Category Archives: Russia

Cyber-attack on Power Grid Paralysis

Posted on by

Cyber Attacks on the Power Grid: The Specter of Total Paralysis

Posted in General Security, Hacking, Incident Response on July 27, 2015

The Incidents

Imagine that one day you wake up and trading is halted on the New York Stock Exchange (NYSE) floor; meanwhile systems at United Airlines and the Wall Street Journal newspaper appear out of order.

It is not a scene from a movie; it happened on July 8, when trading at the NYSE stopped around 11:30 a.m. ET.

According the media, the temporary interruption of the services mentioned was a fateful coincidence and the events are unrelated, but the incidents have raised once again the question of the real security of critical infrastructure.

White House spokesperson Josh Earnest confirmed that the incidents weren’t caused by cyber-attacks. President Obama had briefed on the glitch at NYSE by White House counterterrorism and Homeland Security adviser Lisa Monaco as well as Chief Of Staff Denis McDonough.

“It appears from what we know at this stage that the malfunctions at United and at the stock exchange were not the result of any nefarious actor,” said Department of Homeland Security Secretary Jeh Johnson. “We know less about the Wall Street Journal at this point except that their system is back up again as is the United Airline system.”

Which is the impact of a cyber-attack on a critical infrastructure? Are critical infrastructure actually secure?

A major attack on a critical infrastructure like a power grid would cause chaos in the country by interrupting vital services for the population.

The current scenario

The Stock Exchange, transportation, and media are critical to the infrastructure of a country. A contemporary failure of these systems could cause serious problems to the nation, especially when the incident is caused by a cyber-attack.

“I think the Wall Street Journal piece is connected to people flooding their web site in response to the New York Exchange to find out what’s going on.” FBI Director James Comey told the Senate Intelligence committee. “In my business we don’t love coincidences, but it does appear that there is not a cyber-intrusion involved.”

Sen. Bill Nelson, D-FL, the top Democrat on the cyber-security subcommittee, told Fox News that the NYSE incident has “the appearance” of a cyber-attack and noted the coordination of multiple sites.

Thus far, the temporary outage at the New York Stock Exchange, United Airlines and the Wall Street Journal’s website were the results of tech glitches, but we have to consider the US infrastructure remains vulnerable to cyber-attacks that would cause serious problems and would be costly.

To compound the scenario, there is the rapid increase in the number of cyber-attacks, at least of those we fail to detect, and its complexity.

The DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued its new ICS-CERT MONITOR report related to the period September 2014 – February 2015. The ICS-CERT MONITOR report

According to the report, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) received and responded to 245 incidents in Fiscal Year 2014, more than half of the incidents reported by asset owners and industry partners involved sophisticated APT. ICS/SCADA system were also targeted by other categories of threat actors, including cyber criminals, insider threats and hacktivists.

“Of the total number of incidents reported to ICS-CERT, roughly 55 percent involved advanced persistent threats (APT) or sophisticated actors. Other actor types included hacktivists, insider threats, and criminals. In many cases, the threat actors were unknown due to a lack of attributional data.” states the report.

Analyzing incidents reported by sector, it is possible to note that the majority of the attacks involved entities in the Energy Sector followed by Critical Manufacturing. About 30 percent of the incidents hit infrastructures in the energy sector, meanwhile Critical Manufacturing (i.e. manufacturing of vehicles and aviation and aerospace components) accounted for 27 percent.

The threat actors used a significant number of zero-day vulnerabilities to compromise industrial control systems through the exploitation of web application flaws.

The most common flaws exploited by attackers include authentication, buffer overflow, and denial-of-service . Noteworthy among ICS-CERT’s activities included the multi-vendor coordination that was conducted for the ”

“Noteworthy among ICS-CERT’s activities included the multi-vendor coordination that was conducted for the “Heartbleed” OpenSSL vulnerability. The team worked with the ICS vendor community to release multiple advisories, in addition to conducting briefings and webinars in an effort to raise awareness of the vulnerability and the mitigation strategies for preventing exploitation” states the ICS-CERT report to explain the coordination activities sustained by the agency to address principal vulnerabilities.

