Showing posts sorted by relevance for query Iran. Sort by date Show all posts
Showing posts sorted by relevance for query Iran. Sort by date Show all posts

Iran Preparing Stronger Cyber Defense

Posted by Avik Sarkar On 2/20/2012 09:38:00 pm

Iran Preparing Stronger Cyber Defense 

While looking at the rise of cyber crime not only US and UK also Iran is preparing a strong cyber defense. According to the Iran's Press TV report - During the recent years cyber security has been high on the agenda in Iran. Tehran says that the reason for its special attention towards the issue is due to the growing number of attacks on Iran’s cyber space by US and Israel. That’s why the first national conference on cyber security kicked off in Iran’s interior ministry. The event which hosted high ranking executive and defense officials and experts, aimed at discussing ways to further strengthen the Iranian cyber space against any attacks.
Less than four months ago Iran launched a cyber defense headquarters with the help of its defense and communications ministries. The office categorizes Iran’s national assets to three parts including physical, human and cyber assets. The headquarters says that its responsibility is to protect the three categories with special emphasis on the country’s cyber assets.
Experts say that lack of enough security in a country’s cyber space is like sleeping in a house without locking the door. In 2009 some of Iran’s Uranium enrichment facilities were targeted by a computer worm called Stuxnet. Blaming the US and Israel, Iran managed to neutralize the cyber attack. In 2011 Iran’s nuclear program comes under another cyber threat with ‘Duqu'. Also hacker collective group Anonymous targeted Iran while performing massive DDoS attack on the 1st may last year.
The main task of cyber defense is to prevent computer worms or as some call it cyber weapons from breaking into or stealing data from the countries maximum security networks. These areas include nuclear facilities, power plants, data centers and banks. Iran has also established its own laws and definitions of cyber crime. Today there are several laws in dealing with the issue and a special branch of the police force is dedicated to patrolling Iran’s cyber space.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Iran Accused For Engaging Cyber Attacks Against Persian Gulf Oil & Gas Companies in U.S. (Full Story)

Posted by Avik Sarkar On 10/16/2012 07:35:00 pm

Iran Accused For Engaging Cyber Attacks Against Persian Gulf Oil & Gas Companies in U.S. (Full Story)

The conflict and tussle between Iran and United States continues, as U.S. authorities believe that Iranian-based hackers were responsible for cyberattacks that devastated Persian Gulf oil and gas companiesJust hours later the attack was discovered, Defense Secretary Leon Panetta said the cyberthreat from Iran has grown, and he declared that the Pentagon is prepared to take action if American is threatened by a computer-based assault.
The former government official, who is familiar with the investigation, said U.S. authorities believe the cyberattacks were likely supported by the Tehran government and came in retaliation for the latest round of American sanctions against Iran. Before Panetta's remarks on Thursday, U.S. officials had said nothing publicly about the Gulf attacks or the investigation. But Panetta described them in a speech to business leaders in New York City, saying they were probably the most destructive cyber assault the private sector has seen to date. A current U.S. official acknowledged Thursday that the Obama administration knows who launched the cyberattacks against the Gulf companies and that it was a state actor. U.S. agencies have been assisting in the Gulf investigation and concluded that the level of resources needed to conduct the attack showed there was some degree of involvement by a nation state, said the former official. The officials spoke on condition of anonymity because the investigation is classified as secret. While Panetta chose his words carefully, one cybersecurity expert said the Pentagon chief's message to Iran in the speech was evident.  
It was all about what U.S. Authorities are claiming or in other word blaming, but like earlier; this time also Iran completely denies the whole matter, besides they blamed Israel & America for engaging cyber attacks on Iran's Nuclear SystemIranian officials denied any role in recent cyberattacks against oil and gas companies in the Persian Gulf and said they welcomed a probe of the case.  Mahdi Akhavan Bahabadi, secretary of the National Center of Cyberspace, denounced as "politically motivated" American allegations of an Iranian link to the Shamoon virus that hit Saudi Arabian state oil company Aramco and Qatari natural gas producer RasGas, according to remarks carried by ISNA. "We interpret the issue politically and in light of U.S. domestic issues as well as the (U.S. presidential) election," he said. The Iranian official said Tehran has already offered help to boost the companies' cybersecurity, asIran has itself recently been the victim of cyberattacks on its offshore oil platforms. Iran periodically reports the discovery of viruses and other malicious programs in government, nuclear, oil and industrial networks. On Monday, Tehran said it had successfully blocked a cyberattack on the computer network of its offshore drilling platforms. It briefly shut down part of its oil facilities because of a cyberattack in May. Iran blames Israel and the United States for the attacks. Israel has done little to deflect suspicion it uses viruses against Iran.
While talking about the cyber attacks on  Persian Gulf oil and other gas companies, we like to remind you that couple of weeks ago U.S. Authorities also blamed Iran for engaging cyber attacks on U.S. leading banking and financial sector. There also Iran official denies the attack and said "We officially announce that we haven't had any attacks,". So far its not clear whether these two attacks are linked or not. Whatever, for all the latest update on stories like this & also other updates on cyber domain stay tuned with VOGH

