Category Archives: Department of Homeland Security

Cyber-attack on Power Grid Paralysis

Posted on by

Cyber Attacks on the Power Grid: The Specter of Total Paralysis

Posted in General Security, Hacking, Incident Response on July 27, 2015

The Incidents

Imagine that one day you wake up and trading is halted on the New York Stock Exchange (NYSE) floor; meanwhile systems at United Airlines and the Wall Street Journal newspaper appear out of order.

It is not a scene from a movie; it happened on July 8, when trading at the NYSE stopped around 11:30 a.m. ET.

According the media, the temporary interruption of the services mentioned was a fateful coincidence and the events are unrelated, but the incidents have raised once again the question of the real security of critical infrastructure.

White House spokesperson Josh Earnest confirmed that the incidents weren’t caused by cyber-attacks. President Obama had briefed on the glitch at NYSE by White House counterterrorism and Homeland Security adviser Lisa Monaco as well as Chief Of Staff Denis McDonough.

“It appears from what we know at this stage that the malfunctions at United and at the stock exchange were not the result of any nefarious actor,” said Department of Homeland Security Secretary Jeh Johnson. “We know less about the Wall Street Journal at this point except that their system is back up again as is the United Airline system.”

Which is the impact of a cyber-attack on a critical infrastructure? Are critical infrastructure actually secure?

A major attack on a critical infrastructure like a power grid would cause chaos in the country by interrupting vital services for the population.

The current scenario

The Stock Exchange, transportation, and media are critical to the infrastructure of a country. A contemporary failure of these systems could cause serious problems to the nation, especially when the incident is caused by a cyber-attack.

“I think the Wall Street Journal piece is connected to people flooding their web site in response to the New York Exchange to find out what’s going on.” FBI Director James Comey told the Senate Intelligence committee. “In my business we don’t love coincidences, but it does appear that there is not a cyber-intrusion involved.”

Sen. Bill Nelson, D-FL, the top Democrat on the cyber-security subcommittee, told Fox News that the NYSE incident has “the appearance” of a cyber-attack and noted the coordination of multiple sites.

Thus far, the temporary outage at the New York Stock Exchange, United Airlines and the Wall Street Journal’s website were the results of tech glitches, but we have to consider the US infrastructure remains vulnerable to cyber-attacks that would cause serious problems and would be costly.

To compound the scenario, there is the rapid increase in the number of cyber-attacks, at least of those we fail to detect, and its complexity.

The DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued its new ICS-CERT MONITOR report related to the period September 2014 – February 2015. The ICS-CERT MONITOR report

According to the report, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) received and responded to 245 incidents in Fiscal Year 2014, more than half of the incidents reported by asset owners and industry partners involved sophisticated APT. ICS/SCADA system were also targeted by other categories of threat actors, including cyber criminals, insider threats and hacktivists.

“Of the total number of incidents reported to ICS-CERT, roughly 55 percent involved advanced persistent threats (APT) or sophisticated actors. Other actor types included hacktivists, insider threats, and criminals. In many cases, the threat actors were unknown due to a lack of attributional data.” states the report.

Analyzing incidents reported by sector, it is possible to note that the majority of the attacks involved entities in the Energy Sector followed by Critical Manufacturing. About 30 percent of the incidents hit infrastructures in the energy sector, meanwhile Critical Manufacturing (i.e. manufacturing of vehicles and aviation and aerospace components) accounted for 27 percent.

The threat actors used a significant number of zero-day vulnerabilities to compromise industrial control systems through the exploitation of web application flaws.

The most common flaws exploited by attackers include authentication, buffer overflow, and denial-of-service . Noteworthy among ICS-CERT’s activities included the multi-vendor coordination that was conducted for the ”

“Noteworthy among ICS-CERT’s activities included the multi-vendor coordination that was conducted for the “Heartbleed” OpenSSL vulnerability. The team worked with the ICS vendor community to release multiple advisories, in addition to conducting briefings and webinars in an effort to raise awareness of the vulnerability and the mitigation strategies for preventing exploitation” states the ICS-CERT report to explain the coordination activities sustained by the agency to address principal vulnerabilities.

The ICS-CERT MONITOR report confirmed that the attackers used a vast range of methods for attempting to compromise control systems infrastructure, including:

Figure 1 – ICS -CERT Attack Methods

Unfortunately, it is quite difficult to attribute an incident to a specific threat actor. In the majority of cases, these offensives have gone under the radar over the years due to high level of sophistication of the Tactics, Techniques, and Procedures (TTPs).