The ICS-CERT MONITOR report confirmed that the attackers used a vast range of methods for attempting to compromise control systems infrastructure, including:

Figure 1 – ICS -CERT Attack Methods

Unfortunately, it is quite difficult to attribute an incident to a specific threat actor. In the majority of cases, these offensives have gone under the radar over the years due to high level of sophistication of the Tactics, Techniques, and Procedures (TTPs).

The victims were not able to identify the threat actors. Neither the attack vector exploited by hackers for 38 percent of the reported incidents,

“Many more incidents occur in critical infrastructure that go unreported,” states the ICS-CERT MONITOR report. “Forensic evidence did not point to a method used for intrusion because of a lack of detection and monitoring capabilities within the compromised network”.

US power grid vulnerable to cyber attacks

The US power grid is a privileged target for various categories of attackers, terrorists, cyber criminals, and state-sponsored hackers. Daily, they threaten the backbone of the American society. Security experts and US politicians are aware that the national power grid is vulnerable to a terrorist attack.

“It’s possible; and whether it’s likely to happen soon remains to be seen,” explained by the former Secretary of Defense William Cohen on “The Steve Malzberg Show.”

Attackers have several options to hit a power grid, from a cyber-attack on SCADA systems to an EMP attack, according to Cohen.

“You can do it through cyber-attacks, and that’s the real threat coming up as well. We have to look at cyber-attacks being able to shut down our power grid, which you have to remember is in the private sector’s hands, not the government’s. And we’re vulnerable,” Cohen added. “It’s possible and whether it’s likely to happen soon remains to be seen.”

“That’s because the technology continues to expand and terrorism has become democratized. Many, many people across the globe now have access to information that allows them to be able to put together a very destructive means of carrying out their terrorist plans. We’re better at detecting than we were in the past. We’re much more focused in integrating and sharing the information that we have, but we’re still vulnerable and we’ll continue to be vulnerable as long as groups can operate either on the margins or covertly to build these kind of campaigns of terror.” said Cohen.

Former Department of Homeland Security Secretary Janet Napolitano shared Cohen’s concerns. A major cyber-attack the power grid was a matter of “when,” not “if.”

State-sponsored hackers, cyber terrorists are the main threat actors, but as confirmed by a recent research conducted by TrendMicro, also the cybercrime represents a serious menace.

Former senior CIA analyst and EMP Task Force On National Homeland Security Director, Dr. Peter Vincent Pry, told Newsmax TV that that a cyber attack against the power grid could cause serious destruction and loss of life.

Not only US power grid are under attack. In January 2015, the British Parliament revealed that UK Power Grid is under cyber-attack from foreign hackers, but the emergency is for critical infrastructure worldwide.\

Figure 2 – SCADA control room

Arbuthnot confirmed the incessant attacks on national critical infrastructure and he doesn’t exclude a major incident, despite the enormous effort spent at the National Grid.

“Our National Grid is coming under cyber-attack not just day-by-day but minute-by-minute,” Arbuthnot, whose committee scrutinized the country’s security policy, told a conference in London last year. “There are, at National Grid, people of very high quality who recognize the risks that these attacks pose, and who are fighting them off,” he said, “but we can’t expect them to win forever.”

The power grid is a vital system for our society and the cyber strategy of every government must consider its protection a high priority, a terror attack would leave entire countries sitting in the dark.

A hypothetical attack scenario and estimation of the losses

What will happen in case of a cyber-attack on a critical infrastructure in the US? Which is the economic impact of a cyber-attack against a power grid?

According to a poll conducted by researchers at the Morning Consult firm from May 29 to May 31, cyber-attacks are just behind terrorism attacks on the list of biggest threats to US. The research allowed the experts to estimate that the insurance industry could face losses of about $21 billion. That poll was conducted by interviewing a national sample of 2,173 registered voters.

Nearly 36 percent of voters consider acts of terrorism at the top of a list of major security threats, followed by cyber-attacks at 32 percent.

