Hackers Wiping Github and Other Repos
Hackers are attacking repositories of users on Github, Gitlab and Bitbucket, leaving a ransom note that says pay up if you want your software back.
The ransom isn’t much – around $500, – which may cause people to pay up rather than trying to recover the data, which I assume is their strategy.
One possibility is that users have the password embedded in other repositories in clear text and the hackers were able to find those passwords.
Key point here is to make sure that you have backups OF ALL OF YOUR CLOUD BASED DATA. Today it is Github; tomorrow it is something else. If you care about your data, make sure that it is securely backed up. Offline backups are best because it is hard to wipe something that is not connected. Source: Bleeping Computer.
Remember Shadow Brokers – China Already Had the Tools That Were Released
Remember all the fury a few years ago when Shadow Brokers released a whole bunch of NSA hacking tools? Symantec now says that China already had those tool a year earlier and was using them against others. Was NSA hacked? Apparently not – China captured the NSA tools that were being used on them and repurposed them.
It is hard to keep these tools under check. If you use them people will likely discover that fact and if they are motivated, they may use them against you. In this case, China used them hacking targets in at least 5 countries including one telecom carrier where they got access to hundreds of thousands or millions of private communications.
After Shadow Brokers released the tools, China felt even bolder to use them because now they weren’t secret any more and would soon be patched.
Keeping these secrets under wraps is basically impossible. Source: The NY Times.
Israel Blows Up Palestinian Hackers
In an unusual move, Israel blew up a building that it said was used by Hamas for cyber attacks – in direct response to current or future Hamas cyber attacks, according to a press release from the IDF.
Neither side is saying much beyond that Israel did blow up the building. No one is saying if there were casualties.
Apparently this facility was known to the Israelis. This points to the likely escalation of cyber war into kinetic war as large countries fear what small countries can do in cyberspace. This likely causes an escalation into cyber warriors operating out of spaces which would cause collateral damage if bombed, such as schools, hospitals and shopping malls. Source: Gizmodo.
A Few More Details On Cyber Attack Against Western US Power Utility
We are hearing a few more details about the cyber attack on a so-far unnamed western US power utility.
The attackers, it is now being anonymously reported disabled the utility’s Cisco ASAs. This is particularly scary since Cisco is pretty much the 800 pound gorilla in that space and their Adaptive Security Appliance is used by hundreds of thousands (or more) of businesses. It is certainly possible that the ASAs were configured insecurely or missing patches (security patches are typically not available to owners unless they have a paid up maintenance plan, which I HOPE an electric utility would have).
Given how critical the electrical grid is in the US and how fragile it is, this is a bit of a wake up call for those utilities (water, power, gas, phone, Internet, etc.) that have not yet drunk the security Kool-Aid. Source: EENews.
Navy May Be Getting Serious About Cybersecurity
Last year the Navy decided that having a CIO was superfluous and eliminated the position as unnecessary (See article). They decided that the Undersecretary of the Navy could manage all those pesky IT and security details in his spare time.
In March the Navy released a SCATHING report on how bad their cybersecurity really was. Now they are working on asking Congress to approve adding a position at the Assistant Secretary level, responsible for IT and security.
They also are looking at training (too basic) and discipline (can cyber-mistakes get you fired).
There is a report due June 1 outlining the roles, responsibilities and staffing for a Assistant secretary for cyber with a plan to role it out in July. March. June. July. This is amazingly fast for an organization as large as the Navy.
WHAT ARE THE OTHER SERVICES DOING? Source: Defense Systems.