The victims were not able to identify the threat actors. Neither the attack vector exploited by hackers for 38 percent of the reported incidents,

“Many more incidents occur in critical infrastructure that go unreported,” states the ICS-CERT MONITOR report. “Forensic evidence did not point to a method used for intrusion because of a lack of detection and monitoring capabilities within the compromised network”.

US power grid vulnerable to cyber attacks

The US power grid is a privileged target for various categories of attackers, terrorists, cyber criminals, and state-sponsored hackers. Daily, they threaten the backbone of the American society. Security experts and US politicians are aware that the national power grid is vulnerable to a terrorist attack.

“It’s possible; and whether it’s likely to happen soon remains to be seen,” explained by the former Secretary of Defense William Cohen on “The Steve Malzberg Show.”

Attackers have several options to hit a power grid, from a cyber-attack on SCADA systems to an EMP attack, according to Cohen.

“You can do it through cyber-attacks, and that’s the real threat coming up as well. We have to look at cyber-attacks being able to shut down our power grid, which you have to remember is in the private sector’s hands, not the government’s. And we’re vulnerable,” Cohen added. “It’s possible and whether it’s likely to happen soon remains to be seen.”

“That’s because the technology continues to expand and terrorism has become democratized. Many, many people across the globe now have access to information that allows them to be able to put together a very destructive means of carrying out their terrorist plans. We’re better at detecting than we were in the past. We’re much more focused in integrating and sharing the information that we have, but we’re still vulnerable and we’ll continue to be vulnerable as long as groups can operate either on the margins or covertly to build these kind of campaigns of terror.” said Cohen.

Former Department of Homeland Security Secretary Janet Napolitano shared Cohen’s concerns. A major cyber-attack the power grid was a matter of “when,” not “if.”

State-sponsored hackers, cyber terrorists are the main threat actors, but as confirmed by a recent research conducted by TrendMicro, also the cybercrime represents a serious menace.

Former senior CIA analyst and EMP Task Force On National Homeland Security Director, Dr. Peter Vincent Pry, told Newsmax TV that that a cyber attack against the power grid could cause serious destruction and loss of life.

Not only US power grid are under attack. In January 2015, the British Parliament revealed that UK Power Grid is under cyber-attack from foreign hackers, but the emergency is for critical infrastructure worldwide.\

Figure 2 – SCADA control room

Arbuthnot confirmed the incessant attacks on national critical infrastructure and he doesn’t exclude a major incident, despite the enormous effort spent at the National Grid.

“Our National Grid is coming under cyber-attack not just day-by-day but minute-by-minute,” Arbuthnot, whose committee scrutinized the country’s security policy, told a conference in London last year. “There are, at National Grid, people of very high quality who recognize the risks that these attacks pose, and who are fighting them off,” he said, “but we can’t expect them to win forever.”

The power grid is a vital system for our society and the cyber strategy of every government must consider its protection a high priority, a terror attack would leave entire countries sitting in the dark.

A hypothetical attack scenario and estimation of the losses

What will happen in case of a cyber-attack on a critical infrastructure in the US? Which is the economic impact of a cyber-attack against a power grid?

According to a poll conducted by researchers at the Morning Consult firm from May 29 to May 31, cyber-attacks are just behind terrorism attacks on the list of biggest threats to US. The research allowed the experts to estimate that the insurance industry could face losses of about $21 billion. That poll was conducted by interviewing a national sample of 2,173 registered voters.

Nearly 36 percent of voters consider acts of terrorism at the top of a list of major security threats, followed by cyber-attacks at 32 percent.

Figure 3- Morning Consult firm poll results

The Lloyd’s of London has conducted a very interesting study, Business Blackout, that describes the impacts of a cyber-attack on the national power grid.

It is the first time that the insurance industry has elaborated on a similar report. Obviously, the estimates provided are merely indicative due to the large number of factors that can influence the costs.

According to the report prepared by Lloyd’s of London in a joint effort with the University of Cambridge’s Centre for Risk Studies, cyber-attacks would have a catastrophic impact on multiple types of insurance.