Figure 3- Morning Consult firm poll results

The Lloyd’s of London has conducted a very interesting study, Business Blackout, that describes the impacts of a cyber-attack on the national power grid.

It is the first time that the insurance industry has elaborated on a similar report. Obviously, the estimates provided are merely indicative due to the large number of factors that can influence the costs.

According to the report prepared by Lloyd’s of London in a joint effort with the University of Cambridge’s Centre for Risk Studies, cyber-attacks would have a catastrophic impact on multiple types of insurance.

The attack scenario described by Business Blackout illustrates the effects of a malware-based attack on systems that controls the national power grid. The attack causes an electrical blackout that plunges 15 US states and principal cities, including New York City and Washington DC, into darkness. Nearly 93 million people will remain without power in the scenario hypothesized by the study.

The attackers spread the ‘Erebos’ Trojan through the network with the effect of compromising the electricity generation control rooms in several locations in the Northeastern United States.

According to the researchers, the attack will cause health and safety systems to fail, disrupting water supplies as electric pumps fail. The chaos will reign causing the failure of main services, including transportation. The malware is able to infect the Internet and search and compromise 50 generators that it will destroy, causing prolonged outages in the region.

The total of claims paid by the insurance industry has been estimated to be included in the interval comprised between $21.4b and $71.1b, depending on the evolution of the scenarios designed by the researchers.

The researchers involved in the simulation have calculated the economic losses could range from $243 million to $1 trillion, depending on the number of components in the power grid compromised by the attack.

“Economic impacts include direct damage to assets and infrastructure, decline in sales revenue to electricity supply companies, loss of sales revenue to business and disruption to the supply chain. The total impact to the US economy is estimated at $243bn, rising to more than $1trn in the most extreme version of the scenario.” states the report.

The experts analyzed the historical outages, estimating that currently the power interruptions, most of which last five minutes or less, already cost the US about $96 billion. The cost related to a prolonged outage is likely to be included in the range of $36 billion to $156 billion. The Commercial and industrial sectors are the sectors most impacted by the attack on the power grid due to their dependency on the electricity supply.

“Evidence from historical outages and indicative modelling suggests that power interruptions already cost the US economy roughly $96bn8 annually.9 However, uncertainty and sensitivity analysis suggest this figure may range from $36b to $156b.” continues the report. “Currently over 95% of outage costs are borne by the commercial and industrial sectors due to the high dependence on electricity as an input factor of production.”

As explained in the report, it is important to identify the risks related to a possible cyber-attack and adopt all the necessary measures to mitigate them. The protection of critical infrastructure like a power grid is an essential part of the cyber strategy of any Government.

Russia Propaganda at Work Blaming MH17 on U.S.

Posted on by

Not all propaganda is created equal. For every piece of elegantly crafted misinformation meant to sway hearts and minds, there is spin so poorly produced that it borders on the absurd. Case in point, a comically bad audio recording released by the Russian tabloid Komsomolskaya Pravda on Wednesday of two alleged CIA agents conspiring to bring down Malaysia Airlines Flight MH17, which crashed in eastern Ukraine on July 17, 2014.

Complete with stilted greetings and cumbersome dialogue that sounds like both men are reading from a script, the recording opens with a series of conversations between the two alleged spies, identified as David Hamilton and David L. Stern. Throughout the recording, they discuss “preparations” for an operation that involves shooting down a plane with a surface-to-air missile and an eventual Plan B, which involves placing a bomb inside the plane — all for the purpose of staging a crash to discredit Russian-backed separatists in Ukraine and the Kremlin itself.

But you don’t have to listen long to question the recording’s authenticity. The men’s accents are curious to say the least. One sounds British for half the recording until he switches to a more American accent. The other man does his best to hide his Russian accent, but it pops up at the beginning as he clumsily asks his co-conspirator, “How are the preparations?” But the most glaring hole is in the conversation itself. The men do not talk with each other like native English speakers and use turns of phrase that sound as if their dialogue was translated to English from Russian via Google Translate. Before signing off, the two say “Luck!” to each other, a common farewell in Russian.

