AR-Technologies News: Cyber Security

FBI Arrests Anonymous Hacker Accused of Hacking Hospital’s Computer

Federal Bureau of Investigation (FBI) have claimed that they have arrested a man accused of hacking computers in Children’s Hospital. The arrested man had escaped from the country and was later detained by the authorities in Miami after he along with his wife were rescued by Disney Cruise Ship from a sail boat.

Hackers have held California Hospital’s Network Hostage for $3.6 Million.

At Los Angels the computers were completely down for a week after some malicious software ended up its internal network. Patients were transferred to other hospitals because of the outage.

Hackers have held California Hospital's Network Hostage for $3.6 Million

Hackers have held California Hospital's Network Hostage for $3.6 Million

They connected medical devices and portals as well. The attackers at Los Angels have asked for $3.6 million to decode the system and also hospital files, COS Reports. The staff at Los Angels were asked to turn fax machines, landline telephones and to write medical reports on paper.

According to COS, the incident was unexpected, like a hospital staffer clicked a malicious link that eventually spread the malware throughout network. The hospital management didn’t respond to a request as it hadn’t expected on how far the attack has spread, what kind of malicious software has infected its network.

Police Arrested International ATMs Hackers in Romania

Police Arrested Internation ATMs Hackers in Romania

NEXT WAR

Cybersecurity Overview

Cyberspace and its underlying infrastructure are vulnerable to a wide range of risk stemming from both physical and cyber threats and hazards. Sophisticated cyber actors and nation-states exploit vulnerabilities to steal information and money and are developing capabilities to disrupt, destroy, or threaten the delivery of essential services. A range of traditional crimes are now being perpetrated through cyberspace. This includes the production and distribution of child pornography and child exploitation conspiracies, banking and financial fraud, intellectual property violations, and other crimes, all of which have substantial human and economic consequences

Combating Cyber Crime

Today’s world is more interconnected than ever before. Yet, for all its advantages, increased connectivity brings increased risk of theft, fraud, and abuse. As Americans become more reliant on modern technology, we also become more vulnerable to cyberattacks such as corporate security breaches, spear phishing, and social media fraud. Complementary cybersecurity and law enforcement capabilities are critical to safeguarding and securing cyberspace. Law enforcement performs an essential role in achieving our nation’s cybersecurity objectives by investigating a wide range of cyber crimes, from theft and fraud to child exploitation, and apprehending and prosecuting those responsible. The Department of Homeland Security (DHS) works with other federal agencies to conduct high-impact criminal investigations to disrupt and defeat cyber criminals, prioritize the recruitment and training of technical experts, develop standardized methods, and broadly share cyber response best practices and tools. Criminal investigators and network security experts with deep understanding of the technologies malicious actors are using and the specific vulnerabilities they are targeting work to effectively respond to and investigate cyber incidents.

DHS components such as the U.S. Secret Service and U.S. Immigration and Customs Enforcement (ICE) have special divisions dedicated to combating cyber crime.

U.S. Secret Service

The U.S. Secret Service maintains Electronic Crimes Task Forces, which focus on identifying and locating international cyber criminals connected to cyber intrusions, bank fraud, data breaches, and other computer-related crimes. The Secret Service’s Cyber Intelligence Section has directly contributed to the arrest of transnational cyber criminals responsible for the theft of hundreds of millions of credit card numbers and the loss of approximately $600 million to financial and retail institutions. The Secret Service also runs the National Computer Forensic Institute, which provides law enforcement officers, prosecutors, and judges with cyber training and information to combat cyber crime.

U.S. Immigration and Customs Enforcement (ICE)

The U.S. Immigration and Customs Enforcement (ICE) Homeland Security Investigations (HSI) Cyber Crimes Center (C3) delivers computer-based technical services to support domestic and international investigations into cross-border crime. C3 is made up of the Cyber Crimes Unit, the Child Exploitation Investigations Unit, and the Computer Forensics Unit. This state-of-the-art center offers cyber crime support and training to federal, state, local, and international law enforcement agencies. C3 also operates a fully equipped computer forensics laboratory, which specializes in digital evidence recovery, and offers training in computer investigative and forensic skills.

Law Enforcement Cyber Incident Reporting

The Law Enforcement Cyber Incident Reporting resource provides information for state, local, tribal, and territorial (SLTT) law enforcement on when, what and how to report a cyber incident to a federal entity. The document also provides information on federally sponsored training opportunities and other useful resources available to SLTT law enforcement.

Securing Federal Networks

The federal enterprise depends on information technology (IT) systems and computer networks for essential operations. These systems face large and diverse cyber threats that range from unsophisticated hackers to technically competent intruders using state-of-the-art intrusion techniques. Many malicious attacks are designed to steal information and disrupt, deny access to, degrade, or destroy critical information systems.