The attack scenario described by Business Blackout illustrates the effects of a malware-based attack on systems that controls the national power grid. The attack causes an electrical blackout that plunges 15 US states and principal cities, including New York City and Washington DC, into darkness. Nearly 93 million people will remain without power in the scenario hypothesized by the study.

The attackers spread the ‘Erebos’ Trojan through the network with the effect of compromising the electricity generation control rooms in several locations in the Northeastern United States.

According to the researchers, the attack will cause health and safety systems to fail, disrupting water supplies as electric pumps fail. The chaos will reign causing the failure of main services, including transportation. The malware is able to infect the Internet and search and compromise 50 generators that it will destroy, causing prolonged outages in the region.

The total of claims paid by the insurance industry has been estimated to be included in the interval comprised between $21.4b and $71.1b, depending on the evolution of the scenarios designed by the researchers.

The researchers involved in the simulation have calculated the economic losses could range from $243 million to $1 trillion, depending on the number of components in the power grid compromised by the attack.

“Economic impacts include direct damage to assets and infrastructure, decline in sales revenue to electricity supply companies, loss of sales revenue to business and disruption to the supply chain. The total impact to the US economy is estimated at $243bn, rising to more than $1trn in the most extreme version of the scenario.” states the report.

The experts analyzed the historical outages, estimating that currently the power interruptions, most of which last five minutes or less, already cost the US about $96 billion. The cost related to a prolonged outage is likely to be included in the range of $36 billion to $156 billion. The Commercial and industrial sectors are the sectors most impacted by the attack on the power grid due to their dependency on the electricity supply.

“Evidence from historical outages and indicative modelling suggests that power interruptions already cost the US economy roughly $96bn8 annually.9 However, uncertainty and sensitivity analysis suggest this figure may range from $36b to $156b.” continues the report. “Currently over 95% of outage costs are borne by the commercial and industrial sectors due to the high dependence on electricity as an input factor of production.”

As explained in the report, it is important to identify the risks related to a possible cyber-attack and adopt all the necessary measures to mitigate them. The protection of critical infrastructure like a power grid is an essential part of the cyber strategy of any Government.

America has Been Latinized

Posted on by

Census: Record 42.1 million immigrants in U.S., Mexicans drive latest surge

by Paul Bedard

A new analysis of legal and illegal immigrant counts by the Census Bureau revealed Thursday that there is a record 42.1 million in the United States, an explosion that is being driven by Mexicans flooding across the border.

In a report provided to Secrets by the Center for Immigration Studies, the total immigrant population surged 1.7 million since 2014. The growth was led in the last year by an additional 740,000 Mexican immigrants.

The 42.1 million tabulated by Census in the second quarter represent over 13 percent of the U.S. population, the biggest percentage in 105 years.

What’s more, the numbers of immigrants coming and going from the U.S. is actually higher since many return home every years, said the report. “For the immigrant population to increase by one million means that significantly more than one million new immigrants must enter the country because some immigrants already here return to their homeland each year and natural mortality totals 250,000 annually,” said the Center.

The stunning growth is sure to pour fuel on the already white-hot immigration debate in Congress and on the presidential campaign trail.

“Illegal immigration came up in the presidential debates, but there has been little discussion of the level of immigration; this at a time when total immigration is surging according to the latest data,” said Steven Camarota, co-author of the report and the Center for Immigration’s director of research.

“The rapid growth in the immigrant population was foreseeable given the cutbacks in enforcement, our expansive legal immigration system, and the improvement in the economy. But the question remains, is it in the nation’s interest?” he added.

Some key findings in the new report:

• The nation’s immigrant or foreign-born population, which includes legal and illegal immigrants, grew by 4.1 million from the second quarter of 2011 to the second quarter of 2015 — 1.7 million in just the last year.

• Growth in the last year was led by a rebound in the number of Mexican immigrants, which increased by 740,000 from 2014 to 2015 — accounting for 44 percent of the increase in the total immigrant population in the last year.

• The total Mexican immigrant population (legal and illegal) reached 12.1 million in the second quarter of 2015 — the highest quarterly total ever.

• The Department of Homeland Security and other researchers have estimated that eight in 10 illegal immigrants are from Mexico and Latin America, so the increase in immigrants from these countries is an indication that illegal immigration has begun growing again.

Much of the new immigration is due to the explosion of green cards and the flood of younger Latin Americans leaving troubled situations back home.

