U.S. and Russia Open Talks on Limits to War in Cyber Space
John Markoff and Andrew E. Kramer write in The New York Times:
The United States has begun talks with Russia and a United Nations arms control committee about strengthening Internet security and limiting military use of cyberspace.
American and Russian officials have different interpretations of the talks so far, but the mere fact that the United States is participating represents a significant policy shift after years of rejecting Russia’s overtures. Officials familiar with the talks said the Obama administration realized that more nations were developing cyberweapons and that a new approach was needed to blunt an international arms race.
In the last two years, Internet-based attacks on government and corporate computer systems have multiplied to thousands a day. Hackers, usually never identified, have compromised Pentagon computers, stolen industrial secrets and temporarily jammed government and corporate Web sites. President Obama ordered a review of the nation’s Internet security in February and is preparing to name an official to coordinate national policy.
On Nov. 12, a delegation led by Gen. Vladislav P. Sherstyuk, a deputy secretary of the Russian Security Council and the former leader of the Russian equivalent of the National Security Agency, flew to Washington and met with representatives from the National Security Council, State Department, Department of Defense and the Department of Homeland Security. Officials familiar with these talks said the two sides made progress in bridging divisions that had long separated the countries.
Indeed, two weeks later in Geneva, the United States agreed to discuss cyberwarfare and cybersecurity with representatives of the United Nations committee on disarmament and international security. The United States had previously insisted on addressing those matters in the committee on economic issues.
Bank Fraud Suspect Accused of Hiring Hitman to Kill Hitman
Olsen Enbright writes on NBCLosAngeles.com:
In what seems like something out of a Jason Bourne movie, a Sherman Oaks man is accused of trying to hire a hitman to kill another hitman after a feds busted up a bank fraud scheme.
Or as Dennis Romero of LA Weekly put it, "This guy has dug a deeper hole for himself than Tiger Woods."
Pavel Valkovich, 28, has pleaded guilty this week to solicitation of murder and one count of bank fraud. He faces 50 years in jail at his upcoming sentencing in February.
It all started in 2008 when U.S. Immigration and Customs Enforcement agents began investigating Valkovich's association with a scheme involving fraudulent money transfers from PayPal accounts, according to the U.S. Attorney's Office.
Last year, authorities were able to close in on Valkovich thanks to the help of an informant. During the execution of a search warrant, Valkovich tried to escape by leaping from the roof of his apartment building onto another building, said prosecutors.
Authorities were able to take Valkovich into custody. That's when the alleged hitman-on-hitman cycle began at the Federal Detention Center in downtown Los Angeles.
U.S. Toll in Iraq, Afghanistan
Iraq and Afghanistan statistics via The Boston Globe (AP).
As of Friday, Dec. 11, 2009, at least 4,369 members of the U.S. military had died in the Iraq war since it began in March 2003, according to an Associated Press count.
The figure includes nine military civilians killed in action. At least 3,477 military personnel died as a result of hostile action, according to the military's numbers.
The AP count is one fewer than the Defense Department's tally, last updated Friday at 10 a.m. EST.
As of Friday, Dec. 11, 2009, at least 858 members of the U.S. military had died in Afghanistan, Pakistan and Uzbekistan as a result of the U.S. invasion of Afghanistan in late 2001, according to the Defense Department. The department last updated its figures Friday at 10 a.m. EST.
Of those, the military reports 664 were killed by hostile action.
.Honor the Fallen
How to Lose a Cyber War
John Arquilla writes on Foreign Policy:
The five young men detained in Pakistan this week -- like a whole new generation of jihadis -- appear to have made considerable use of the Internet in their alleged approach to al Qaeda. Their story points out that, nine years after 9/11, terrorist networks are still not only able to stay in touch via cyberspace, but that they are even extending their reach thanks to our giving them a free ride in the virtual domain.
U.S. President Barack Obama often speaks about his central strategic objective of denying al Qaeda its haven in Waziristan, but he says nary a word about taking away its "virtual haven" in cyberspace. This omission is more than his alone, as none of the key military, intelligence, and law-enforcement arms of the U.S. government have done much to curtail terrorist use of the Net.
