InHardFocus.com

Vision, Technology, Science and Society

Top

Entries in Hackers (6)

Monday

Dec122011

Hacking America's Secrets: China's Doing It Right

Monday, December 12, 2011 at 9:15AM

We were shocked today to read a CBS News report that reveals that only a handful of hacker teams are responsible for most China-based data theft. And the worst part? The Chinese government is backing them.

Most of the attacks are against the U.S. government, but private companies are also at risk. Defense companies and other critical industries, including energy and finance, have seen a huge uptick in hacking attempts in the last few year, CBS found.

While most attacks that seek to steal credit card of financial information originate in Eastern Europe or Russia, analysts say those that are after intellectual property or classified data usually come from China.

According to CBS, examples of specific attacks linked to China include:

— Two sophisticated attacks against Google's systems stole some of the Internet giant's intellectual property and broke into the Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists.

— Last year, computer security firm Mandiant reported that data was stolen from a Fortune 500 manufacturing company during business negotiations when the company was trying to buy a Chinese company.

— Earlier this year, McAfee traced an intrusion to an Internet protocol address in China and said intruders took data from global oil, energy and petrochemical companies.

Although industry experts and analysts have been calling for increased attention to the problem, the current system offers no punishment for Chinese hackers who attack the U.S. Even when a specific IP address -- or individual -- is known to have been involved in a cyberattack, officials have no power or authority to file charges.

In the meantime, China is privy to a staggering amount of information that affects every level of our lives. Hopefully, policymakers will begin working to stop this information-drain sooner rather than later.

Read the rest of the fascinating article here.

InHardFocus.com |

1 Comment |

tagged

Hackers,

computer security,

it security in

Computers,

Hackers

Wednesday

Sep212011

Hackers Stole Your Credit Card? Robots Are On the Case

Wednesday, September 21, 2011 at 12:55PM

When a hacker steals your credit card number, email password or Social Security number, they know where to go to make use of it: a vast world of underground chat rooms and forums, where hackers buy and sell the data that gives them access to your money.

How can law enforcement even begin cracking into this enormous hacker network? Never fear: The robot informant is on the case.

CSIdentity, an Austin-based security firm, has created artificial intelligence software that poses as a hacker, interacts with members of these underground chat rooms and, if successful, solicits stolen data, which is then sent back to investigators.

Joe Ross, the president of CSIdentity, said the company’s analyst team designed the chatbots by analyzing the dialog in hacker chatrooms, paying close attention to patterns in the interactions and lingo.

The bots use “fuzzy pattern recognition” to keep up with the lightning-quick conversations. That way, they can make sense of words that are expressed in different ways. (Who knew that a “fullz” would refer to a stolen credit card number and security code?)

Unfortunately, hackers are already on to the game. They keep an eye out for chatters that seem … well, robotic … and will vacate a chatroom if one seems suspicious. However, that pushes companies like CSIdentity to up their efforts even more. And when confused, the bots can always fall back on a swear word to throw off hackers in a profanity-riddled forums.

InHardFocus.com |

Your iPhone/iPad Password Can Be Hacked in Six Minutes

Friday, February 11, 2011 at 12:42PM

Think your iPhone/iPad is locked down with a passcode? Think again; passwords can be hacked in about six minutes.

Watch the scientists at the Fraunhofer Institute for Secure Information Technology test laboratory in Germany demonstrate this.

Within six minutes the institute’s staff was able to render the iPhone’s encryption void and decipher many passwords stored on it. If the iPhone is used for business purposes then the company’s network security may be at risk as well. The flawed security design affects all iPhone and iPad devices containing the latest firmware.

The testers did not have to break the 256-bit encryption to get to the passwords stored in the devices’ keychain. A weakness in the security design was used: The underlying secret the attacked password’s encryption is based on is stored in the device’s operating system. This means that the encryption is independent from the personal password, which is actually supposed to protect the access to the device.

Any device using the iOS operating system can be attacked in such a way, irrespective of the user’s password. As soon as attackers are in the possession of an iPhone or iPad and have removed the device’s SIM card, they can get a hold of e-mail passwords and access codes to corporate VPNs and WLANs as well. Control of an e-mail account allows the attacker to acquire even more additional passwords: For many web services such as social networks the attacker only has to request a password reset. Once the respective service returns the new password to the user’s e-mail account, the attacker has it as well.

InHardFocus.com |

WikiLeaks: China's Politburo Ordered Cyber Attacks on Google?

Thursday, December 9, 2010 at 9:01AM

The latest round of WikiLeaks' leaked cables contained some compelling information about the People’s Republic of China. The cables alleged that officials on the politburo’s standing committee may have ordered the cyber-attacks on Google that occurred in the beginning of this year.

On Tueday, China said it hoped revelations in U.S. diplomatic cables released by WikiLeaks would not affect ties with Washington.

"It is ridiculous and not worth mentioning," Foreign Ministry spokeswoman Jiang Yu said at regular news conference. "We hope they will not affect bilateral ties with the United States."

"The Chinese government’s ability to say one thing earnestly while everyone knows it’s doing the exact opposite fascinates me," wrote Laura Williams, a blogger for Security Products magazine.

Read the rest of her fascinating blog here.

InHardFocus.com |

Research Proves Hackers Can Take Control of Your Car

Friday, May 14, 2010 at 9:25AM

Researchers from the University of Washington and the University of California San Diego have proved that cars' functions can be hacked.

With cars increasing their connectivity to the Internet, the researchers were able to remotely control braking, stopping the engine and other functions, while cars were in motion and completely overriding the driver.

Their research paper, “Experimental Security Analysis of a Modern Automobile,” states, "We demonstrate that an attacker who is able to infiltrate virtually any electronic control unit can leverage this ability to completely circumvent a broad array of safety-critical systems."

InHardFocus.com |

3 Comments |

tagged

Hackers,

cars in

Safety

This work is licensed under a Creative Commons License.