The number and sophistication of targeted advanced persistent threats accelerated during the first quarter, according to a threat report released Monday by Intel's (INTC) McAfee.
Spam also continued to make a comeback, with global spam volume growing for the first time in three years last quarter and the number of suspicious URLs increasing by 12% as cybercriminals moved away from pricey botnets as the primary distribution mechanism for malware.
Adam Wosotowsky of McAfee Labs says mass email attacks have become more expensive for hackers as the defenses on emails improve. Because of that, watch for malicious links being delivered to victims in savvy ways. More...
Google found that out (the easy way) when two cybersecurity experts hacked into its Wharf 7 office in Sydney, Australia through a building management system controlled by Tridium, a company owned by Honeywell.
According to an account of the hack published yesterday by Billy Rios and Terry McCorkle of the security firm Cylance, the two were able to penetrate Google's facility through an unpatched version of Tridium's Niagara AX, a building management platform that was exposed in February by Rios and McCorkle as having serious security holes.
In this most recent hack, Rios and McCorkle found a login page for "GoogleWharf7" in a database they compiled of Tridium systems connected to the internet. A simple web search showed that Wharf 7 is Google's 10,700-square-foot "warehouse-style" office building in Sydney. Because Google was running an outdated version of Tridium Niagara, the hackers were able to access the config.bog file containing usernames and passwords. By using a tool to decode the administrative password, Rios and McCorkle entered Google's building management system and were able to see the floor and roofing plan, piping systems, alarms, and equipment schedules.
Along with getting access to all this information, the hackers said they could have overridden the system to control the building automation system and gain access to any other systems on the same network: "We did not do this… but we could have!" they wrote. More...
The incursions “appear to be attributable directly to the Chinese government and military,” the Pentagon said yesterday in a report to U.S. lawmakers on security issues involving China. The information targeted could be used to bolster China’s defense and technology industries and to support military planning, the Defense Department report said.
“China is using its computer network exploitation capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs,” the report said.
The Pentagon attribution of hacker attacks to China highlights an issue that has emerged as a source of friction in relations between the two countries. It came as part of a broader annual report to Congress covering security challenges arising from China.
The Defense Department also found that China is looking beyond its decades-old territorial dispute with Taiwan as it modernizes its military, according to the report titled “Military and Security Developments Involving the People’s Republic of China 2013.” More...
- McAfee: Hackers More Patient, Sophisticated Than Ever
- Hackers Penetrate Google’s Building Management System
- Pentagon Accuses China of Cyberspying on U.S. Government
- Cheapest Way to Rob Bank Seen in Cyber Attack Like Hustle
- The global nature of advanced cyber attacks
- IBM executives head to Washington to press lawmakers on cybersecurity bill
- Cyber security bill pits tech giants against privacy activists
- China hacker's blog shows angst, and opens a window onto cyber-espionage
- Mandiant: Chinese hacker unit attempted to clean up online presence
- Cyberthreats getting worse, House intelligence officials warn