Those who do try to keep an eye on terrorism in cyberspace often argue that they learn a lot about enemy networks by monitoring their narratives on jihadi websites. But if this made a real difference, we would have already won the war on terror.
Instead of thinking of cyberspace principally as a place to gather intelligence, we need to elevate it to the status of "battlespace." This means that we either want to exploit terrorists' use of the Web and Net unbeknownst to them, or we want to drive them from it.
Bank Firewalls Cracked by Cyber Hackers
Joe Menn writes in The Financial Times:
For more than a decade the common currency among cybercriminals has been pilfered credit card numbers, but some underground hackers have learned how to drain money directly from corporate bank accounts.
There has been a big rise in such frauds, raising the stakes in the war between financial institutions and criminals and costing some bank clients half a million dollars – or more.
The cyberhackers “are clearly ahead of the defence in terms of antivirus solutions, firewall solutions, etc,” Jeffrey Troy, chief of the FBI’s cybercrime section, told the Financial Times. Online bank thefts in 2009 had seen “a very dramatic increase from past years”.
Law enforcement warnings, recent reports from private security experts and lawsuits are focusing attention on the issue. Some professionals, citing the ongoing boom in virus infections through such social networks as Facebook and Twitter, fear the trends could combine in 2010.
Mr Troy estimated that criminals took about $40m from bank accounts this year, primarily targeting the small and mid-sized businesses that are themselves customers of small and mid-sized banks.
FBI: Rogue Antivirus Scammers Have Made $150M
Robert McMillan writes on ComputerWorld:
They're the scourge of the Internet right now and the U.S. Federal Bureau of Investigation says they've also raked in more than $150 million for scammers. Security experts call them rogue antivirus programs.
The FBI's Internet Crime Complaint Center issued a warning over this fake antivirus software Friday, saying that Web surfers should be wary of sudden pop-up windows that report security problems on their computers.
This software can appear almost anywhere on the Web. Typically, the scam starts with an aggressive pop-up advertisement that looks like some sort of virus scan. Often it's nearly impossible to get rid of the pop-up windows. Of course, the scan turns up problems, and the pop-up windows say the only way to get rid of them is to pull out a credit card and pay.
This is always a bad idea. At best, the software is subpar. At worst, it "could result in viruses, Trojans and/or keyloggers being installed on the user's computer," the IC3 said in its warning. The IC3 is run in partnership with the National White Collar Crime Center.
"The assertive tactics of the scareware [have] caused significant losses to users," the IC3 said. "The FBI is aware of an estimated loss to victims in excess of $150 million."
U.S. Takes Fight Against Hackers Overseas
An AP newswire article, via MSNBC.com, reports that:
The tip came from another country's law enforcement officials: Eight major banks in the U.S. were being targeted by cybercriminals operating there.
FBI agents fanned out that night to warn the branches that hackers were aiming to break into their computer systems. The banks were able to spot the attempted breaches, and block them, FBI officials said.
Concerned about the rise in this type of sophisticated computer attack from abroad, the FBI and the U.S. Secret Service are beefing up their international cybercrime enforcement, sending agents who specialize in the threats overseas to specifically deal with digital perils.
Their growing coordination with other nations, however, faces legal and political challenges posed by conflicting laws and the lack of broadly accepted international guidelines for Internet oversight.
"With the increased connectivity in countries that heretofore didn't have that amount of access, and the technological advances made in corporate America that have put vulnerable financial information online, it's been the perfect storm," said Shawn Henry, assistant director of the FBI's cyber division.
Mark Fiore: Science-Gate!
More Mark Fiore brilliance.
Via The San Francisco Chronicle.
SCADA Watch: Cyber Attacks Against Critical U.S. Networks Rising at Faster Rate
Jill R. Aitoro writes on NextGov.com:
The number of cybersecurity attacks against computer networks that operate the nation's critical infrastructure such as transportation systems and water treatment and power plants, has increased dramatically, mostly because these industries rely on legacy technologies that don't protect systems from sophisticated attacks.
In the third quarter, 11 cyber incidents were added to the Repository for Industrial Security Incidents, a database of cybersecurity attacks that have or could have affected systems that operate major industrial operations in the United States. These key networks are known as Supervisory Control and Data Acquisition systems. The owners and operators of industrial plants maintain the database.