-Source (MPR News & Yahoo) 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Iran Accused of Carrying out Cyber Attacks Against US Banks Over Anti Islamic Movie Issue

Posted by Avik Sarkar On 9/26/2012 01:36:00 am

Iran Accused of Carrying out Cyber Attacks Against US Banks Over Anti Islamic Movie Issue

Since last few days, the conspiracy with the 'Anti Islamic Movie' was the headline in every where. We have seen global violence and a mass protest mainly came from Muslim brotherhood. This protest was also touched the internet, and as expected Muslim hackers joined the movement, which cost many damages for the cyber fence. Thousands of websites became victim of cyber attack, and among them several US banks also faced huge disturbance. This protest takes a new direction when Govt of Iran announced the blockage of Google Inc's search engine and its email service. "Google and Gmail will be filtered throughout the country until further notice," an official identified only by his last name, Khoramabadi, said, without giving further details. The Iranian Students' News Agency (ISNA) said Google ban was connected to the anti-Islamic film posted on the company's YouTube site which has caused outrage throughout the Muslim world. 
This stand of Iran Govt created a controversy, which make them responsible for carrying out cyber attacks against US banks. According to NBC news report US National Security officials accused the Iranian government for engaging cyber attacks against US Banks mainly Bank of America. But when the ball goes to Iran's side then they completely denies the blame, while saying "We officially announce that we haven't had any attacks," This statement came from the Head of Iran's civil defense agency Gholam Reza Jalali when he was asked about the report. The western media reports alleged on Friday that Muslim hackers have repeatedly attacked Bank of America Corp, JPMorgan Chase & Co and Citigroup Inc over the past year as part of a broad cyber campaign targeting the United States. Security sources told Chicago Tribune and NBC News that the attacks on the three largest US banks originated in Iran, but it is not clear if they were launched by the state, groups working on behalf of the government, or "patriotic" citizens. 

Here we want to refresh your memory while digging up a story, when Iran Govt decided a permanent Internet ban in Iran, where Iran Government has announced its plans to establish a National Intranet within five months. The Iranian minister for Information and Communications Technology, announced the setting up of a national Intranet and the effective blockage of services like Google, Gmail, Google Plus, Yahoo and Hotmail, in line with Iran's plan for a "clean Internet." And that five months is almost over, so may be the blockage of Google came due to that reason, or may be not. We suggest our readers that, it will be better if you ask yourself, that whether Iran was indeed responsible for the cyber attack or not??!!


-Source (Reuters, NBC & FARS News Agency)








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Iran's State TV Accused BBC For Hacking & Changing Result of Iran's Nuclear Program

Posted by Avik Sarkar On 7/05/2012 06:27:00 pm

Iran's State TV Accused BBC For Hacking & Changing Result of Iran's Nuclear Program

The British Broadcasting Corporation (BBC) has been charged for hacking its website to change the results of a poll about Iran's nuclear program. On Wednesday Iran's state TV accused BBC regarding this issue, but BBC completely denied their allegation and charges. The West suspects Iran may be aiming to produce nuclear weapons. Iran insists its nuclear program is for peaceful purposes like energy production. The British broadcaster's Farsi language service reported that the poll showed 63 percent of those who took part favored halting uranium enrichment in exchange for an end to Western economic sanctions. The TV report Wednesday said the actual figure was 24 percent, and the rest favored retaliation against the West with measures like closing the strategic Strait of Hormuz, a key to exporting oil from the Gulf. In a statement, the BBC said the claims were "both ludicrous and completely false, and the BBC Persian Service stands by its reporting." "There is a significant audience within Iran which depends on BBC Persian to provide impartial and trusted news, and we are confident they are familiar with the state media's tactics," it said. The poll was taken off Iran TV's website on Tuesday.










SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Permanent Internet Ban in Iran, Govt Launching National Intranet Service

Posted by Avik Sarkar On 4/10/2012 02:13:00 pm

Permanent Internet Ban in Iran, Govt Launching National Intranet Service  

The Iran Government has announced its plans to establish a National Intranet within five months. As a result millions of Internet users in Iran will be permanently denied access to the World Wide Web (WWW) and cut off from popular social networking sites, email services & so on. The government is set to roll out the first phase of the project in May, following which Google, Hotmail and Yahoo services will be blocked and replaced with government Intranet services like Iran Mail and Iran Search Engine. At this stage, however, the World Wide Web, apart from the aforementioned sites, will still be accessible. Iran government has already started the registration procedure to apply for procuring Iran Mail ID, which mandates authentic information pertaining to a person's identity, including national ID, address and full name. Registration will be approved only after verifying it against the government data on the particular applicant. The second and final stage of the national Intranet will be launched in August, which will permanently deny Iranians access to the Internet. "All Internet Service Providers (ISP) should only present National Internet by August," Taghipour said in the statement. Iranian ISPs already face heavy penalties if they fail to comply with the government filter list. By establishing the Intranet, the government control is set to become stricter. Foreign sites can still be accessed over the Intranet provided they are mentioned in a "white list" set up by the government. The government is also believed to be planning for better control on proxy servers which allow users to access banned sites. Accordint to statement of Reza Taghipour, the Iranian minister for Information and Communications Technology, announced the setting up of a national Intranet and the effective blockage of services like Google, Gmail, Google Plus, Yahoo and Hotmail, in line with Iran's plan for a "clean Internet."

-Source (IB Times)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Security experts can't verify Iran's claims of new worm

Posted by Avik Sarkar On 4/26/2011 08:45:00 pm

 
Without a sample of the new worm that an Iranian official says attacked the country's computers, it's impossible to verify his claims, a security researcher said Monday.
Kevin Haley, the director of Symantec's security response group, said that his team has not found an example of the worm, dubbed "Stars" by the Iranian military commander responsible for investigating Stuxnet, the sophisticated malware that attacked the country's uranium enrichment facilities beginning in June 2009.
"Generally, samples [of malware] do get traded among security vendors," said Haley, explaining that when one antivirus company lacks malware it wants to analyze, it asks other firms to share their samples. "[Iran'] makes this a little more difficult, because we have no direct relationships there," added Haley. "But perhaps someone else does."
Although Symantec has asked researchers in other companies if they have a sample, as of late Monday it has not been able to acquire one.
No other security vendor has stepped forward to say it has a copy of Stars.
Security experts need the malware to corroborate claims by Brigadier Gen. Gholam Reza Jalali, the head of Iran's Passive Defense Organization, the military unit that defends the country's nuclear program.
On Monday, Jalali told Iran's Mehr News Agency that the Stars worm had been detected and thwarted, but provided no information on its function or targets, or when it was discovered.
Jalali's claim came just a week after he blamed Siemens for helping U.S. and Israeli teams create Stuxnet.
Stuxnet, which targeted industrial control systems manufactured by Siemens, has been called a "groundbreaking" piece of malware because it used multiple "zero-day" vulnerabilities, hid while it wreaked havoc on Iran's uranium enrichment hardware, and required enormous resources to create.
It's possible that Stars was not a targeted attack aimed at Iran, but simply part of a more traditional broad-based assault, said Haley.
"It could be a mass attack that got through their defenses," he said. "That could have raised the alarm. They're already paranoid about attacks."
Symantec sees millions of threats every day, the vast majority of which are not targeted, Haley said.
If that's the case, trying to identify Stars would be impossible. "In the case of Stuxnet, we actually had samples, we just didn't understand the significance of the threat until later," Haley said. "Finding [Stars] in our database would be like finding a needle in a haystack" without more information from Iran.
"And even if we found something, we wouldn't know if it was the one they're talking about," said Haley.
Other antivirus vendors, including Helsinki-based F-Secure and U.K. securitycompany Sophos, also acknowledged that they could not verify Iran's claims.
"We can't tie this case to any particular sample we might already have," admitted Mikko Hypponen, F-Secure's chief research officer, in a blog post Monday. "We don't know if Iran[ian] officials have just found some ordinary Windows worm and announced it to be a cyber war attack."
Graham Cluley, a senior security technology consultant at Sophos, also said his company had not been able to identify the malware.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