The entire released recording can be heard below.

 

Conspiracy theories and propaganda of this magnitude are hardly new when it comes to the downing of MH17, which killed all 298 people on board. Immediately following the crash in July 2014, Ukraine and the West accused pro-Russia separatists of shooting down the plane with a Buk surface-to-air missile, which they say was likely supplied by Moscow.

Initially, Russian officials said the passenger plane was shot down by a Ukrainian Su-25 fighter jet. On July 21, 2014, Russia’s Defense Ministry hosted a press conference and presented radar data that allegedly showed another aircraft near MH17 before it was shot down. The Russian Union of Engineers said wreckage indicated the plane was destroyed by heat-seeking air-to-air missiles. Russian media then gave heavy attention to a man claiming to be a Spanish air traffic controller in Kiev who said that two Ukrainian fighter jets had followed the airliner. After the Spanish controller was discredited, the Kremlin switched to a new theory — that the plane was hit by a missile launched from Ukrainian territory and fired by troops loyal to Kiev.

The latest theory coming out of the Russian media, and supposedly reinforced by the new recording, is that a bomb was detonated within the airliner and planted by Western agents. “It really doesn’t make any sense,” Eliot Higgins, the founder of Bellingcat, an open source investigative journalism network, told Foreign Policy. Higgins and his team at Bellingcat have been debunking Russian theories around MH17 for over a year using open source information — geolocating social media posts and videos and using satellite imagery to trace the movements of the Buk missile launcher seen in the area before and after the plane was shot down. Based on Bellingcat’s research, Higgins believes that MH17 was most likely shot down by a Buk missile fired by Russia-backed separatists. “No other scenario has the same degree of evidence.”

Still, the case is far from closed on MH17. The Joint Investigation Team, which comprises representatives from several countries, and the Dutch Safety Board are working on separate investigations into what downed the passenger plane. Dutch investigators said Tuesday that fragments of a suspected Russian missile system were found at the crash site in Ukraine. In a joint statement following the new evidence, the JIT and Dutch Safety Board cautiously said that “the parts are of particular interest to the criminal investigation as they can possibly provide more information about who was involved in the crash of MH17.”

A report by the Dutch Safety Board into the cause of the crash is expected by the end of October, while the separate international criminal investigation is likely to take several more months to complete.

On July 29, Russia vetoed a United Nations Security Council draft resolution — introduced by Malaysia — that would have set up an international tribunal to prosecute those suspected of downing the passenger plane. Moscow said the measure was a biased and politically motivated propaganda move to implicate the Kremlin or the Russia-backed Ukrainian separatists.

The Hillary Email Server Scandal Runs Deeper at State Dept.

Posted on by

The Hillary email scandal-palooza began on July 31 with Judge Sullivan’s declaration demanding Hillary and her staff certify certain conditions with regard to all the emails being turned over to the State Department.

On August 8, 2015, Hillary signed a certification document under penalty of perjury that all materials within server communications have been provided to the State Department. Concurrent to this action, the FBI visited the Denver IT company, Platt River that provided email support and redundant systems to the Hillary server established in her home in 2009. Of note, this server was NOT Bill’s server as she previously stated.

The two page certification signed by Hillary is found here.

Most important to readers here is the fact that the communications of the two emails in question that originated from the CIA were transmitted via a controlled pathway to the State Department, from there, someone(s) at State had to find a unclassified printer and computer to create hard copies, re-format them into electronic form and then email them to Hillary meaning that others at State are surely going to be investigated and caught up in the web or dragnet of culpability.

A 7 page email document chain is found here where the classified material is simply chilling.

On August 11, the Intelligence Community Inspector General briefed several members of the Senate as well as James Clapper, the Director of the Office of National Intelligence on the exact classifications of at least 2 newly discovered emails, which at the time of transmission were given the classification rating of TS/SI/TK/NF. This classification is the top confidential rating designation. Of particular note is the ‘TK’ rating which means Talent Keyhole, stemming from signals intelligence/geo-spatial via the CIA. These communications are only done on highly controlled systems and within a SCIF system.

