Hacking never has the sizzle when it comes to terror or scandals, yet it is the cheapest and most effective means of destruction.
So, below are some items you cannot overlook.
A few weeks ago, the unclassified email and information system at the Pentagon, mostly used by the Joint Chiefs of Staff was taken offline due to suspicious malware activity. That system is back online as of this week after all clues pointed to the hack by Russians which led to up to 4000 Pentagon employees losing access to email.
***
Then it has been determined the Chinese have accessed top government officials private emails since 2010.
Chinese hackers have been accessing the private mails of some top United States officials since April of 2010, which coincides with Hillary Clinton’s tenure as secretary of state and her decision to use a private email server, Morning Joe’s Willie Geist reported Tuesday.
“The email grab, first code-named Dancing Panda, targeted top national security and trade officials,” Geist said. “It continued as late as 2014. The timing does overlap with Hillary Clinton’s time as secretary of state and her use of a private email server.”
“Many” top officials have been hacked, according to a high-level intelligence source and a top-secret document obtained by NBC News.
***
Now comes a global network of hacking and their successful and criminal activities.
Exposing a new front in cybercrime, U.S. authorities broke up an alleged insider trading ring that relied on computer hackers to pilfer corporate press announcements and then profited by trading on the sensitive information before it became public.
In morning raids in Georgia and Pennsylvania, federal agents arrested five men in the plot, while four others indicted on hacking and securities fraud charges remain at large.
The hackers, who are thought to be in Ukraine and possibly Russia, allegedly infiltrated the computer servers of PRNewswire Association LLC, Marketwired and Business Wire, a unit of Warren Buffett’s Berkshire Hathaway Inc., over a five-year period.
They siphoned more than 100,000 press releases including corporate data on earnings that could be used to anticipate stock market moves and make profitable trades. The hackers passed the information to associates in the U.S., who allegedly used it to buy and sell shares of dozens of companies, including Panera Bread Co., Boeing Co., Hewlett-Packard Co., Caterpillar Inc. and Oracle Corp., through retail brokerage accounts. A must read for the rest of the details is here.
***
Most chilling of all is the forward leaning and creative uses of drones.
LAS VEGAS, Nev. – Forget Facebook drones that broadcast Wifi. The future is drones that hack from above. A company called Aerial Assault has turned a quadcopter into a flying hacker that scans the world below for insecure devices and vulnerable Wifi ports. Its makers say they built the tool for penetration testing — to help “good guys” diagnose their own weaknesses — but they concede that with a bit of modification, it could be used to exploit those vulnerabilities and install malware from the air. This is why it’s paramount to get your I.T. network looked at by a penetration testing company, you may think this is a scary thing for your company to undergo however, it will actually prevent people (hackers) from stealing your companies information as all of the weak spots would of been identified and then rectified.
The unnamed drone, which may be the first unmanned aerial penetration tool for sale to the public, was on display at the DEF CON hacker conference here last week. It uses a small Raspberry Pi computer running the Kali Linux penetration tester software with the broadcast range extended by alpha radio antennas. It will retail for $2,500 when the Web site goes up in a few days, its makers say.
“We’ve set it up so it does some basic [penetration] testing stuff and coordinates all that data with GPS coordinates from the flight controller. From that, you can extend it with every type of capability that you want Kali Linux to do,” said David Jordan, a representative from Aerial Assault who was selling it on the floor at the DEF CON conference in Las Vegas, Nevada on Sunday.
While the drone isn’t specifically designed to distribute malware, Jordan acknowledged it could be modified to do so. “It is up to the user to decide what they do with it. If the user, they have Raspberry Pi with Kali on it, they can reprogram custom scripts. That’s good for doing more extensive [penetration] testing. But, you know, scripts can be whatever they are,” he said. “Our intended use is for pentesters to be able to diagnose vulnerabilities and help people understand what their Wifi accessibility is, even up in the air.”