U.N. Nuclear Agency Reportedly Fears that it Was Hacked By Iran

Posted by VOICE OF GREYHAT On 5/21/2011 10:23:00 pm





The U.N. nuclear agency is investigating reports from its experts that their cellphones and laptops may have been hacked into by Iranian officials looking for confidential information while the equipment was left unattended during inspection tours in the Islamic Republic, diplomats have told The Associated Press.
One of the diplomats said the International Atomic Energy Agency is examining "a range of events, ranging from those where it is certain something has happened to suppositions," all in the first quarter of this year. He said the Vienna-based nuclear watchdog agency was alerted by inspectors reporting "unusual events," suggesting that outsiders had tampered with their electronic equipment.
Two other diplomats in senior positions confirmed the essence of the report but said they had no further information. All three envoys come from member nations of the International Atomic Energy Agency and spoke on condition of anonymity because their information was privileged.
Agency spokeswoman Gill Tudor said the IAEA had no comment on the issue. IAEA inspectors are in Iran touring various facilities every other week.
A woman answering the cell phone of Ali Asghar Soltanieh, Iran's senior envoy to the agency, said Soltanieh "wishes to give no interviews" after the caller identified himself as an AP reporter and before the reporter could say what the call was about.
An agency official, who also spoke on condition that he not be identified, said strict security measures included inspectors' placing their cellphones into seamless paper envelopes, then sealing these and writing across the seal and the envelope to spot any unauthorized opening while they were away.
He said inspectors are not allowed to take their cellphones with them while touring Iran's uranium enrichment facilities and other venues. Laptops, he said, are either locked in bags or sealed the same way as cellphones when they are left temporarily unattended by inspectors. The computers also are sometimes left unattended in hotel rooms at the end of a work day, he said.
But the diplomat who spoke at greatest length about the reported breach said the Iranians had found ways to overcome the security measures. He said he had no further details.
Iran has been under IAEA inspections for nearly a decade after revelations that it was running a secret uranium enrichment program and has been hit with four rounds of U.N. Security Council sanctions over its refusal to halt the activity.
Tehran insists it wants only to provide peaceful nuclear energy for its rising population and notes that the Nuclear Nonproliferation Treaty allows for enrichment as a source of fuel.
But international concerns have grown. The uranium enrichment program could also make fissile warhead material. Also, Iran refuses to cooperate with U.N. investigations of suspicions that it ran alleged experiments related to making nuclear weapons.
Low-enriched uranium can be used to fuel a reactor to generate electricity, which Iran says is the intention of its program. But if uranium is further enriched to around 90 percent purity, it can be used to develop a nuclear warhead.
Olli Heinonen, who stepped down last year as the IAEA's deputy director general in charge of investigating Iran's nuclear program, said information on the laptops is encrypted – and therefore difficult to decipher. Anybody gaining access to information on cellphones would find little sensitive material, he said.
Heinonen speculated that any attempt to access such equipment might have been meant to plant spyware designed to infect the IAEA computer network once the cellphones or laptops are connected and siphon off information.
"It's possible if there is tampering that something is planted in the computer and when you work with sensitive data it transmits it or it contaminates other computers with sensitive information – like Stuxnet," he said.
IAEA officials attribute a temporary breakdown of Iran's enrichment program late last year to the Stuxnet computer worm, and Tehran has acknowledged that Stuxnet affected a limited number of centrifuges – a key component in uranium enrichment – at its main uranium enrichment facility in the central city of Natanz. Tehran blames the United States and Israel for creating and planting the malware

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Anonymous to target Iran with DoS attack

Posted by Avik Sarkar On 4/30/2011 12:07:00 pm


Anonymous says its next target is Iran.
The hacker group Anonymous has its next denial-of-service (DoS) target in sight: Iran, CNET has learned.
Members of the loosely organized group are planning "Operation Iran," an attack designed to shut down Iranian Web sites beginning Sunday, according to their latest online proclamation. May 1 is International Worker's Day.
"The people of Iran have the admiration of Anonymous, and the entire world," the statement says. "We can see that Iran still suffers at the hands of those in power. Your former government has seized control, and tries to silence you. People of Iran--your rights belong to you."
The operation seemed to already have begun late today with Web page defacements ostensibly targeted at Iranian hackers. Anonymous left messages on several Web sites that had allegedly been previously attacked by the Iranian Cyber Army, including the site of a Canadian information systems firm and the site of a Ukrainian dancing group, according to an observer on an Anonymous Internet Relay Chat channel that members use to coordinate their operations.
Anonymous is known for its renegade cyberattacks in defense of perceived underdogs or to support freedom of expression or other anti-establishment causes. In defense of whistle-blowing site WikiLeaks, the group targeted PayPal, Visa, MasterCard, and other companies late last year that had stopped enabling WikiLeaks to receive contributions.
Earlier this month, Anonymous targeted Sony in protest of the company's treatment of Sony PlayStation hacker George Hotz. Hotz and Sony have since settled the lawsuit Sony filed, and Anonymous has denied any involvement in a recent serious breach that exposed information of millions of Sony PlayStation Network customers.
Other Anonymous targets have been: Broadcast Music Inc., the Church of Scientology; the governments of Egypt, Iran, and Sweden; the Westboro Baptist Church; conservative activist billionaires Charles and David Koch and their companies; as well as security firm HBGary Federal, which had reportedly been working with the FBI to identify the leaders of Anonymous.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Iran Took Responsibility of Hacking into U.S. Spy Drone

