huri is 18 and about to be enlisted in the IDF. He spends his free time in web development and data security.”

JNi.Media

Meet the Israeli Startup that Cracked the ISIS Target List

Thursday, August 4th, 2016

By Michael Zeff/TPS

Herzliya (TPS) – An emerging Israeli startup firm in the cyber-security sector managed to infiltrate an encrypted Islamic State group and to retrieve the terror organization’s latest list of international attack targets.

IntSights is a cyber-intelligence startup company, founded by three Israeli entrepreneurs in their 20s. The founders are veterans of top IDF intelligence and cyber-warfare units, and already according to the founders, their clients include large international establishments such as banks, industry giants and telecommunications companies.

“IntSights is a small company which provides intelligence and incident mitigation in real time by gathering and analyzing data from the darknet, an encrypted and secretive section of the Internet often used by criminal elements,” Alon Arvatz, VP Intelligence and Co-Founder, told Tazpit Press Service (TPS) in an interview. “Using the technology we developed, we intercepted the most recent target-list sent by the Islamic State to its operatives around the world.”

IntSights analysts used their expertise to infiltrate a Telegram Messenger chat used by the Islamic State terror group to communicate internationally. The Telegram application has been used by the top 500 Islamic State operatives to share plans and locations for potential terrorist attacks mandated by the IS leadership.

“The Telegram app is completely encrypted, which means no fear of someone monitoring your correspondence and understanding what it means,” Arvatz explained. “That’s why IS moved from traditional social media to Telegram over the last year.”

According to IntSights, the application is used by Islamic State cyber-warfare arm, the United Cyber Caliphate, to publish targets in the form of a call to action with the knowledge that someone around the world would answer the call and carry out an attack.

“The church in France that was recently the location of a deadly attack appeared on a target list published several months ago and someone recently decided to answer the call and attacked that very church,” said Arvatz. “This proves beyond doubt that there is a direct link between cyber activity and actual terror attacks.”

The newest target list was published on the Telegram group on Monday and was intercepted by IntSights.

“The long list includes exact coordinates for each and every target, all of which are airports and air bases that are used or could be used by the United States Air Force all over the world,” Arvatz told TPS.

The list was followed by a file with a world map on which all the airports and bases were marked with pinpoint precision, as well as aerial footage of the higher priority targets. Entries in the list that were marked as “preferred targets,” include the Ahmed Al Jaber Air Base in Kuwait and two Bahraini airports. The full list includes targets in Latin America, Europe and even Israel.

TPS / Tazpit News Agency

Knesset Committee Praises Israel’s Cyber Protection, But Raises Concerns

Tuesday, August 2nd, 2016

By Michael Bachner/TPS

Jerusalem (TPS) – The Knesset Foreign Affairs and Defense Committee (FADC) published a report on Monday praising measures put forth by the government in the field of cyber-security, a field in which Israel is considered to be a global leader. The committee suggested guidelines for the administration of the new authority responsible for Israel’s cyber-attack preparedness, but also expressed concerns that the new body, the National Cyber Authority, would not fit in well with the existing security agencies.

The committee’s concern was echoed by politicians. “The National Cyber Aythority and the security agencies are bodies with different interests and methods,” said MK Anat Berko of the Likud party. “This is why I am concerned about the need to divide responsibilities between them.”

“Since the National Cyber Authority is not a security agency, and includes civilian bodies as well, I am afaraid of the possibility of sensitive information leaking outside,” added Berko.

A subcommittee of the FADC focusing on cyber security has held a series of discussions over the past year with the goal of studying and overseeing improvement of defenses against cyber attacks and of examining the implications of the government’s decision to establish the National Cyber Authority as well as its implementation.

The new report summarizes the research conducted by the subcommittee and presents its conclusions on the optimal way to divide responsibility between the different bodies involved in cyber protection and on necessary further measures.

The report states that the cyber threat is a growing challenge to the State of Israel, but says that the government has recognized the threat in time and has started taking steps to prepare an adequate response.

The new authority will consider both security and political-diplomatic implications and will properly organize the gathering of information on cyber attacks against Israeli targets.

The authority will not gather intelligence independently, but will rely on the work of existing intelligence agencies. The Israeli security agencies will continue to be responsible for their own cyber protection and they will be the ones to actually collectthe information.

Finally, the subcommittee addressed the new cyber law being formulated and recommended that the law be written in cooperation with all relevant security and civilian bodies to ensure that it does not cause security risks and that it fits well into the Israeli cyber-security system.

TPS / Tazpit News Agency

L’Express: Israel Spied on French Prime Minister’s Cellphone

Thursday, July 7th, 2016

When French Prime Minister Manuel Valls was visiting Israel from May 21 to 24 this year, he meant to carry a message of reconciliation to revive the peace process with the Palestinian Authority. But, according to a report in L’Express, the “friend of Israel” as Valls likes to present himself, did not expect the special reception he received: he and his entourage were asked to leave their secure phones before being ushered into high profile meetings, and when they took them back, the delegation was shocked to find that many of the phones showed signs of an “anomaly.”

Back in Paris, the devices that were suspected of having been handled by Israel were handed over to L’Agence nationale de la sécurité des systèmes d’information (The National Agency for computer security, ANSSI) for further investigation, which is still ongoing.

“We never comment on the results of a potential attack,” an ANSSI spokesperson told L’Express. The spokesperson acknowledged that a laptop belonging to the prime minister’s entourage broke down during the visit to Israel, adding that “the current investigation is part of normal procedure,” and that allies don’t spy on one another.

