U.S. Govt Cyber Attacks in 2015 Spike

In his annual budget request, President Barack Obama asked for $19bn for cyber security funding, $5bn more than last year.

Last year, a study from Juniper Research, ‘The Future of Cybercrime & Security: Financial and Corporate Threats and Mitigation’, estimated that by 2019 the cost of data breaches will reach $2.1 trillion – four times the total expected for 2015. The average cost of a data breach is expected to exceed $150 million by 2020 as more business infrastructure is connected.

Number of U.S. government ‘cyber incidents’ jumps in 2015

Reuters: The U.S. government was hit by more than 77,000 “cyber incidents” like data thefts or other security breaches in fiscal year 2015, a 10 percent increase over the previous year, according to a White House audit.

Part of the uptick stems from federal agencies improving their ability to identify and detect incidents, the annual performance review from the Office and Management and Budget said.

The report, released on Friday, defines cyber incidents broadly as “a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices.” Only a small number of the incidents would be considered as significant data breaches.

National security and intelligence officials have long warned that cyber attacks are among the most serious threats facing the United States. President Barack Obama asked Congress last month for $19 billion for cyber security funding across the government in his annual budget request, an increase of $5 billion over the previous year.

The government’s Office of Personnel Management was victim of a massive hack that began in 2014 and was detected last year. Some 22 million current and former federal employees and contractors in addition to family members had their Social Security numbers, birthdays, addresses and other personal data pilfered in the breach.

That event prompted the government to launch a 30-day “cyber security sprint” to boost cyber security within each federal agency by encouraging adoption of multiple-factor authentication and addressing other vulnerabilities.

“Despite unprecedented improvements in securing federal information resources … malicious actors continue to gain unauthorized access to, and compromise, federal networks, information systems, and data,” the report said.

***** Depth of hacking illustration:

U.S. Charges 3 As It Chases Syrian Electronic Army — $100,000 Bounties On Hackers’ Heads

Firas Dardar Syrian Electronic Army FBI Most Wanted

Firas Dardar, now on the FBI’s Cyber Most Wanted list for his part in the Syrian Electronic Army. He is also accused of extorting targets.

Forbes: Syrian Electronic Army has caused all sorts of trouble since its emergence at the turn of this decade (including an attack on FORBES, amongst many other major publications). Having largely operated under the radar, the U.S. today filed official charges against three individuals it believes were key in perpetrating SEA’s attacks. Two of the three men – Ahmad Umar Agha (commonly known as Th3 Pr0) and Firas Dardar (also known as The Shadow) – have also been placed on the FBI’s Cyber Most Wanted list with $100,000 rewards on offer for anyone who helps catch them. The third suspect is German-based Peter Romar.

The three have been charged with a range of offences, from hacking, to engaging in a hoax regarding a terrorist attack, to attempting to cause a mutiny within the U.S. armed forces. Throughout the last five years, the SEA were proficient in tricking organization – often media bodies such as the BBC, the Guardian, CNN and FORBES – into handing over login details to Facebook FB +0.38% and Twitter TWTR -0.18% accounts. They would then use that access to send out messages in support of Bashar al-Assad, who remains the Syrian president, despite the chaos of civil war that has engulfed the country.

Its most effective attack came after a compromise of the Associated Press Twitter account. After a tweet that claimed a bomb had exploded at the White House and injured President Obama, $90 billion was wiped off the U.S. stock market. In other successful campaign, the hackers defaced a recruiting website for the U.S. Marine Corps, using the site to urge marines to “refuse [their] orders.”

Ahmed Al charged Syrian Electronic Army hacker

Accused Syrian Electronic Army hacker Ahmad Umar Agha.

According to one of two complaints released today, other victims included Harvard University, the Washington Post, the White House, Reuters, Human Rights Watch, NPR, CNN, The Onion, NBC Universal, USA Today, the New York Post, NASA (which assisted on the investigation), and Microsoft. FORBES was not named as one of the victims of the trio’s attacks.

All three alleged SEA operatives were using Google Gmail and Facebook to coordinate and pass around stolen data. U.S. law enforcement were able to track their activity after acquiring court orders to search their online accounts.

Nation state hackers demanding ransom

According to the Department of Justice, Dardar and Romar (also known as Pierre Romar) have also been accused of typical cybercrime, hacking into target’s machines and demanding a ransom be paid, threatening to delete data or sell personal information. Dardar was thought to be operating out of Homs, Syria, Romar from Waltershausen, Germany. The ransoms would then be handed to SEA members in Syria, a complaint read. Dardar demanded in total more than $500,000 from 14 victims, though the filings did not specify how much they actually received.

“While some of the activity sought to harm the economic and national security of the United States in the name of Syria, these detailed allegations reveal that the members also used extortion to try to line their own pockets at the expense of law-abiding people all over the world,” said Assistant Attorney General John Carlin. “The allegations in the complaint demonstrate that the line between ordinary criminal hackers and potential national security threats is increasingly blurry.”

If the complaints released by the U.S. are accurate, Dardar and Romar are two of a handful of hackers known to be working for their government and carrying out extortion. Suspicions of governments using ransomware – malware that locks users’ files by encrypting them, only decrypting when the victim hands the hackers money – have proven unfounded. But researchers from security firm FireEye told FORBES they have seen a handful of examples where nation states have perpetrated extortion campaigns like the SEA suspects. But, the researchers said, it’s unlikely they ever want funds.

“We don’t believe that their intention was to get a ransom,” said Charles Carmakal, managing director of Mandiant, a FireEye-owned firm, speaking with FORBES last week. “I can say we’ve seen it but our case load isn’t that high.”

The hack of Sony Pictures, which the U.S. accused the North Korean government of sponsoring, included such a ransom demand once hackers had broken in. Sony didn’t pay and the hackers wiped the film studio’s machines before publishing vast tranches of company emails and files for all and sundry to pick through.

 

 

Posted in #StopIran, Choke Point, Cyber War, Department of Defense, Department of Homeland Security, DOJ, DC and inside the Beltway, Failed foreign policy, Middle East, Military, NSA Spying, Presidential campaign, Terror, The Denise Simon Experience, Treasury.

Denise Simon