For all of 2009, industries have added 35 incidents to RISI, representing more than 20 percent of the 164 incidents recorded since 1982. The total number of incidents in the database could increase 37 percent this year if trends continue at the current rate, according to RISI's third-quarter report, which was released on Nov. 30.
Malicious software such as viruses, worms and Trojans were the cause of most cyberattacks, according to the report. Incidents involving unauthorized access or sabotage by people working for the company such as disgruntled former employees or contractors also increased.
Russia Cyber Criminals Linked to Hacked Climate e-Mails
Geoff Earle writes on The New York Post:
The scandal of the hacked climate-change e-mails may bear the fingerprints of Russia's notorious intelligence services.Link
The hacker who got the e-mails, in which top scientists discussed keeping data from global-warming skeptics, was working from the Siberian city of Tomsk at a private firm called Tomcity, Britain's Daily Mail reported.
"It's very common for hackers in Russia to be paid for their services," said Jean-Pascal van Ypersele, of the UN's Intergovernmental Panel on Climate Change.
Russia is a top energy producer and has resisted tough new international climate regulations.
Russian Cybercrook Gets 18 Months for IRS E-Filing Scam
Kevin Poulsen writes on Threat Level:
A Russian man was sentenced to 18 months in prison Monday for a phishing attack that diverted $100,000 in U.S. tax refunds to bank accounts under his control.
Maxim Maltsev, 24, of the Siberian city of Novosibirsk, ran the caper while he was living in the sunnier climes of San Diego in 2006, according to court records. Maltsev used a spam campaign to trick people into submitting their tax returns to his fake e-filing site. Before re-submitting them to a real e-filing website, he modified the returns to direct the refunds into bank accounts he and his accomplices opened at several San Diego banks.
By the time the feds caught on to the scam, Maltsev had apparently returned to Russia. But he was arrested last April at San Francisco International Airport after flying back to the states.
Prosecutors recommended the low end of the 12 - 18 month range suggested by federal sentencing guidelines, and Maltsev’s defense attorney asked for even less time. But U.S. District Court Judge Larry Burns in San Diego suspected Maltsev’s return to America wasn’t for a vacation.
TJX Hacker to Plead Guilty to Heartland Breach
Kim Zetter writes on Threat Level:
Admitted TJX intruder Albert Gonzalez has entered into a plea agreement on charges that he hacked into Heartland Payment Systems, Hannaford Brothers, 7-Eleven and two other unnamed national retailers.
The revelation comes in a filing made by Gonzalez’s attorney in U.S. District Court in New Jersey, where the Heartland charges were filed in August.
A federal judge on Tuesday officially transferred the New Jersey case to Massachusetts, where Gonzalez is seeking to merge it with two other cases in which he’s already pleaded guilty.
Gonzalez, a former Secret Service informant known by the online nicks “segvec” and “Cumbajohnny,” was charged in New Jersey in August, along with two unnamed Russian hackers. They were accused of stealing more than 130 million debit and credit cards from card-processing company Heartland and the other target companies.
Louisiana Firm Sues Capital One After Losing Thousands in Online Bank Fraud
Brian Krebs writes on Security Fix:
An electronics testing firm in Louisiana is suing its bank, Capital One, alleging that the financial institution was negligent when it failed to stop hackers from transferring nearly $100,000 out of its account earlier this year.
In August, Security Fix wrote about the plight of Baton Rouge-based JM Test Systems, an electronics testing firm that in February lost more than $97,000 from two separate unauthorized bank transfers a week apart.
According to JM Test, Capital One has denied any responsibility for the losses. On Friday, JM Test filed suit in a Louisiana district court, alleging breach of contract and negligence by the bank. The firm says it is still out a total of $89,000, and that it has spent roughly $70,000 investigating and responding to the breaches.
"Capital One was not willing to make good on our losses or attempt any type of settlement," said Happy McKnight, JM Test's controller. "The banks are clearly taking a 'Hey, don't look at me!' stance. It is so sad to wonder how many business failures this type of fraud has caused."
Capital One declined to comment for this story.