Cisco Learning Network Store Promotions Page
Showing posts with label U.S. Department of Homeland Security. Show all posts
Showing posts with label U.S. Department of Homeland Security. Show all posts

2.11.2016

Hackers leak contact information of 20,000 FBI employees


Hackers have leaked the contact information of 20,000 FBI employees, which follows the previous day's release of 10,000 Homeland Security employees' data.

The hackers communicating through Twitter, claimed "Well folks, it looks like @TheJusticeDept has finally realized their computer has been breached after one week".

The Justice Department -- which appears to have been the target for the breach by the hackers -- said it was investigating the claim. Peter Carr, speaking on behalf of the department told CNN that it does not appear there was a breach of private personnel information, such as Social Security numbers. The only information stolen appears to be names, titles, telephone numbers and email addresses.

"The department is looking into the unauthorized access of a system operated by one of its components containing employee contact information", said Carr. "This unauthorized access is still under investigation; however, there is no indication at this time that there is any breach of sensitive personally identifiable information. The department takes this very seriously and is continuing to deploy protection and defensive measures to safeguard information. Any activity that is determined to be criminal in nature will be referred to law enforcement for investigation".

The hackers responded via Twitter, "FBI and DHS info is dropped and that’s all we came to do, so now its time to go, bye folks! #FreePalestine [sic]".

  
Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.
  
Photo Credit: igor.stevanovic/Shutterstock

~ Alasdair Gilchrist

12.03.2014

Exclusive: FBI warns of 'destructive' malware in wake of Sony attack

An entrance gate to Sony Pictures Entertainment at the Sony Pictures lot is pictured in Culver City, California in this April 14, 2013 file photo.
Credit: Reuters/Fred Prouser/Files
 
(Reuters) - The Federal Bureau of Investigation warned U.S. businesses that hackers have used malicious software to launch a destructive cyberattack in the United States, following a devastating breach last week at Sony Pictures Entertainment.
 
Cybersecurity experts said the malicious software described in the alert appeared to describe the one that affected Sony, which would mark first major destructive cyber attack waged against a company on U.S. soil. Such attacks have been launched in Asia and the Middle East, but none have been reported in the United States. The FBI report did not say how many companies had been victims of destructive attacks.
 
"I believe the coordinated cyberattack with destructive payloads against a corporation in the U.S. represents a watershed event," said Tom Kellermann, chief cybersecurity officer with security software maker Trend Micro Inc. "Geopolitics now serve as harbingers for destructive cyberattacks." 
 
The five-page, confidential "flash" FBI warning issued to businesses late on Monday provided some technical details about the malicious software used in the attack. It provided advice on how to respond to the malware and asked businesses to contact the FBI if they identified similar malware.
 
The word 'password' on a computer screen is magnified with a magnifying glass in this picture illustration taken in Berlin May 21, 2013.
Credit: REUTERS/Pawel Kopczynski
  
The report said the malware overrides all data on hard drives of computers, including the master boot record, which prevents them from booting up. 
 
"The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods," the report said.
 
The document was sent to security staff at some U.S. companies in an email that asked them not to share the information. 
 
The FBI released the document in the wake of last Monday's unprecedented attack on Sony Pictures Entertainment, which brought corporate email down for a week and crippled other systems as the company prepares to release several highly anticipated films during the crucial holiday film season. 
 
A Sony spokeswoman said the company had “restored a number of important services” and was “working closely with law enforcement officials to investigate the matter.”
 
She declined to comment on the FBI warning.
 
The FBI said it is investigating the attack with help from the Department of Homeland Security. Sony has hired FireEye Inc's (FEYE.O) Mandiant incident response team to help clean up after the attack, a move that experts say indicates the severity of the breach.
 
While the FBI report did not name the victim of the destructive attack in its bulletin, two cybersecurity experts who reviewed the document said it was clearly referring to the breach at the California-based unit of Sony Corp (6758.T). 
 
"This correlates with information about that many of us in the security industry have been tracking," said one of the people who reviewed the document. "It looks exactly like information from the Sony attack."
 
FBI spokesman Joshua Campbell declined comment when asked if the software had been used against the California-based unit of Sony Corp, although he confirmed that the agency had issued the confidential "flash" warning, which Reuters independently obtained.
 
"The FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations," he said. "This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals."
 
The FBI typically does not identify victims of attacks in those reports. 
 
Hackers used malware similar to that described in the FBI report to launch attacks on businesses in highly destructive attacks in South Korea and the Middle East, including one against oil producer Saudi Aramco that knocked out some 30,000 computers. Those attacks are widely believed to have been launched by hackers working on behalf of the governments of North Korea and Iran. 
 
Security experts said that repairing the computers requires technicians to manually either replace the hard drives on each computer, or re-image them, a time-consuming and expensive process.
 
Monday's FBI report said the attackers were "unknown."
 
Yet the technology news site Re/code reported that Sony was investigating to determine whether hackers working on behalf of North Korea were responsible for the attack as retribution for the company's backing of the film "The Interview." 
 
The movie, which is due to be released in the United States and Canada on Dec. 25, is a comedy about two journalists recruited by the CIA to assassinate North Korean leader Kim Jong Un. The Pyongyang government denounced the film as "undisguised sponsoring of terrorism, as well as an act of war" in a letter to U.N. Secretary-General Ban Ki-moon in June.
 
The technical section of the FBI report said some of the software used by the hackers had been compiled in Korean, but it did not discuss any possible connection to North Korea.                     
 
~ Jim Finkle

8.08.2014

U.S. Homeland Security contractor reports computer breach

U.S. Department of Homeland Security employees work in front of U.S. threat level displays inside the National Cybersecurity and Communications Integration Center during a guided media tour in Arlington, Virginia June 26, 2014.  
Credit: Reuters/Kevin Lamarque
 
(Reuters) - A company that performs background checks for the U.S. Department of Homeland Security said on Wednesday it was the victim of a cyber attack, adding in a statement that "it has all the markings of a state-sponsored attack."
 
The computer breach at Falls Church, Virginia-based US Investigations Services (USIS) probably involved the theft of personal information about DHS employees, according to the Washington Post, which first reported the story.
 
DHS said it had suspended all work with the company amid an investigation by the FBI. A "multi-agency cyber response team is working with the company to identify the scope of the intrusion," DHS spokesman Peter Boogaard said in a statement.
 
"At this time, our forensic analysis has concluded that some DHS personnel may have been affected, and DHS has notified its entire workforce, out of an abundance of caution, to advise them to monitor their financial accounts for suspicious activity," he said, adding that employees whose data had likely been compromised would be informed. 
 
The Office of Personnel Management had also suspended work with USIS, the Post said, adding that government officials do not believe the breach has affected non-DHS employees.
 
"We are working collaboratively with OPM and DHS to resolve this matter quickly and look forward to resuming service on all our contracts with them as soon as possible," USIS said in the statement on its website. (here)
 
"We will support the authorities in the investigation and any prosecution of those determined to be responsible for this criminal attack," it said.
 
"Experts who have reviewed the facts gathered to-date believe it has all the markings of a state-sponsored attack," the company said. 
 
USIS says it is the biggest commercial provider of background investigations to the federal government, has over 5,700 employees and provides services in all U.S. states and territories, as well as abroad.         
 
~ Eric Walsh