Posted by Avik Sarkar On 4/26/2012 02:02:00 pm

Iran Took Responsibility of Hacking into U.S. Spy Drone 

Last year we came to know that a stealthy key-logger has hit the U.S. Drone logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other warzones. The key-logger was was capable of capturing data and transfer that to the attacker.  Now its come to know that Iran has reportedly hacked the software of an advanced US spy drone, which came down its territory last year and has started building its own copies of the aircraft. Commander of Iran's Islamic Revolution Guards Corps Brig General Amir Ali Hajizadeh gave details of the aircraft's operational history as proof that their engineers had successfully probed its records. "Had we not accessed the plane's soft wares and hard discs, we wouldn't have been able to achieve these facts. We have decoded all this [information] and we now have an infinite amount of intelligence," said Hajizadeh.
The state media report also said that Iran had 'started manufacturing models of the captured US spy plane'. The unarmed drone was shown on Iranian state television, apparently looking intact, after coming down 140 miles inside Iranian territory in December. Iran claimed it brought down the drone by an electronic attack after it took off from an American base inside Afghanistan, but US officials said the aircraft crashed due to a malfunction.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Iran Oil Terminal Face Malware Attack, Internal System Also Get Affected

Posted by Avik Sarkar On 4/24/2012 11:08:00 pm

Iran Oil Terminal Face Malware Attack, Internal System Also Get Affected 

The official website of Iranian oil ministry and national oil company became the victim of malware attack. The computer virus is believed to have hit the internal computer systems said BBC. Authorities sent those sites offline immediately after the attack took place. Equipment on the Kharg island and at other Iranian oil plants has also been disconnected from the net as a precaution. However the Ministry website was back in action on Monday but the oil company site has remained unreachable. The semi-official news agency, Mehr, reported that information about users of the websites had been stolen, but no sensitive data had been accessed. Iran's Revolutionary Guard claims to have created a "hack-proof" network for all sensitive data. We have yet to see a hack-proof network and if they have convinced themselves it's true, perhaps that is part of the problem. Iran is reported to have mobilised a "cyber crisis committee" to handle the aftermath of the attack and bolster defences. One thing is clear, whether you are an oppressive regime, or simply an average small business, anyone who depends upon the internet will face malware threats and hacking attempts. 
Not only oil terminal but also in 2011 Iran Nuclear program faced cyber attack from "Duqu".


-Source (BBC & Sophos)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

3 Million Bank Accounts Hacked To Prove Vulnerability in Banking System of Iran

Posted by Avik Sarkar On 4/18/2012 11:25:00 pm

3 Million Bank Accounts Hacked To Prove Vulnerability in Banking System of Iran

A security geek from a payment service provider (PSP) company, has hacked accounts of three million bank customers to prove vulnerability in the banking security systems. That PSP offers a number of Iranian banks online services for accepting electronic payments & the guy found major security issue in the electronic payment system. The Central Bank of Iran issued a statement on Sunday advising the bank customers to change the passwords of their bank cards to prevent possible credit card fraud. An official at the Central Bank of Iran told Iranian news agency IRNA that no one has illegally accessed people's bank accounts. According to sources the hacker had provided the managing directors of the targeted banks with information about the bank accounts of 1,000 customers in the previous Iranian calendar year (ended on March 19) to warn them about the susceptibility of their computer systems and networks to cyber threats. After this security breach Govt assured Bank customers that there will be no harm in their bank balance. "It is possible that certain individuals have some information but they cannot use this information until the bank cards are not in their possession," Said the authority. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Duqu Hits The Nuclear Program of Iran

