Category Archives: Cyberwar

OPM Breach Discovered During a Product Demo (and Undetected for Over a Year)

In information security, a product demo is quite important inside the sales process. Normally conceived as a necessary step to show the product features and integration capabilities in a real world condition (hopefully with some well established success criteria), it often turns out to be a sort of red pill capable to show “how deep the rabbit hole goes”, in other terms, how many threats (more or less serious) have gone undetected until that moment.

read more

Chinese Hackers Hit the Office of Personnel Management (Again): 4 Million Records Compromised

The Office of Personal Management, the independent agency of the United States that manages the civil service of the federal government, will notify about 4 million current and former federal employees, that their personal data may have been compromised following an intrusion by state-sponsored hackers.

read more

North Korean Cyber Capabilities Could Soon Cause Physical Damages

In an exclusive interview to BBC, a key defector of the North Korean regime, Prof Kim Heung-Kwang, has given an updated overview of Pyongyang cyber capabilities.

He has taught computer science at Hamheung Computer Technology University for 20 years before escaping the country in 2004, and despite he did not teach directly hacking techniques, his former students are believed to have formed North Korea’s infamous hacking unit Bureau 121, a cyberwarfare agency.

read more

Deloitte Global Defense Outlook 2014: Cyber Operations Emerge as a Global Threat

Cyber Incident
Cyber incidents by defense spending type, 2013. Source: Deloitte Global Defense Outlook 2014

Deloitte has just released the Global Defense Outlook 2014. This independently developed report examines policies, practices, and trends affecting the defense ministries of 50 nations, and has been developed with publicly available information along with interviews with officials in government and industry, and analyses by Deloitte’s global network of defense professionals.

read more

After Twitter and Facebook, Apple reveals to have suffered the same Cyber Attack

The same sophisticated cyber attack that has targeted Facebook and Twitter has also targeted Apple, according to an exclusive revelation by Reuters. In this latest occurrence,  the attackers were able to infect several Mac computers belonging to some employees of Cupertino, exploiting the same 0-Day Java vulnerability used to carry on the attacks against the two well known social networks.

read more

The Quassam Group Stops the Cyber Attacks Against US Banks

Finally it looks like the DDoS attacks against US Banks, carried on by the Izz ad-Din al-Qassam Cyber Fighters in name of the infamous Operation Ababil, have been temporarily suspended. The decision is a consequence of the removal of the controversial video “The innocence of Muslim” from Youtube.

read more

Another Wiper Malware Discovered in Iran?

Yet another Sunday, yet another attack in Middle East.

Iran Wiper StatementMaher Center, the Iranian Computer Emergency Response Team / Coordination Center has just released a scant report concerning another (alleged) cyber attack targeting Iran.

Few information is available so far regarding this new targeted attack. The malware, simple in design and hence apparently unrelated to the other sophisticated cyber attacks targeting the same area, seems to have an efficient design and wiping features. According to the statement, the malware “wipes files on different drives in various predefined times. Despite its simplicity in design, the malware is efficient and can wipe disk partitions and user profile directories without being recognized by anti-virus software“. However, it is not considered to be widely distributed. The report also publishes the MD5s of the five identitified components.

read more

Big in Japan: Yet Another Targeted Attack Against a Japanese Target

Japan FlagUpdated 3/12/2012 to include the cyber attack targeting the Upper Chamber of Japanese Parliament discovered on 2 November 2011.

The New York Times has recently reported the news related to a (yet another) targeted cyber-attack against JAXA (Japan Aerospace Exploration Agency). This targeted attack has allegedly led to the exfiltration of sensitive information related to Epsilon, a solid-fuel rocket prototype supposed to be used also for military applications, suggesting the targeted attack is probably part of a cyber-espionage campaign.

read more

Timeline of Opisrael

After the ceasefire of the 21st of November, the cyber attacks against Israel, executed in name of OpIsrael, have come to a break.

The contemporaneous ceasefire in the real world and in the cyber space has confirmed the two dimensional nature of this conflict. A conflict in which even the social media played a crucial role: IDF chose Twitter to make the first official announcement of the airstrike that killed Ahmed Al-Jaabari, and subsequently during the stages of operation Pillar of Defence Twitter has been intensively used by the two opposite factions for actions of propaganda, psyops, and even to divulge official news of the war operations.

read more

Flambé! U.S. used Facebook and Flame to hack the French President’s Network

According to the French Magazine “L’Express” earlier in May some computers in the offices of former France’s president Nicolas Sarkozy have been victims of a targeted attack carried via a Flame variant.

What is surprising is not (only) the fact that this is the first known case of a Flame infection out of the Middle East, but most of all the fact that the malware was allegedly implanted by U.S. Hackers.

read more