|Obama draws cyber
line in sand
the U.S. thinks the Russians hacked the White House
Oliver tackles surveillance in surprise Snowden scoop
match made in heaven: fraud & social media
uncovers bank cyber transfer scam
of all of John's articles
Services Web Site
security continues in the news with North Korea's attacks on Sony in
November and ongoing hacks of every branch of the US government by
every enemy from ISIS to China and even friendly countries like Israel.
Here follow excerpts copied and pasted from news articles on the
subject. In the links to the left of this article you may click to read
these entries in their entirety.
1. Obama draws cyber line in sand
President Barack Obama on Wednesday signed an executive order that
gives the Secretary of Treasury the authority to impose sanctions on
entities found responsible for or complicit in carrying out a
cyberattack harmful to U.S. interests. The Secretary of Treasury will
have to consult with the Secretary of State and the Attorney General
before enacting the powers granted under the order.
"Starting today, we're giving notice to those who pose significant
threats to our security or economy by damaging our critical
infrastructure, disrupting or hijacking our computer networks, or
stealing the trade secrets of American companies or the personal
information of American citizens for profit," said Obama.
2. How the U.S. thinks the Russians hacked the White House
Russian hackers behind the damaging cyber intrusion of the State
Department in recent months used that perch to penetrate sensitive
parts of the White House computer system, according to U.S. officials
briefed on the investigation. While the White House has said the breach
only affected an unclassified system, that description belies the
seriousness of the intrusion. The hackers had access to sensitive
information such as real-time non-public details of the president's
schedule. While such information is not classified, it is still highly
sensitive and prized by foreign intelligence agencies, U.S. officials
The FBI, Secret Service and U.S. intelligence agencies are all involved
in investigating the breach, which they consider among the most
sophisticated attacks ever launched against U.S. government systems.
The intrusion was routed through computers around the world, as hackers
often do to hide their tracks, but investigators found tell-tale codes
and other markers that they believe point to hackers working for the
Russian government. National Security Council spokesman Mark Stroh
didn't confirm the Russian hack, but he did say that "any such activity
is something we take very seriously."
3. John Oliver tackles surveillance in surprise Snowden scoop
Comedy talk show host John Oliver boldly went where few journalists
from the mainstream media have dared to tread, grilling whistle-blower
Edward Snowden about his leaking of thousands of NSA documents to the
press in an interview that aired Sunday on Last Week Tonight. Oliver
raked Snowden over the coals for not having read every one of the
documents, insisting there's a difference between understanding what's
in documents and reading them. The documents were "passed to the
journalists," Snowden responded, "and they're using extraordinary
security measures to make sure this is reported in the most secure way."
4. A match made in heaven: fraud and social media
Since the days of Friendster and GeoCities, fraud has thrived on social
media. Social media is the fraudsters’ playground—an unregulated,
highly visible, easily exploitable platform that connects with billions
of people and serves a host of purposes in a hacker’s repertoire. Many
fraudulent accounts are mere satire or innocuous trolling, but others
are created with far more devious intentions.
Even inexperienced cyber criminals can carry out low-tech attacks via
social media by building convincing profiles and connecting to the
right people. In a targeted attack, hackers connect with colleagues and
friends of the target, a tactic called “gatekeeper friending,” to
appear more legitimate once connecting to the target itself.
In the unverified world of social media, fraudsters lay claim to
whatever they like—that they work at the same organizations, have the
same alma mater, or share all the same goals and interests. Never in
the history of human communication has deceit been easier. With these
elements in place, the hackers can request sensitive information or ask
for money. If the target believes the account to be a coworker,
relative, or love interest, these things are openly shared.
5. IBM uncovers bank transfer cyber scam
IBM has uncovered a sophisticated fraud scheme run by a well- funded
Eastern European gang of cyber criminals that uses a combination of
phishing, malware and phone calls that the technology company says has
netted more than $1 million from large and medium-sized U.S. companies.
The scheme, which IBM security researchers have dubbed "The Dyre Wolf,"
is small in comparison with more recent widespread online fraud schemes
but represents a new level of sophistication.
According to IBM, since last year the attackers have been targeting
people working in companies by sending spam email with unsafe
attachments to get a variant of the malware known as Dyre into as many
computers as possible. If installed, the malware waits until it
recognizes that the user is navigating to a bank website and instantly
creates a fake screen telling the user that the bank's site is having
problems and to call a certain number. If users call that number, they
get through to an English-speaking operator who already knows what bank
the users think they are contacting. The operator then elicits the
users' banking details and immediately starts a large wire transfer to
take money out of the relevant account.
April 12, 2015