FireEye suspects that the North Korea is responsible for a number of attacks against the South Korea relying a 0day in the South most popular Word processor.
Security experts from FireEye speculate that The North Korea has carried out cyber attacks against entities of the South Korea by exploiting a zero-day ( CVE-2015-6585) in a word processing program widely used in that country, the Hangul Word Processor.

The US National Security Agency has used a unique, decades-old partnership with AT&T to snoop on Internet usage, according to newly disclosed documents leaked by Edward Snowden.

The documents provided by the former NSA contractor and reviewed by The New York Times and ProPublica described a "highly collaborative" telecom giant that demonstrated an "extreme willingness to help."

The Times said it was unclear whether the programs are still operational in the same way today. The documents were dated from 2003 to 2013.

AT&T granted the NSA access to billions of emails that traveled through its domestic networks, and helped the spy agency wiretap all online communications at United Nations headquarters, the documents show.

AT&T has provided the Internet line to the world body's headquarters.

Company spokesman Brad Burns insisted that "we do not provide information to any investigating authorities without a court order or other mandatory process other than if a person's life is in danger and time is of the essence."

"For example, in a kidnapping situation we could provide help tracking down called numbers to assist law enforcement," he told AFP.

In the documents, AT&T and other companies are not identified by name but rather codenamed.

One of the oldest programs, Fairview, was launched in 1985 and involves AT&T, the Times and ProPublica said, citing several former intelligence officials.

A Fairview fiber optic cable damaged during the 2011 Japan earthquake, for example, was repaired on the same date as an AT&T cable.

The program spied on the UN headquarters Internet line in response to an order by the special US Foreign Intelligence Surveillance Court, the documents show.

Washington has since told the UN it would not collect data on its communications.

Verizon and the former MCI -- which Verizon purchased in 2006 -- are part of another program, codenamed Stormbrew.

AT&T began providing to the NSA some 1.1 billion domestic cellphone calling records a day in 2011, after a "push to get this flow operational prior to the 10th anniversary of 9/11," the newly released documents showed.

That same year, the NSA spent $188.9 million on Fairview, more than twice the amount on the next-largest corporate program, Stormbrew ($66.8 million).

Intelligence officials had initially said that the phone calls the NSA had collected were mostly from landline, not cellular, phone records, after Snowden first revealed the wiretapping program.

NBC News reported Russian hackers have compromised computers at the Pentagon, an unclassified email system has been shut down in response of the attack.

According to the NBC news, US officials have reported that Russia launched a "sophisticated cyberattack" against the Pentagon's Joint Staff unclassified email system. The unclassified email system has been shut down and taken offline for two weeks. The officials added that the cyber attack compromised data belonging to 4,000 military and civilian personnel who work for the Joint Chiefs of Staff.

"According to the officials, the "sophisticated cyber intrusion" occurred sometime around July 25 and affected some 4,000 military and civilian personnel who work for the Joint Chiefs of Staff."states the NCB news.

According to sources close the investigation, it appears the cyber attack relied on a sort of automated system that gathered a massive amount of information in a short time and within a minute distributed it to thousands of accounts on the Internet. The officials also speculate on the possible source of the attack, they stated that Russian hackers are the responsible for the sophisticated intrusion that relied on "encrypted accounts on social media."

The officials did not provide further information on the attackers, it is not clear if the Russian Government backed the hackers. The nature of the attack and of the chosen target suggest the involvement of a state actor as confirmed by the official.

"It was clearly the work of a state actor," the officials say.

At the time I was writing no classified information was compromised by hackers, the attackers took over only unclassified email accounts.

The decision to shut down the email system is the response of the US Government to the attack, the system should be back online before the end of this week.

Stay Tuned ...

One year out from the 2020 elections, presidential candidates face legal roadblocks to acquiring the tools and assistance necessary to defend against the cyberattacks and disinformation campaigns that plagued the 2016 presidential campaign.

Federal laws prohibit corporations from offering free or discounted cybersecurity services to federal candidates. The same law also blocks political parties from offering candidates cybersecurity assistance because it is considered an “in-kind donation.”

The issue took on added urgency this week after lawyers for the Federal Election Commission advised the commission to block a request by a Silicon Valley company, Area 1 Security, which sought to provide services to 2020 presidential candidates at a discount. The commission questioned Area 1 about its request at a public meeting on Thursday, and asked the company to refile the request with a simpler explanation of how it would determine what campaigns qualified for discounted services.

Cybersecurity and election experts say time is running out for campaigns to develop tough protections.

Christopher Wray, the F.B.I. director, warned in April that Russian election interference continued to pose a “significant counterintelligence threat” and that Russian efforts in the 2016 and 2018 elections were “a dress rehearsal for the big show in 2020.”

A bill introduced last month by Senator Ron Wyden, a Democrat from Oregon, would have allowed political parties to provide greater cybersecurity assistance to candidates. But it stalled in the Senate after the majority leader, Mitch McConnell, said he would not bring any election security bills to the floor for a vote.