Posted by Avik Sarkar On 10/23/2011 05:16:00 pm


Few days before we have talked about Duqu, the next generation cyber attack tool. Here Duqu shows his 1st magic by hitting the nuclear program of Tehran
Iran’s nuclear program comes under another cyber threat withDuqu,’ a worm that gathers intelligence data and assets from entities. The new threat comes after Stuxnet, a virus allegedly produced by the United States and Israel that slowed Iran’s first nuclear plant Bushehr before it was inaugurated last month. First there was the Stuxnet computer virus that wreaked havoc on Iran’s nuclear program. Now “Duqu” appears to be quite similar, according to researchers on Oct. 18.
“Duqu’s purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party,” security software firm Symantec said on its website. It was named Duqu because it creates files with “DQ” in the prefix. The U.S. Department of Homeland Security said it was aware of the reports and was taking action.
 


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Dutch Government is Investigating The Iranian Cyber Attack

Posted by Avik Sarkar On 9/06/2011 03:50:00 pm

The Dutch government is investigating whether Iran may have been involved in hacking Dutch state websites after digital certificates were stolen. Vincent van Steen, Dutch interior ministry spokesman, declined to say whether Iranian authorities in the Netherlands or Iran had been contacted, and said more details would be published in a letter to the Dutch parliament early next week.
But Mr van Steen confirmed the veracity of a report by the Dutch news agency ANP saying the cabinet was looking into whether the Iranian government played a part in breaking into Dutch government websites.
Such websites may no longer be safe after the digital theft of internet security certificates from Dutch IT company DigiNotar, the interior ministry said in a statement. Officials at the Iranian embassy in The Hague were not immediately available for comment nor was there an immediate reply to emails asking for comment. Google said in its security blog on Aug. 29 that it had received reports of attacks on Google users, that "the people affected were primarily located in Iran", and that the attacker used a fraudulent certificate issued by DigiNotar.

-News Source (Telegraph, Register)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Department of Homeland Security (DHS) Said -Cyber Crime is As Threatening As al Qaeda

Posted by Avik Sarkar On 6/12/2012 02:30:00 am

Department of Homeland Security (DHS) Said -Cyber Crime is As Threatening As al Qaeda

The number of organized cyber crime has already kisses the sky. Keeping this scenario in mind Janet Napolitano, Secretary of Homeland Security, said that "the greatest threats in actual activity we've seen aimed at the West and the United States has been in the cyber-arena", in addition to "al Qaeda and al Qaeda-related groups" The comments highlight the increasing trend of political sparring and espionage proliferating on the Web. The Flame virus, believed to be driven by a western government, continues to grab headlines, while he also claimed that Google has introduced a tool to warn users of state-sponsored attacks on their accounts. Though gmail completely denied this blame while saying that Govt hired State-Sponsored attackers who ware accessing millions of Gmail accounts illegally
Napolitano also said the government is taking steps to be "proactive instead of reactive" in combating the new threats, adding that the worldwide cost of tackling cyber-crime - an estimated $388 billion (£250 billion) - is "already outstripping [the cost of tackling] traditional narcotics". 
A White House plan code-named Olympic Games was launched to infect Iran's nuclear program at the beginning of the Obama administration, though Washington denies the Flame virus, also targeting Iran, was part of the project, after it was found to have existed for a number of years.


-Source (IT Portal)
.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Flamer/Skywiper Stuxnet- Newly Found Cyber-Weapon Discovered By Iran National CERT (MAHER)

Posted by Avik Sarkar On 5/29/2012 02:30:00 am

Flamer/Skywiper Stuxnet- Newly Found Cyber-Weapon Discovered by Iran National CERT (MAHER)

After "Duqu" now The Iranian Computer Emergency Response Team (MAHER) claims to have discovered a new targeted Stuxnet attacking the country's internal system. This newly found Stuxnet have been dubbed Flame (also known as Flamer or Skywiper). The name “Flamer” comes from one of the attack modules, located at various places in the decrypted malware code. In fact this malware is a platform which is capable of receiving and installing various modules for different goals. At the time of writing, none of the 43 tested anti viruses could detect any of the malicious components. Nevertheless, a detector was created by Maher center and delivered to selected organizations and companies in first days of May. 

