Connect with us

Hacking

Cyberwar raging for a week. Honestly, it is.

Published

on

Cybercrime police forces in at least five countries, and global web companies are trying to combat a global threat to the reliability and integrity of the web. Under fire in a Denial of Service attack is Geneva based spam watchdog and blacklist compiler Spamhaus and content delivery network CloudFlare, and as a result, global internet response has slowed significantly, effecting media services and and hosting companies. The attack appears to have started around a week ago, and continues although re-routing of web traffic appears to be mitigating impact on web users.

CloudFlare, who route internet traffic and provide security and addressing services on the web do so via more than twenty data-centres. They have been re-routing traffic with reports indicating that initial attacks impacted Frankfurt, Amsterdam and London traffic particularly. Today, London and Sydney appear to be the locations bearing the brunt of the Denial-of-Service attack, but the CloudFlare system status does indicate that almost all other locations are working as normal. A small but incredibly innovative company, CloudFlare, named as Most Innovative Network & Internet Technology Company of 2011 by the Wall Street Journal and drew comment fromThe World Economic Forum (WEF) for their innovative algorithms and innovation in its Technology Pioneers 2012 report.

“CloudFlare streamlines its members’ Web traffic through a dozen servers around the world, optimizing the data stream in the process while shielding it from the parasites and predators that increasingly contribute to Web congestion. On the average, websites that join the CloudFlare community and use its intelligent network operate at double the speed of conventional Internet traffic.”

— http://reports.weforum.org/technology-pioneers-2012/

In June 2012, the hacker group UGNazi attacked CloudFlare and this attack on Spamhaus and CloudFlare is motivated by the decision of Spamhaus to black-list the traffic from Dutch internet firm CyberBunker.

Cyberbunker is a web-host who host a diverse and questionable mix of websites and content, and Spamhaus’s blacklisting of their servers has motivated a co-ordinated response from primarily Eastern Europe based activists, many of whom are thought to be unconnected to the substantive issue – that Cyberbunker has been carrying masses of spam traffic – billions of email messages – on the web everyday, which continues to have a real economic impact on businesses and consumers globally. So thankfully CloudFlare, and others are out there tonight, in the dark, making things a little e-safer.

External links & references

  1. Spamhaus statements
  2. BBC Coverage
  3. Richard Boscovich @ Microsoft Digital Crimes Unit
  4. CloudFlare system status
  5. British Government grant aid SME security

 

Cyberwar image by: marsmet tallahassee

Hacking

Australia’s central bank hacked? Not quite.

In response to media reports that the The Reserve Bank of Australia’s network had been compromised, the nation’s central bank confirmed it regularly consults with the Defence Signals Directorate as well as using the expertise of private firms. The DSD, headquartered in Camberra, Australia, was formed in World War II to work primarily on radio signal interception and direction-finding. In January 2010 the DSD established the Cyber Security Operations Centre focussing on detection and prevention of ICT security threats to critical Australian systems, and coordinate a response to those threats across government and and the private sector.

Published

on

In response to media reports that the The Reserve Bank of Australia’s network had been compromised, the nation’s central bank confirmed it regularly consults with the Defence Signals Directorate as well as using the expertise of private firms.

The DSD, headquartered in Camberra, Australia, was formed in World War II to work primarily on radio signal interception and direction-finding. In January 2010 the DSD established the Cyber Security Operations Centre focussing on detection and prevention of ICT security threats to critical Australian systems, and coordinate a response to those threats across government and and the private sector.

Media reports today, based on Freedom of Information requests indicate that rather than a full-scale hacking incident, a malware virus was delivered via a compressed ZIP file to a number of computers on the bank’s network, bypassing the anti-virus software in use at the bank. It’s believed six employees opened the email, compromising their PCs which have since been removed from the network. It appears the email was opened as it was well written and addressed to specific staff – as a result it was not easily identified as suspicious by the staff members. The PCs affected did not have administrator rights, so the virus was unable to forward itself or spread on the wider bank network, which may have caused a more widespread issue for the bank.

“As reported in today’s media, the Bank has on occasion been the target of cyber attacks. The Bank has comprehensive security arrangements in place which have isolated these attacks and ensured that viruses have not been spread across the Bank’s network or systems. At no point have these attacks caused the Bank’s data or information to be lost or its systems to be corrupted. The Bank’s IT systems operate safely, securely and with a high degree of resilience.”

— Reserve Bank of Australia, Media Office

 

In January 2013, Australian Prime Minister Julia Gillard announced a new Australian Cyber Security Centre (ACSC) for Canberra, that would use the cumulative resources and skills of a number of organisations with SIGINT and other cyber-security skills. The new Centre will include cyber security operational capabilities from the Defence Signals Directorate, Defence Intelligence Organisation, Australian Security Intelligence Organisation, the Attorney-General’s Department’s Computer Emergency Response Team Australia, Australian Federal Police and the Australian Crime Commission. The centre will analyse the nature and potential extent of cyber threats, and be teh lead organisation in formulating  Government’s response to cyber-security threats.

It will work closely with critical infrastructure sectors and industry partners to protect valuable networks and systems. The centre will also provide advice and support to develop preventative strategies to counter cyber threats not only for government but for industry, much as MI5 do in the UK or Homeland Security’s Computer Emergency Readiness Team in the USA.

In 2011-12, there were more than 400 cyber incidents against Australian government systems requiring a significant response by the Cyber Security Operations Centre with over five million Australian citizens falling victim to cyber crime with an estimated cost to the economy of $1.65 billion in 2012. 

External links & References

  1. Releases on scams @ Reserve Bank of Australia
  2. Press Release on this cybersecurity incident
  3. Cyber Security Operations Centre : CSOC
  4. Signal Intelligence [SIGINT] : Wikipedia
Continue Reading

Popular

Copyright © 2014 redcert.com

Skip to toolbar