Many companies, meanwhile are taking advantage of the immigrants and replacing higher paid Americans with cheaper immigrant labor, even in skilled jobs.

Polls, meanwhile, show that the public wants action to stop the surge of illegal immigrants, an issue picked up by some of the Republicans running for president such as Sen. Ted Cruz and Donald Trump.

Additional numbers assessments and trends:

When it comes to the U.S. population, the “mainstream” is shifting from white to multicultural. In 1980, the U.S. was 80% white/non-multicultural. By 2012, that proportion had decreased to 64%. And in the years to come, the multicultural, non-white population will account for larger and larger percentages of the population.

Multicultural America is becoming more Latino. Hispanics, African-Americans, and Asians represented just 20% of the population in 1980. By 2012, that percentage nearly doubled to 36%. Over that more than twenty year period, Hispanics have grown to represent a much larger proportion of the multicultural population. They were 32% of the multicultural segment in 1980 — and grew to 47% in 2012.

By 2050, there will be as many young Latinos in the U.S. as white non-Hispanics. Unlike waves of past immigrants, Hispanics will grow to be equal in size to the host population. In 1980, non-Hispanic whites were 74% of the under-18 population and Hispanics were 9%. By 2050, the two groups will be even, with both projected to represent 36% of the population under 18.

Already, Hispanics are the engine of growth for the 18-34 demographic. From 2015 to 2020, Hispanics 18-34 are projected to increase by over 1.8 million. Over that same period for that age group, non-Hispanic whites will decrease in size by nearly 1.3 million. Blacks and Asians will also grow – but on a much smaller scale (by 84,000 and 267,000, respectively).

The youth population is very Latino. Today, Hispanics represent more than 1 in 5 people under 35. And that proportion rises when it comes to the very young: Latinos account for almost 1 in 4 births in the U.S.

Growth fueled by the second generation. Hispanic population increases are expected to come from immigration and births in the US — but the majority will come from US births. The Census projects that from 2012 to 2050, the US-born Hispanic population will increase at 5 times the rate of foreign-born Hispanics. And while today the US-born group is about 65% larger than foreign-born, in 2050 there will be nearly 4 times more US-born Hispanics than foreign-born.

The second generation is already taking over the 18-34 demographic – and the pace is only going to pick up. Hispanics 18-24 skew heavily US-born, while more than half of 25-29s and 30-34s are foreign-born. By 2020, 85% of 18-24s and 61% of 25-29s will be US-born (and 30-34s will still be more foreign-born (55%).

A mega wave of second-generation Latinos is heading into the key advertiser demos. More than 90% of Hispanic kids under 11 were born in the US – and 6 million of them are second generation. As they get older, they will shape the market in new ways. Every year, nearly 550,000 second-generation Latinos are entering the teen demographic.

Hillary Email Server Timeline and Facts

Posted on by

Like everyone else, tracking the pieces of this scandal takes imagination and could require a spreadsheet that includes names and dates. So, below will be some facts and dates and for sure could be amended as more developments are realized.

1. Bill Clinton had/has his own server dedicated to Clinton business, Foundation operations and speeches.

2. Hillary needed an IT based system during the time she was running for president in 2008, could not use the existing server due to capacity limitations, so she bought yet another which came with an IT person.

3. Server 2 was installed in the basement of the Chappaqua home and managed by a person listed as Eric Hoteham. Likely the real name is Eric Hothem, who was a DC stockbroker and a Democrat fundraiser that worked for Bill. Eric was also an aide to Hillary during her time as First Lady.

4. Several email addresses were created on the 2nd server where they had some numbers assigned like [email protected]. Several identified run from 18-22 but leads to a question ‘were there email addresses created 1-17? There is also a strange email address on the server known as [email protected]. It should be noted that Guccifer hacked the email address of hdr22.

5. Hillary used several communications devices: a Blackberry which is government issued, an iPad and an IPhone. Questions include, were any of these fitted with encryption features, including her server(s)? So far that answer is no.

6. In the handful of emails released to date as required by the Judge via the State Department, Hillary did not know how to use email and there was a time when the server was down which caused issues for Huma Abedin.

7. In June of 2013, the Hillary team went to an outside IT provider known as Platte River, located in Denver. All electronic communications were moved to Platte River and the Hillary server was moved to a data center in New Jersey and subsequently wipe clean. Now the question is what the Denver IT company Platte River providing redundant services and or an encryption platform to protect classified data for the emails? So far the company is not responding to media questions. The decision to transfer the server services was at the same time the emails that included Sidney Blumenthal were hacked by Guccifer.