Key Features of “Flamer” :-
  • Distribution via removable medias
  • Distribution through local networks
  • Network sniffing, detecting network resources and collecting lists of vulnerable passwords
  • Scanning the disk of infected system looking for specific extensions and contents
  • Creating series of user’s screen captures when some specific processes or windows are active
  • Using the infected system’s attached microphone to record the environment sounds
  • Transferring saved data to control servers
  • Using more than 10 domains as C&C servers
  • Establishment of secure connection with C&C servers through SSH and HTTPS protocols
  • Bypassing tens of known antiviruses, anti malware and other security software
  • Capable of infecting Windows Xp, Vista and 7 operating systems
  • Infecting large scale local networks

For additional information about "Flamer" click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Tel Aviv Stock Exchange (TASE) Shutdown By Hacker group "Nightmare"

Posted by Avik Sarkar On 1/17/2012 12:57:00 am

 

The threat of Hacker group "nightmare" was not prank. It was clearly proved on 10 AM (pick hour) when Tel Aviv Stock Exchange (TASE) and El Al’s respective websites goes offline. TASE's website was only partially functioning, while El Al’s website did not function at all. Following the attack, Israeli Bank ordered to block IP addresses from Saudi Arabia, Iran and Algeria, fearing hackers could penetrate databases of Israeli banks. Even before Israel Bank gave the order, Discount bank and Bank Leumi blocked international access altogether.
The hack comes in the wake of a series of cyber attacks over the past two weeks, and only a day after Hamas called for harsher hacking attempts against Israeli websites.
“The penetration into Israeli websites opens a new front for electronic resistance and war against the Israeli occupation,” said Hamas spokesperson Sami Abu Zuhri on Sunday during a news conference in the Gaza Strip. A TASE spokesperson stated that the trading system and the website are not connected, emphasizing that the trading system was in no way damaged by the hack.


-Source (Haaretz)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Duqu, The Next-Generation Cyber Attack Weapon

Posted by Avik Sarkar On 10/21/2011 07:34:00 pm



Researchers found an alarm for a new piece of malware with “striking similarities” to Stuxnet, the mysterious computer worm that targeted nuclear facilities in Iran. The new malware, identified as Duqu, is a highly specialized Trojan capable of gathering intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party.
“The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility,” according to Symantec’s security response team. 
Symantec said it got a copy of the in-the-wild malware from an unnamed research lab with strong international connections. The company found that parts of Duqu are “nearly identical to Stuxnet” but noted that the malware has a completely different goal.
Duqu is essentially the precursor to a future Stuxnet-like attack. The threat was written by the same authors (or those that have access to the Stuxnet source code) and appears to have been created after the last recovered Stuxnet file. Duqu’s purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility.
The company said Stuxnet and Duqu shared the same modular structure, injection mechanisms, and a driver that is digitally signed with a compromised key. Unlike Stuxnet, Symanted said the new malware does not contain any code related to industrial control systems.  It was built to be a  remote access Trojan (RAT) that does not self-replicate.
“The threat was highly targeted toward a limited number of organizations for their specific assets. However, it’s possible that other attacks are being conducted against other organizations in a similar manner with currently undetected variants,” Symantec warned.
The attackers used Duqu to install another infostealer that could record keystrokes and gain other system information. The attackers were searching for assets that could be used in a future attack. In one case, the attackers did not appear to successfully exfiltrate any sensitive data, but details are not available in all cases. Two variants were recovered and, in reviewing our archive of submissions, the first recording of one of the binaries was on September 1, 2011. However, based on file compile times, attacks using these variants may have been conducted as early as December 2010.
Noted that Duqu uses HTTP and HTTPS to communicate to a command and control server which is currently operational.

To know more about Duqu and to see the similarities between Stuxnet and Duqu Click Here


-News Source (ZD net, Yahoo, Symantec) 


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Stuxnet Clones May Be Used To Hit US