Embedded image permalink

Senator Chuck Grassley took the aggressive and positive step on August 11 to provide voters with the new information noted here.

From Associated Press dates August 11:

Also Tuesday, Kendall gave to the Justice Department three thumb drives containing copies of work-related emails sent to and from her personal email addresses via her private server.

Kendall gave the thumb drives, containing copies of roughly 30,000 emails, to the FBI after the agency determined he could not remain in possession of the classified information contained in some of the emails, according to a U.S. official briefed on the matter who was not authorized to speak publicly.

The State Department previously had said it was comfortable with Kendall keeping the emails at his Washington law office.

Word that Clinton had relented on giving up possession of the server came as Republican Sen. Chuck Grassley of Iowa said two emails that traversed Clinton’s personal system were deemed “Top Secret, Sensitive Compartmented Information” — a rating that is among the government’s highest classifications. Grassley said the inspector general of the nation’s intelligence community had reported the new details about the higher classification to Congress on Tuesday.

“Secretary Clinton’s previous statements that she possessed no classified information were patently untrue,” House Speaker John Boehner said in a statement. “Her mishandling of classified information must be fully investigated.”

Those two emails were among four that had previously been determined by the inspector general of the intelligence community to have been classified at the time they were sent. The State Department disputes that the emails were classified at that time.

Shin Bet’s Latest Hamas Captive Reveals the Plan

Posted on by

Jerusalem Post: A Hamas fighter and tunnel digger has given his interrogators in Israel a bevy of intelligence about the group’s recent tunnel construction, planned attacks on Israel, battlefield strategy, and military cooperation with Iran, the Shin Bet General Security Service said Tuesday, after news of the operative’s arrest was made public.

The fighter, Ibrahim Adal Shahada Sha’ar, a 21-year-old native of Rafah in the southern Gaza Strip, was arrested by the Shin Bet and the Israel Police last month at Erez Crossing on the Israel border, after he arrived at the installation to submit an application to enter Israel. An official with the Shin Bet said that Sha’ar’s application to enter was for “personal or humanitarian reasons” and that officers at the crossing knew who he was and arrested him on the spot.

The Shin Bet on Tuesday said Sha’ar gave up to his interrogators a trove of intelligence relating to Hamas operations in Gaza and in Rafah in particular, including about their plans to use tunnels along the border to carry out attacks on Israel, like they did with brutal effectiveness during last summer’s Operation Protective Edge.

The Shin Bet said Sha’ar also gave details about Hamas battlefield strategy, the make-up and capabilities of their “elite” infantry unit, as well as the anti-aircraft and surveillance capabilities of the Hamas armed wing.

Sha’ar himself took part in a series of battlefield tasks during last summer’s war, the Shin Bet said, including field logistics, and transporting fighters and firearms on the battlefield. He also admitted to laying an anti-tank IED on one occasion.

The Rafah native had allegedly been spending recent months working on tunnel construction, during which he learned of tunnels heading for the Kerem Shalom crossing on the Israel border, potentially for use in an infiltration attack. Under questioning he also gave up the location of digging sites, tunnel openings, and the routes of tunnels currently under construction in the Gaza Strip. He also reportedly told his interrogators that a road recently built by Hamas along the Gaza border with Israel is meant in part to be used for attacks on Israel, during which vehicles will use the road to charge across the border.

He also reportedly gave details on his observations about the military cooperation between Hamas and Iran. The Shin Bet said he described how they transfer money to the organization and supply firearms and electronics, including devices meant for jamming radio frequencies, meant to be used to take down Israeli drones flying over Gaza. He also observed how they attempted to train Hamas fighters in the use of hang gliders for attacks on Israel.

On July 31st, Sha’ar was indicted at the Beersheba District Court on charges of membership in an illegal organization, attempted murder, and contact with a foreign agent, and taking part in illegal military training.

***  Then we need to go back to John Kerry’s testimony before Congress, where his answers turn out to be thin on substance and essentially false and uninformed.