6. Two weeks ago, the FBI made a call to Platte River to determine the basis of their work for the Hillary communications platform. On Thursday of last week, Hillary’s lawyer, David Kendall surrendered the 3 thumb drives to the FBI. On Wednesday of this week, the FBI took control of the server located in New Jersey.

7. The recent 2 of 4 emails in question that were marked with the top secret classifications due in part that they included geo-spatial information were sent via a compartmentalized system to the State Department. From State Dept., they were then removed from the protected compartmentalized system and sent to the uncertified Hillary system. All the top secret designations were removed, which is a felony.

8. David Kendall, the Hillary lawyer who maintained the 3 thumb drives was also the lawyer of record for General David Petraeus during his email investigation.

9. All of government uses the same ‘sensitive compartmented information security procedures and there is a manual.

10. Additional details on Hillary email server scandals can be found here.

11. Hillary Clinton statements on the email scandals proving the lies so far.

12. Wrap up to date on the server and the law.

13. Huma Abedin, Hillary’s personal aide and confidant has lawyered up with Karen Dunn on two fronts, the overpayment of $10,000 and for the email scandals.

14. In a recent batch of Hillary emails released was an inquiry about a book describing how to delete emails and the consequences that could result in a jail term.

California: Pay Bribe for Drivers License

Posted on by

California Governor Jerry Brown is perpetuating a national security crisis and yet no one in any Federal capacity is even considering discipline, a memo or other consequence.

Governor Brown opened the pathway for 1.4 million illegals to get a drivers license while others pay a bribe in the case they cannot read English or pass a written test.

In 2010, the illegal phenomena began by the Obama administration when it came to omitting background investigations of illegals and the trucking industry took notice.

Eleven employees of New York’s Department of Motor Vehicles have received indictments for participation in a fraudulent CDL testing scheme.

Brooklyn’s U.S. District Court issued indictments Oct. 24 for 11 DMV security workers at five NYC-area centers. Applicants allegedly paid $1,800 to $2,500 for test answers and escort assistance through the DMV process.

There was and continues to be a mission to stop illegal trucking with the mission statement noted here.

California DMV employees allegedly traded cash for licenses

FNC: At least 100 commercial truck drivers paid up to $5,000 each to bribe California Department of Motor Vehicles employees for illegal licenses, federal authorities said on Tuesday.

Officials said up to 23 traffic accidents could be related to the fraud, though there were no fatalities.

Emma Klem, a 45-year-old Salinas DMV employee, and trucking school owner Kulwidner Dosanjh Singh, 58, both pleaded guilty Tuesday to commit bribery and identity fraud, U.S. Attorney Benjamin Wagner said.

Two other DMV employees in Salinas and Sacramento and two other Central Valley trucking school operators have been arrested on similar charges.

The employees changed computer records to falsely show that drivers had passed written and behind-the-wheel tests after they were bribed by the owners of three truck-driving schools between June 2011 and March 2015, according to court documents.

“Individuals who use their positions to obtain commercial drivers’ licenses for unskilled and untested drivers jeopardize our nation’s security and safety. Allowing unqualified drivers to operate heavy commercial trucks on our highways is honestly quite chilling,” said Carol Webster, acting assistant special agent in charge of the U.S. Homeland Security Investigations office in Sacramento.

 

DMV examiners Andrew Kimura, 30, of Sacramento and Robert Turchin, 65, of Salinas were indicted last week on charges of conspiracy, bribery and fraud in connection with identification documents, along with trucking school owners Pavitar Dosangh Singh, 55, of Sacramento, and Mangal Gill, 55, of San Ramon.

Pavitar Singh and Kimura have pleaded not guilty, while Turchin and Gill are expected to be arraigned on Friday in U.S. District Court in Sacramento.

Kimura’s attorney, William Portanova, said his client is a good person caught in an unfortunate situation, “but we’re going to work through it and help this young man.”

Class A commercial drivers’ licenses are required to operate trucks, including 18-wheel cargo semitrailers. They are tougher to obtain than regular driver licenses. Applicants must pass both a written test and a behind-the-wheel test that is offered at a limited number of DMV locations, including Salinas.