The Department of Homeland Security (DHS) works with each federal civilian department and agency to promote the adoption of common policies and best practices that are risk-based and able to effectively respond to the pace of ever-changing threats. As systems are protected, alerts can be issued at machine speed when events are detected to help protect networks across the government information technology enterprise and the private sector. This enterprise approach will help transform the way federal civilian agencies manage cyber networks through strategically sourced tools and services that enhance the speed and cost effectiveness of federal cybersecurity procurements and allow consistent application of best practices.

National Cybersecurity Protection System (NCPS)

The mission of DHS’s Network Security Deployment (NSD) division is to improve cybersecurity to federal departments, agencies, and partners by developing the technologies and establishing the services needed to fulfill CS&C’s cybersecurity mission. To meet that mission need, NSD designs, develops, deploys, and sustains the National Cybersecurity Protection System (NCPS), which provides intrusion detection, advanced analytics, information sharing, and intrusion prevention capabilities that combat and mitigate cyber threats to the Federal Executive Branch information and networks.

NCPS is an integrated system-of-systems that delivers a range of capabilities, including intrusion detection, analytics, intrusion prevention, and information sharing. These capabilities provide a technological foundation that enables DHS to secure and defend the federal civilian government’s information technology infrastructure against advanced cyber threats. NCPS advances DHS’s responsibilities as delineated in the Comprehensive National Cybersecurity Initiative.

One of DHS’s key technologies within the NCPS is EINSTEIN. The goal of the NCPS EINSTEIN set of capabilities is to provide the federal government with an early warning system, improved situational awareness of intrusion threats to federal civilian Executive Branch networks, near real-time identification of malicious cyber activity, and prevention of that malicious cyber activity.

Continuous Diagnostics and Mitigation (CDM)

DHS’s Continuous Diagnostics and Mitigation (CDM) program is a dynamic approach to fortifying the cybersecurity of government networks and systems. CDM provides federal departments and agencies with capabilities and tools that identify cybersecurity risks on an ongoing basis, prioritize these risks based upon potential impacts, and enable cybersecurity personnel to mitigate the most significant problems first. Congress established the CDM program to provide adequate, risk-based, and cost-effective cybersecurity and more efficiently allocate cybersecurity resources.

National Cybersecurity and Communications Integration Center (NCCIC)

DHS’s National Cybersecurity and Communications Integration Center (NCCIC) is a 24/7 cyber situational awareness, incident response, and management center that is a national nexus of cyber and communications integration for the federal government, intelligence community, and law enforcement. The NCCIC shares information among the public and private sectors to provide greater understanding of cybersecurity and communications situation awareness of vulnerabilities, intrusions, incidents, mitigation, and recovery actions.

NCCIC’s United States Computer Emergency Readiness Team (US-CERT) brings advanced network and digital media analysis expertise to bear on malicious activity targeting our nation’s networks. US-CERT develops timely and actionable information for distribution to federal departments and agencies, state and local governments, private sector organizations, and international partners. In addition, US-CERT operates the NCPS, which provides intrusion detection and prevention capabilities to covered federal departments and agencies.

Federal Information Security Management Act (FISMA) Reporting

DHS works collaboratively with federal agencies to build upon the metrics established in previous fiscal years and incorporates updates to ease Federal Information Security Management Act (FISMA) reporting. Current year FISMA documents can be found here.

CYBER SECURTIY

Anonymous Reveals Next Phase in War Against ISIS, 'Mass Uprising' Planned for Friday

Hacker group Anonymous has revealed the next phase in its ongoing fight against the Islamic State. The group invites you and security services to continue to take down, and troll jihadists online. The "mass uprising", in which it expects to see thousands of supporters, is scheduled to happen on Friday.

The hacktivists of Anonymous posted a message on Ghostbin forum, calling for everyone to stand against ISIS on Friday, December 11. The group is seeking help from everyone in its mission to troll the terrorist group. The group wants people to post "mocking photos" of ISIS on social media using the tag #Daesh and #Daeshbags, an obvious play on the alternate name of ISIS and the word douchebags.

Following Paris attacks, the hackers community declared a "war" against the Islamic State. The group claims that it has shut down more than 100 propaganda websites, and taken down more than 25,000 social media accounts belonging to jihadists.

"You may be wondering why we are "trolling" Isis and planning all these demonstrations against Isis. But to understand that you must first see how Isis works," said Anonymous in a recent interview.

"They thrive off of fear they hope that by their actions they can silence all of us and get us to just lay low and hide in fear. But what many forget and even they do is that there are many more people in the world against them than for them," the poster said.

The hacktivists group also showed their capabilities. It took down a targeted website offline performing DDoS (Distributed Denial of Service), an attack wherein millions of bogus requests for resources (Web pages and others) are sent to a server -- often beyond its threshold capacity -- leading to a crash.