Iran Funding Hamas Preparations for War

 

When asked repeatedly by Republicans about Iran’s repeated threats to destroy Israel during Congressional testimony about the Iran nuclear deal, Secretary of State John Kerry sighed and looked at his questioners the way an exasperated teacher regards dumb students. Yes, he admitted, they say that but he explained patiently, he’s seen no evidence of them planning anything to put that into effect. Kerry repeated that answer, though no doubt without the look of disdain on his face, to The Atlantic’s Jeffrey Goldberg saying “I haven’t seen anything that says to me” that their “ideological confrontation with Israel at this moment” [my emphasis] will “translate into active steps.” For all intents and purposes, President Obama says the same thing when he dismisses threats to Israel from Iran’s Supreme Leader Grand Ayatollah Ali Khamenei even if he just published a book outlining his plans.

But, as Israel’s Shin Bet intelligence agency made public today, Iran is taking active steps toward war with Israel. The Israelis revealed that information obtained from a prisoner as well as from other sources showed that Iran is taking an active role in allowing Hamas to rebuild its military infrastructure as well as terror tunnels aimed at facilitating murder and kidnapping. Though the administration pretends that its negotiations with Iran are proof that the Islamist regime is moderating, evidence on the ground shows that its role as the world’s leading state sponsor of terror is unchanged. So, too, is its role in aiding the ongoing war on Israel’s existence.

As Haaretz reports:

During his interrogation, [Hamas operative Ibrahim] Sha’er also told of the links between Iran and Hamas, under which Iran has transferred military support into the Gaza Strip to strengthen the organization. The Iranians provide funds, advanced weaponry and electronic equipment such as equipment for disrupting radio communications to bring down Israeli unmanned aerial vehicles over Gaza, Sha’er told the Shin Bet. Iran has also trained Gaza fighters in the use of hang gliders for the purpose of penetrating into Israel, he said.

Perhaps to Obama and Kerry, these efforts should be considered minor annoyances to Israel. After all, what possible impact can terror attacks or giving Hamas the ability to wage and sustain a new war against Israel have to do with Israel’s existence? The Israeli military is strong and presumably is capable of dealing with anything that Hamas can come up with. Perhaps, the same is true of Hezbollah, which even Kerry admitted to Goldberg, had 80,000 rockets pointed at Israel.

The point is that Iran using its wealth and military know-how to build up Hezbollah (which operates as an Iranian surrogate, even sending its fighters into Syria to bolster Iran’s ally Bashar Assad) and now Hamas isn’t a mere detail to be swept under the rug. Nor is it tangential to the main thrust of Iranian foreign policy, as Khamenei’s new book makes plain.

Moreover, despite the administration’s blind faith in a shift in Iran’s policies once the nuclear deal is put into effect, there’s no evidence that the flood of cash into Tehran’s coffers will do anything but encourage it to continue its efforts to have its terrorist auxiliaries wage war on Israel.

To the contrary, once the deal sneaks through Congress and Obama begins the process of suspending sanctions by executive order and the Europeans begin a Tehran gold rush, the incentive to regard violations of any of the understandings as too minor to provoke a break will be too great. Kerry may speak of snapping back sanctions, but it’s clear the will to do so on the part of the West will be lacking.

That means that not only will Iran spend the next decade preparing for building its own bomb. It will also spend that time employing its wealth in its struggle for regional hegemony, a key part of which is its surrogate war on Israel. Once the deal expires, Hamas and Hezbollah won’t just be increasingly annoying Israel with deadly terror funded by Iran. They’ll then have a nuclear umbrella. At best, Israel — and moderate Arab states — will live under a terrible threat. The worst-case scenario is too awful to contemplate.

That means that contrary to Kerry’s belief about Iran having no plans in place to eliminate Israel, the entire process that will unfold from the deal is part and parcel of just such a plan. The only difference is that unlike past efforts, what will follow will happen while it has become America’s diplomatic and business partner. That is more than enough reason for anyone who cares about U.S. security, its interests in the Middle East and Israel’s survival, to rethink the deal.