The 2020 campaigns themselves are unlikely to have the expertise to track disinformation campaigns or to build sophisticated defenses needed to ward off hackers. In most cases, they cannot afford to pay outside experts market rates for such services, as required by federal election laws.

To thwart digital threats and phishing attacks, multinational corporations spend hundreds of thousands of dollars, at minimum, on security. Jamie Dimon, the chief executive of JPMorgan Chase, has said the bank spends nearly $600 million a year on security. Bank of America’s chief executive has said the bank has a “blank check” when it comes to cybersecurity. Security experts note that — despite significantly smaller head counts — presidential candidates and their campaigns are among the most targeted organizations in the world.

“Expecting campaigns to do this on their own is asking for failure,” said Laura Rosenberger, the director of the Alliance for Securing Democracy, a group that seeks to track and expose efforts by authoritarian regimes to undermine democratic elections.

Ms. Rosenberger knows the risks faced by campaigns. As a foreign policy adviser to Hillary Clinton in 2016, she saw firsthand the real-world effects of these attacks. In what’s called a spearphishing attack, Russian hackers compromised emails belonging to John Podesta, then Mrs. Clinton’s campaign chairman, and employees at the Democratic Congressional Campaign Committee.

“If we’re putting campaigns on the front lines alone, and they’re having to defend themselves alone, then we’ve lost,” she said.

But guarding against Russia is just one of the challenges, officials and experts said.

“Russia drafted a playbook that other international actors can use,” said Nathaniel Persily, co-director of the Stanford Cyber Policy Center and a law professor at Stanford Law School. “We should not be surprised if other nation-states and stateless entities try to take a page from the Russian playbook in the next election.”

There are also concerns that domestic players could do the same thing.

Last month, the F.E.C. ruled that a nonprofit organization, Defending Digital Campaigns, could provide free cybersecurity services to political campaigns. But the ruling was narrow, and applied only to nonpartisan, nonprofit groups that offer the same services to all campaigns. Defending Digital Campaigns was founded by Robbie Mook, who ran Mrs. Clinton’s 2016 campaign, and Matt Rhoades, who managed Mitt Romney’s campaign in 2012.

But nonprofits can only do so much, experts said, and in many cases there are private companies with better technology for fending off hackers.

The case heard this week by the F.E.C. involves Area 1, which says it has developed tools to block spearphishing attacks.

In anticipation of future attacks, a number of candidates running for office in 2020 contacted Area 1 to ask for its anti-phishing services, said Oren Falkowitz, a former analyst at the National Security Agency who helped found the company.

Area 1 works with a number of large corporations and assists smaller firms and nonprofits, charging a rate lower than what it charges big clients, Mr. Falkowitz said. He noted that the pricing model was fairly standard. Other tech companies like Dropbox and Slack give away many of their services to individuals and smaller organizations, but charge larger businesses to use their products.

Lawyers for three of the 2020 candidates that contacted Area 1, who could not be named because of confidentiality agreements, told the company that they worried that by using Area 1’s services, the campaigns might run afoul of campaign finance laws.

Area 1 made a formal request to the F.E.C. to ask for an advisory opinion in April. As part of its request, Area 1 asked the commission to grant the company the same exemption the F.E.C. granted to Microsoft last year.

The F.E.C. ruled that Microsoft could offer “enhanced online account security services to its election-sensitive customers at no additional cost” because Microsoft would be shoring up defenses for its existing customers, not seeking to curry favor with political candidates, and would be acting on a nonpartisan basis out of business interests.

But on Monday, lawyers for the F.E.C. said Area 1’s request did not meet the same bar as Microsoft and the company’s services looked too much like a political contribution.

The commission has been sensitive to the influx of so-called dark money into campaigns and maintains a high bar for granting exemptions because of concerns that an exemption could create a loophole for corporations looking to influence an election.

Daniel A. Petalas, outside counsel for Area 1 and a lawyer at the firm Garvey Schubert Barer, said the draft opinion was based on a misunderstanding. In return for helping the candidates, Area 1 could gain valuable research, he said.

“Area 1’s whole purpose, their whole basis for being, is attacking the phishing issue,” Mr. Petalas said. “There’s really nowhere it’s more dramatically presented than in the election context, given what happened in 2016.”

Election security experts said lawmakers must address rules that prohibit cybersecurity firms from providing assistance to campaigns.

“The idea that this is even an issue is just insane,” Mr. Persily said in an interview Tuesday.

For now, campaigns must fend for themselves, and most are vulnerable to more phishing attacks.

“On the cyber side, campaigns obviously have to do a lot to have much, much tougher defenses than they had in ’16, and I see very little of that so far,” said Ms. Rosenberger, the former Clinton worker.

 

We use cookies to maintain login sessions, analytics and to improve your experience on our website. By continuing to use our site, you accept our use of cookies, Terms of Use.