"We will mock them for the idiots they are," it added. "We will show them what they really are. They do not stand for a religion, they do not stand for a god, they are brainwashers teaching from the young to the old their propaganda against the "west" when in reality they are just increasing the distance between countries by giving many a bad name."

Big companies up against hackers hunting for corporate scalps

NEW YORK: The co-founder of Europe's only cybersecurity startup accelerator says big companies are waging "asymmetric warfare" against nimble-footed hackers who are increasingly looking to claim corporate scalps.

Moonfruit takes websites offline after cyber-attack threat

Thousands of business and personal websites have been taken offline by web host Moonfruit, after it was threatened with a cyber-attack.

The Moonfruit service lets customers easily build templated websites.

But the company said it had been threatened with a cyber-attack and had decided to make its customers' websites unavailable for "up to 12 hours" to make infrastructure changes.

One business owner told the BBC it was "very bad timing".

On Thursday, 10 December, the company said it had been hit by a distributed denial of service (DDoS) attack.

Attackers bombarded the company's computers to overwhelm them with traffic, so they could not serve its legitimate users.

The company consequently told customers it had decided to take websites offline for "up to 12 hours" starting at 10:00 GMT on Monday.

Film-maker Reece de Ville said: "They have been slow to communicate via their website what is going on.

Moonfruit tweet: Your sites will be offline todayImage.

"I'm going to have hundreds of people finding my site today but not being able to access it.

"I could be losing out on a lot of money from potential clients, and they may not come back if they think the company has gone.

"It's incredibly bad timing, especially for businesses selling Christmas cards and gifts on their website."

Universities suffer cyber-attack

Distributed denial of service (DDoS) attacks began on Monday and are continuing, according to the network's operator, Jisc.

The attacks "have resulted in reduced connectivity and disruption", says a statement on Jisc's facebook page.

Engineers are working to restore normal service, it adds.

'Malicious attack'

DDoS attacks are malicious attempts to interrupt or degrade an internet-connected service, often by flooding that service with large amounts of network traffic.

Jisc, formerly the Joint Information Systems Committee, is a publicly funded body that provides computer network services to higher education and research bodies.

Its statement says it is using "various blocks and filtering" to limit the impact of the disruption, "but the details of each attack are subject to change".

The body says it has had to limit its tweets "as we suspect that those behind today's DDoS attack are adjusting their point of attack based on our Twitter updates".

It also had to close its own website for a period, as it also came under attack.

"We understand the importance of connectivity to colleges, universities and other public sector organisations," said Jisc executive director Tim Kidd.

"We are doing everything in our power to ensure normal service in resumed as soon as possible, and in the meantime to minimise any disruption that users of the Janet network may be experiencing. We apologise for any inconvenience caused."

University of Manchester, one of the universities affected by the attack, said staff and students had experienced intermittent problems accessing external sites.

Emails to staff and students warned them to expect "slow performance or a complete lack of access to external services".

"By flooding the service with excessive network traffic, an attacker is attempting to exceed the capacity of the service, which causes the service to run slowly or become unavailable," the university said.

It added staff and students were experiencing problems with accessing external websites, email, submitting assessments online and external collaboration services for research staff.

Twelve Arrests in Europe for Trojan Horse Cybercrime

The European police agency Europol said Monday it has backed national forces in a two-week crackdown on cybercrime mostly by tech-savvy youngsters, leading to 12 arrests in France, Norway and Romania.

Nine police took part in the operation launched at the start of December, which led to a number of house searches as well as the seizure of several computers and Internet accounts.

Europol's deputy director Wil van Gemert said "crimes committed online remain an urgent and increasing challenge" so police "have to join forces across borders ... to protect the users and prevent young individuals from pursuing a criminal path."

The 12 people detained, mainly either still in their teens or early 20s, were accused of using remote access Trojans that can run undetected on systems and spy on victims computers.

Such malware can scoop up personal data such as passwords or credit card information on infected systems. It can also enable hackers to operate the computer's webcam from a distance.

Those arrested in Romania were suspected of trying to carry out cyber-attacks on US companies based in the country.

A Europol spokeswoman told AFP "it seems unlikely that the detained individuals were part of the same organisation."

"The scale of the activities has been diverse, however the exact scale will become clear during the next stages of the investigation process."

It appeared however that "financial profit is not a likely to have been the main objective for the people detained in Norway."

Norwegian police announced they had arrested five men aged between 16 to 24.

"These were young people, who we hope now that the police have become involved will stop such activities," said a leading police chief Havard Aalmo.

He said it was unfortunate that often "young hackers start off modestly and then become involved in more serious and larger Internet crimes."

Europol did not release the numbers of how many people were arrested separately in France and Romania.The European police agency Europol said Monday it has backed national forces in a two-week crackdown on cybercrime mostly by tech-savvy youngsters, leading to 12 arrests in France, Norway and Romania.