The DMV has canceled or revoked more than 600 licenses that are potentially linked to fraud, including 100 that were pinpointed by investigators, DMV chief investigator Frank Alvarez said. Drivers can retake the tests, sometimes after a hearing, and Wagner said none are likely to be prosecuted during the ongoing probe because investigators are targeting the organizers.

It is the latest in several similar bribery schemes in recent years, including a Fresno case involving 15 people that resulted in a sentence of more than five years in federal prison for the DMV ringleader in 2013.

Alvarez said his department is considering additional safeguards to prevent employees from altering computer records, and it’s attempting to better screen its 10,000 employees and the way it issues commercial drivers’ licenses as it tries to prevent more bribery and fraud crimes.

The charges filed in federal court in Sacramento allege three separate conspiracies. Two of them purportedly involved Gill, who owns trucking schools in Fremont, Lathrop, Fresno and Salinas.

The third involved Pavitar Singh, owner of a school in Sacramento. His attorney, Anthony Capozzi of Fresno, and an attorney for Klem did not return telephone messages.

Christopher Morales of San Francisco, attorney for Kulwinder Singh, said his client is a good family man who recognizes that he erred when he “took shortcuts” to help members of the Indian community who had trouble passing the tests.

His client and Klem face up to five years in prison when they are sentenced Nov. 17.

No attorneys were listed for the two defendants who have yet to appear in court

ISIS Hacking Division Takes on Military and Govt Personnel

Posted on by

Alleged ISIS leak compromises hundreds of U.S. military & intelligence emails — Dept of Defense is ‘looking into it’

and

The top of the page containing the leak appears to show an unconfirmed link to ISIS

Above: The top of the page containing the leak appears to show an unconfirmed link to ISIS

A Twitter account claiming to be the “IS Hacking Division” has published what appears to be an extensive directory of government emails, passwords, credit cards, phone numbers, and addresses spanning U.S. military departments and divisions, the FBI, U.S. embassies, the Library of Congress, U.S. city officials, the British Embassy, the FTC, and NASA, as well as possible personnel at Wells Fargo.

VentureBeat is able to confirm that the U.S. Department of Defense is “looking into” this alleged hack. We’ve also independently verified that at least several of the items included on that list contained accurate information, but that several of the people were not aware that the leak had occurred.

Other details in the document appear inaccurate or outdated; it lists two Intel Corporation email accounts which apparently do not exist in Intel’s “company email directory,” an Intel spokesperson told VentureBeat.

IS hacking division tweet

The content was published onto a site entitled “zonehmirrors.org,” a domain which was registered under the name Redi Alberto in the city of Lugano, Switzerland.

ISIS Group Claims to Have Hacked Information on U.S. Military Personnel
NBC: A hacker group claiming to be affiliated with the terror organization ISIS on Tuesday posted what it said was the personal information of hundreds of members of the military and government personnel, and urged terrorists to carry out attacks.

Flashpoint Intelligence, a global security firm and NBC News consultant, said it could not authenticate the claim by the so-called “Islamic State Hacking Division” or the accuracy of the information. Islamic State is another name by which ISIS is known.
The Twitter account used has been affiliated with infamous ISIS fighter Abu Hussain Al Britani, Flashpoint said. The account has since been suspended.

The group claimed the information contained names, emails, passwords, and phone numbers of personnel that included individuals from the Air Force, the Marines, NASA and the Port Authority of New York and New Jersey. There is no indication as to how old the information is, or whether the email addresses and passwords are still valid.

“We are aware of the report but cannot confirm credibility at this time,” a spokesperson for the Department of Defense said in an email. “The safety of our service members is always a primary concern.”

The group had previously claimed it hacked American servers and distributed information on military personnel, but analysts believe that claim was overstated, and the information was instead culled from freely available social media accounts, Flashpoint said.
T he information released Tuesday also included the purported credit card information of several U.S. State Department officials as well as screenshots of private Facebook messages between purported U.S. servicememebers.

Flashpoint analysts said the “hack” — if true — could be significant as it would represent a growing effort by pro-ISIS groups to distribute personal information that could be used in lone-wolf attacks.

The list of those hacked with names, locations, government divisions, embassies and P/W’s is here.  I was just notified that the original link has been taken offline, after some searching I located this link. http://tu3ek4yox26tber2.onion.nu/   Consider the risk if you choose to open it.