L’Express expects that this suspicion of electronic monitoring may have an adverse effect on the already complicated relations between France and Israel.

Prime Minister Benjamin Netanyahu’s office has issued a statement saying that “Israel denies this information. Israel considers France a friendly country, to which we transmit information if necessary, and against which we do not spy.”

David Israel

21.5 Million Americans Affected in Mega Hack By Cyber Attackers

Friday, July 10th, 2015

Cyber thieves managed to steal “sensitive information” belonging to 21.5 million U.S. citizens who applied for federal jobs, beginning in May 2014, according to the Office of Personnel Management.

The breach was not discovered until May 2015, OPM revealed in testimony before the Congress. Previous reports on the breach estimated that up to 18 million people were affected by the hack.

Among those were nearly 20 million who had allowed investigators to do deep background checks, and nearly two million more who were their life partners.

FBI Director James Comey confirmed on the Wednesday that his own data had been compromised as well.

Some of the files included “residency and educational history; employment history; information about immediate family and other personal and business acquaintances; health, criminal and financial history; and other details,” OPM said in a statement Thursday.

The massive cyber heist is separate from one that was reported earlier this year, in which hackers stole the personal data of 4.2 million past and present federal employees.

In addition to social security numbers and other personal information, copies of approximately 1.1 million records of fingerprints were stolen, according to the statement issued by OPM. Some of the records also included “findings from interviews conducted by background investigators” as well as the user names and passwords that applicants used to fill out investigation forms. The agency also noted that some mental health and financial information was included in the security clearance files affected by the breach.

Sources said there is evidence linking the breaches to China, although there have been no official statements on the connection.

In response to the attacks, agency direcctor Katherine Archuleta wrote in a blog post Thursday that she would create a position for a cyber security adviser at OPM, who would be tasked with establishing an online cyber security incident resource center and consulting with private sector experts on technology threats.

The agency is offering identity theft monitoring and protection services, and credit to those whose records were compromised in the breach.

Hana Levi Julian

Hackers Stole Personal Data of All US Federal Workers, Past & Present

Friday, June 12th, 2015

That cyber attack on the U.S. Office of Personnel Management, revealed to the American public just a few days ago, turns out to be a mammoth violation; worse than the White House is willing to admit.

The personal information of every single federal worker, retired, current, past and present has been stolen in one of the biggest heists by hackers the U.S. has ever faced — affecting far more than the initial report of “at least four million government employees,” according to a report in the Friday edition of the New York Post.

It is believed the attack was traced back to China, according to myriad American media reports. The Obama administration has to yet to formally accuse China of the cyber security attack, however.

China has been involved in numerous industrial cyber attacks on corporations in the United States. Hackers traced to Russia have also carried out a number of cyber attacks in the U.S.

In Israel, cyber warfare has long been considered a major threat — one the Jewish State geared up to deal with by creating an entire government division devoted solely to cyber defense and cyber warfare.

The U.S. OPM breach apparently occurred in December; but it was not until April that it was discovered, and the news did not reach the public until this month.

Among the personal details stolen by the cyber thieves were the social security numbers, dates of birth and addresses, according to J. David Cox, head of the American Federation of Government Employees.

Military records, employment histories, gender, race and insurance information was also taken from the records penetrated in the U.S. Office of Personnel Management.

In a letter that Cox wrote to OPM director Katherine Archuleta, he charged the agency with not encrypting highly sensitive personal data of those who work for the government.

“We believe that Social Security numbers were not encrypted, a cybersecurity failure that is absolutely indefensible and outrageous,” Cox said.

Personnel data files contain up to 780 pieces of information about each federal employee, according to the NY Post.

OPM has signed a $20 million deal with a private cyber security firm to provide 18 months of identity fraud protection for those who are affected.

Hana Levi Julian

Cyber Attack Strikes More US Govt Offices , 4 Million Affected

Friday, June 5th, 2015

Do you or any of your family work for the federal government? If so, prepare to change all of your computer passwords and consider doing the same at your bank.

At least four million current and former civil service workers have had their privacy violated by hackers who breached computer systems at the U.S. Office of Personnel Management and the Department of the Interior.

According to a report in The Washington Post, the attack was carried out by Chinese hackers, as have previous U.S. industrial breaches.

OPM notified those whose “personally identifiable information” may have been compromised, offering 18 months of credit monitoring for those who were affected.

OPM Director Katherine Archuleta told journalists at a news conference the government is working on trying to improve its cyber security. “We take very seriously our responsibility to secure the information stored in our systems,” she said.

The breach was first detected in late April and confirmed in early May. It is unclear when the attack began.

It is the Department of Homeland Security that is tasked with cyber defense. DHS officials said they were working with the FBI to get to the bottom of who was behind the current attack.

“DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analyses to assess the extent of this alleged intrusion,” DHS spokesperson Sy Lee said.

Congressman Adam Schiff, the ranking Democrat on the House Intelligence Committee, said “The cyber threat from hackers, criminals, terrorists and state actors is one of the greatest challenges we face on a daily basis, and it’s clear that a substantial improvement in our cyber databases and defenses is perilously overdue.”

Hana Levi Julian

Printed from: http://www.jewishpress.com/news/breaking-news/cyber-attack-strikes-more-us-govt-offices-4-million-affected/2015/06/05/

Scan this QR code to visit this page online: