US weapons systems can be easily hacked

The Government Accountability Office (GAO) found “mission-critical” cyber-vulnerabilities in nearly all weapons systems tested between 2012 and 2017.That includes the newest F-35 jet as well as missile systems.

Pentagon officials had no immediate response to the 50-page report from the Senate Armed Services Committee.

The committee’s members expressed concerns about how protected weapon systems were against cyber-attacks.

Source: US weapons systems can be ‘easily hacked’ – BBC News

Using AWS on a project in collaboration with SoCal HTTF to decrypt a password

Anyone working in the field of Digital Forensics is aware that a substantial portion of time is dedicated to reverse engineering passwords. That is, in most cases a digital forensics investigator receives a password-protected handheld device, or a laptop with an encrypted hard disk, or a Microsoft Word document which has been password protected.

It is then the task of the investigator to try to retrieve the evidence, and that in turns requires reverse engineering the password; in some cases this can be achieved by recovering the hash of the password, which is stored somewhere (the locations are often known) on the device’s memory.

In order to obtain the password from the hash, we have to run a brute-force search algorithm that guesses passwords (the guesses can be more or less educated, depending on what is known about the case). Sometimes we get lucky. There are two programs that are used extensively for this purpose: John the Ripper and hashcat.

As we have been studying methods for recovering passwords from hashes, we have been using AWS EC2 instances in order to run experiments and help HTTF with their efforts. Together with senior capstone students as well as graduate students in Cybersecurity, we have been creating a set of guidelines and best practices to help in the recovery of passwords from hashes. AWS EC2 instances are ideal as they can be crafted to the needs and resources of a particular case. For example we are currently running a t2.2xlarge instance on a case where we have to recover the password of a Microsoft Word document; we have also used a p2.16xlarge with GPU-based parallel compute capabilities, but it costs $14/hour of usage, and so we deploy it in a very surgical manner.

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies – Bloomberg

The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources.
— Read on www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

Decade of research shows little improvement in password guidance 

Leading internet brands including Amazon and Wikipedia are failing to support users with advice on how to securely protect their data, a study shows.More than a decade after first examining the issue, research by the University of Plymouth has shown most of the top ten English-speaking websites offer little or no advice guidance on creating passwords that are less likely to be hacked.Some still allow people to use the word ‘password’, while others will allow single-character passwords and basic words including a person’s surname or a repeat of their user identity.

Source: Decade of research shows little improvement in password guidance – University of Plymouth

1932: Polish Cipher Bureau Success!

1 December 1932: Polish Cipher Bureau first solved ENIGMA message. (Read an article in our Cryptologic Bytes Archives about Poland’s Overlooked Enigma Codebreakers.”)

Polish mathematicians from the University of Poznan (from left): Marian Rejewski, Jerzy Rozycki, and Henryk Zygalski broke the Enigma code, the most important encryption machine used by Nazi Germany. The success of the Polish cryptologists from the Cryptology Bureau enabled the British to read encrypted German correspondences during World War II, contributing to the wartime success of the allies.

In 1928, when the German military began using the cipher machine, Enigma, the Polish Cipher Bureau began its efforts to break it. They hired the three mathematicians in 1932 to do just that! The team worked for months to determine the wiring of the rotors. Using a mathematical equation and key lists acquired from a German traitor, they determined the three rotors’ internal wiring. They discovered three ways of deciphering Enigma readings. The Polish team then exploited some of the Germans’ standardized methods and successfully read many of the encrypted messages. They read the first one on December 1, 1932. They were in business…at least for a time…Seven years later, just before war broke out, the Poles handed over their knowledge of the Enigma codes, as well as Polish-built replicas of the machines, to British and French Intelligence officers near Warsaw.

The government official said that in recognition of the trio’s efforts, the upper house of Poland’s parliament has passed a resolution in their honor to ‘restore justice’. The resolution reads: ‘In both popular literature and official information, the public was told that the breaking of the Enigma codes was due to the work of the British Intelligence services to the complete omission of the work of Polish scientists.’

Source: National Cryptologic Foundation


Poland’s Overlooked Enigma Codebreakers

Posted on 07/08/2014

Poland’s Overlooked Enigma Codebreakers

By Gordon Corera
BBC News, Warsaw
4 July 2014
Read the article and see more photos online HERE.

The first breakthrough in the battle to crack Nazi Germany’s Enigma code was made not in Bletchley Park but in Warsaw. The debt owed by British wartime codebreakers to their Polish colleagues was acknowledged this week at a quiet gathering of spy chiefs. Continue reading “1932: Polish Cipher Bureau Success!”

The top 10 worst ransomware attacks of 2017

Ransomware continues to dominate the cybersecurity landscape in 2017, with businesses large and small paying millions of dollars to unlock encrypted files. These attacks appeared in 64% of all malicious emails sent in Q3, and with major successful campaigns such as NotPetya and WannaCry, show no signs of slowing down, according to a new report from security firm Webroot, released Tuesday.

“This past year was unlike anything we’ve ever seen,” David Dufour, vice president of engineering and cybersecurity at Webroot, said in a press release. “Attacks such as NotPetya and WannaCry were hijacking computers worldwide and spreading new infections through tried-and-true methods. This list is further evidence that cybercriminals will continue to exploit the same vulnerabilities in increasingly malicious ways. Although headlines have helped educate users on the devastating effects of ransomware, businesses and consumers need to follow basic cybersecurity standards to protect themselves.”

Here are the top 10 worst ransomware attacks of 2017 so far, according to Webroot:

1. NotPetyaNotPetya started as a fake Ukranian tax software update, and went on to infect hundreds of thousands of computers in more than 100 countries over the course of just a few days. This ransomware is a variant of Petya, but uses the same exploit behind WannaCry. It hit a number of firms in the US and caused major financial damage: For example, the attack cost pharmaceutical giant Merck more than $300 million in Q3 alone, and is on track to hit that amount again in Q4.

Source: The top 10 worst ransomware attacks of 2017, so far – TechRepublic

Time’s Running Out to Prevent a Massive Cyberattack on Critical Infrastructure

U.S. infrastructure is in “a pre-9/11 moment” when it comes to cybersecurity and time is running short to shore up its cyber defenses, an industry advisory committee warned Tuesday.

If government and industry don’t dramatically boost their efforts to protect critical infrastructure, such as the financial system or electric grids, they risk missing a “narrow and fleeting window of opportunity before a watershed, 9/11-level cyberattack,” according to a report approved by the Homeland Security Department’s National Infrastructure Advisory Council.

Continue reading “Time’s Running Out to Prevent a Massive Cyberattack on Critical Infrastructure”

Experts Warn Too Often AWS S3 Buckets Are Misconfigured, Leak Data

A rash of misconfigured Amazon Web Services storage servers leaking data to the internet have plagued companies recently. Earlier this week, data belonging to anywhere between six million and 14 million Verizon customers were left on an unprotected server belonging to a partner of the telecommunications firm. Last week, wrestling giant World Wide Entertainment accidentally exposed personal data of three million fans. In both cases, it was reported that data was stored on AWS S3 storage buckets.

Source: Experts Warn Too Often AWS S3 Buckets Are Misconfigured, Leak Data | Threatpost | The first stop for security news

SEAKER presentation at CI on August 7 at 6pm in DEL NORTE 1530

seaker

“Storage Evaluator And Knowledge Extraction Reader”

On Monday August 7, at 6pm, in DEL NORTE 1530, the COMP 524 (Cybersecurity) students will present their final project, a technical solution for the SoCal High Technology Task Force in Ventura. This project implements a digital forensic tool with strict performance requirements.

We used GitHub as the software repository, Dropbox Paper for the documentation Wiki, and AWS S3 for distribution of the production version of the software.

You are cordially invited to attend; the presentation will take about two hours, and there will be snacks (Short link to this post: https://wp.me/p7D4ee-FJ).