 

Advances and Secret Information on Hacking of Classified Systems

Posted on by

Hacking never has the sizzle when it comes to terror or scandals, yet it is the cheapest and most effective means of destruction.

So, below are some items you cannot overlook.

A few weeks ago, the unclassified email and information system at the Pentagon, mostly used by the Joint Chiefs of Staff was taken offline due to suspicious malware activity. That system is back online as of this week after all clues pointed to the hack by Russians which led to up to 4000 Pentagon employees losing access to email.

***

Then it has been determined the Chinese have accessed top government officials private emails since 2010.

Chinese hackers have been accessing the private mails of some top United States officials since April of 2010, which coincides with Hillary Clinton’s tenure as secretary of state and her decision to use a private email server, Morning Joe’s Willie Geist reported Tuesday.

“The email grab, first code-named Dancing Panda, targeted top national security and trade officials,” Geist said. “It continued as late as 2014. The timing does overlap with Hillary Clinton’s time as secretary of state and her use of a private email server.”

“Many” top officials have been hacked, according to a high-level intelligence source and a top-secret document obtained by NBC News.

***

Now comes a global network of hacking and their successful and criminal activities.

Exposing a new front in cybercrime, U.S. authorities broke up an alleged insider trading ring that relied on computer hackers to pilfer corporate press announcements and then profited by trading on the sensitive information before it became public.

In morning raids in Georgia and Pennsylvania, federal agents arrested five men in the plot, while four others indicted on hacking and securities fraud charges remain at large.

The hackers, who are thought to be in Ukraine and possibly Russia, allegedly infiltrated the computer servers of PRNewswire Association LLC, Marketwired and Business Wire, a unit of Warren Buffett’s Berkshire Hathaway Inc., over a five-year period.

They siphoned more than 100,000 press releases including corporate data on earnings that could be used to anticipate stock market moves and make profitable trades. The hackers passed the information to associates in the U.S., who allegedly used it to buy and sell shares of dozens of companies, including Panera Bread Co., Boeing Co., Hewlett-Packard Co., Caterpillar Inc. and Oracle Corp., through retail brokerage accounts. A must read for the rest of the details is here.

***

Most chilling of all is the forward leaning and creative uses of drones.

LAS VEGAS, Nev. – Forget Facebook drones that broadcast Wifi. The future is drones that hack from above. A company called Aerial Assault has turned a quadcopter into a flying hacker that scans the world below for insecure devices and vulnerable Wifi ports. Its makers say they built the tool for penetration testing — to help “good guys” diagnose their own weaknesses — but they concede that with a bit of modification, it could be used to exploit those vulnerabilities and install malware from the air. This is why it’s paramount to get your I.T. network looked at by a penetration testing company, you may think this is a scary thing for your company to undergo however, it will actually prevent people (hackers) from stealing your companies information as all of the weak spots would of been identified and then rectified.

The unnamed drone, which may be the first unmanned aerial penetration tool for sale to the public, was on display at the DEF CON hacker conference here last week. It uses a small Raspberry Pi computer running the Kali Linux penetration tester software with the broadcast range extended by alpha radio antennas. It will retail for $2,500 when the Web site goes up in a few days, its makers say.

“We’ve set it up so it does some basic [penetration] testing stuff and coordinates all that data with GPS coordinates from the flight controller. From that, you can extend it with every type of capability that you want Kali Linux to do,” said David Jordan, a representative from Aerial Assault who was selling it on the floor at the DEF CON conference in Las Vegas, Nevada on Sunday.

While the drone isn’t specifically designed to distribute malware, Jordan acknowledged it could be modified to do so. “It is up to the user to decide what they do with it. If the user, they have Raspberry Pi with Kali on it, they can reprogram custom scripts. That’s good for doing more extensive [penetration] testing. But, you know, scripts can be whatever they are,” he said. “Our intended use is for pentesters to be able to diagnose vulnerabilities and help people understand what their Wifi accessibility is, even up in the air.”