Posted by Avik Sarkar On 7/30/2011 04:17:00 pm


Officials at the US Department of Homeland Security are warning that cybercriminals could create clones of offshoots of the Stuxnet computer worm and attack American power plants, water treatment facilities, and other key parts of the infrastructure, various media outlets have reported.
The self-replicating malware, which was originally detected last July, was used to disrupt nuclear-enrichment programs in Iran, according to Reuters reports on Thursday. Stuxnet reportedly targeted Siemens-branded industrial control systems, exploiting four previously unidentified vulnerabilities in Microsoft Windows in order to seize control of the operating systems.
"Copies of the Stuxnet code, in various different iterations, have been publicly available for some time now," officials from Homeland Security said in a submission to the House Energy and Commerce Committee, reports Telegraph Technology Correspondent Christopher Williams.
"The Department is concerned that attackers could use the increasingly public information about the code to develop variants targeted at broader installations of programmable equipment in control systems," they continued, adding that officials would "remain vigilant and continue analysis and mitigation efforts of any derivative malware."
Forensic evidence suggests that Stuxnet, which has been referred to by cybercrime experts as one of if not the most complex computer virus ever determined, could have been the product of a joint operation launched by the US and Israel, Williams said.
According to Reuters, Roberta Stempfley, acting assistant secretary with the Office of Cyber Security and Communications, and Sean McGurk, director of the National Cybersecurity and Communications Integration Center, also testified before a House Energy and Commerce subcommittee on Tuesday.
Furthermore, Dan Goodin of the Register reports that Stempfley and McGurk warned the House Subcommittee on Oversight and Investigations that several different nation states, terrorist networks, organized crime groups, and individuals located within American territory are currently capable "of targeting elements of the US information infrastructure to disrupt, or destroy systems upon which we depend."
Williams reports that similar concerns prompted the British government to invest £650 million (approximately $1 billion) in cybersecurity in 2010.


-News Source (Red Orbit)

 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

President Obama & Congress Will Issue Long Awaited Executive Cyber Security Order

Posted by Avik Sarkar On 2/12/2013 07:05:00 pm

President ObamaCongress Will Issue Long Awaited Executive Cyber Security Order 

Last week we reported that Pentagon has declared that they are moving toward a major expansion of its cyber security force to counter increasing attacks on the nation’s computer networks, as well as to expand offensive computer operations on foreign adversaries. Just one week after this declaration another crucial movement came from the U.S. government.  A secret legal review on the use of America’s growing arsenal of cyber weapons has concluded that President Obama has the broad power to order a pre-emptive strike if the United States detects credible evidence of a major digital attack looming from abroad. According to sources President Barack Obama will issue a long-awaited cyber security executive order this week. Two former White House officials told the publication that the order is expected to be released after Tuesday night's State of the Union address. 
Given his status as commander-in-chief, Obama seems to be the clear choice, but since cyber warfare is such a new and unknown thing, the government hasn't actually figured out the rules of engagement yet. In the past couple of decades, the power to use America's cyber weapons has been shared between the Pentagon and the various intelligence agencies. With the exception of a series of strikes on the computer systems that run Iran's nuclear enrichment facilities an attack that Obama ordered himself the U.S. hasn't launched any major cyber attacks in recent memory, however. This probably won't be the case in the future. So the government is working on new rules of engagement, as it realizes that the capabilities of cyber weapons are evolving at a startling rate. The rules will be not unlike the set that governs how drone attacks are ordered and who orders them. Cyber warfare certainly stands to affect the average American more, though.  On Capitol Hill this week, Rep. Dutch Ruppersberger (D-Md.) and Rep. Mike Rodgers (R-Mich.) are set to reintroduce the Cyber Intelligence Sharing and Protection Act (CISPA) during a speech at the Center for Strategic and International Studies.
According to an exclusive report the bill would allow the government to share classified cyber threats with the private sector so that those companies can then protect their systems from cyber attacks. The bill was killed last year due to privacy concerns. Civil-liberty groups argued that the bill allows companies to exchange too much personal information back and forth without regulation. 







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous

Posted by Avik Sarkar On 10/20/2012 12:07:00 pm

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous 

Massive attack against banking and financial sector continues, this time HSBC became the latest victim of cyber attack. The attack which interrupt the service for 10 hours long were mainly originated from Iran and Russia. After 'Izz ad-Din al Qassam Cyber Fighters' now it was the time for Fawkes Security, an offshoot of hacktivist group Anonymous, quickly took credit for the attack, acknowledging the take down in posts yesterday afternoon on Twitter and Pastebin The group claimed to have knocked HSBC’s main site, along with its US, UK and Canadian counterparts offline and on Friday,claimed it logged 20,000 debit card details from the site while it was down. 
According to HSBC newsroom- "On 18 October 2012 HSBC servers came under a denial of service attack which affected a number of HSBC websites around the world." But HSBC denied any sort of data loss. Fawkes Security claimed to have details of more than 20K cards, but in their release HSBC said "This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking." 
But now the whole situation is under control, websites belonging to British bank and financial services company HSBC are back online and working normally. According to an update posted on its website, HSBC restored all of its websites globally to full accessibility as of 3:00am UK time. 
New York Stock Exchange, Bank of America, Wells Fargo, US Bank and PNC was brought down by few hacker collective group as protest against the anti Islamic movie. After this attack the name of HSBC has also been enlisted with those poor victims (affected banks & finance sector) who suffered DDoS attack in last month.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search