Telecoms, data center infrastructure infiltrated, Bloomberg stories say, mystery deepens despite denials

13 October 2018 by Steve Blum
, , , ,

Taken at face value, a pair of articles on Bloomberg by Jordan Robertson and Michael Riley details how Chinese government intelligence agencies snuck tiny chips into computer servers used by Amazon and Apple, and by at least one major U.S. telecoms company. The devices – as small as the tip of a pencil – could be used to listen to communications going in and out, or to dive deeper into those systems.

If true, Bloomberg’s reporting means that the Chinese government, and possibly other intelligence agencies and criminal groups, have a backdoor that leads deep into U.S.… More

FBI’s plea for encryption back doors based on false information

2 June 2018 by Steve Blum
, ,

The Federal Bureau of Investigation gave the U.S. congress and the public bad information about the problems it has cracking encrypted phones during investigations, many times over several months. According to a story by Devlin Barrett in the Washington Post, FBI director Christopher Wray repeatedly, and falsely, claimed that agents were locked out of almost 7,800 smart phones and other devices, because of advanced encryption.

He began using the 7,800 figure last year, when he urged congress to give law enforcement back door access to encrypted devices and content…

Wray has repeated the claim about 7,800 locked phones, including in a March speech.


FBI didn't tell the whole truth about cracking encrypted iPhone

31 March 2018 by Steve Blum
, ,

When a pair of shooters attacked an employee party at a San Bernardino County facility in 2015, killing 14 people before being shot by police themselves, one of the attackers left behind an encrypted iPhone that might or might have had information relevant to the subsequent investigation.

Publicly, the Federal Bureau of Investigation’s solution was to force Apple to rewrite its iOS operating system so law enforcement could crack not only the San Bernardino phone, but any iPhone thereafter.… More

Quickest way to defeat cyber security is to not engage it

11 November 2017 by Steve Blum
, ,

Newsflash! Bad software development practices cause bad results. That’s the gist of a press release issued by Appthority, an IT security company specialising in the mobile enterprise sector.

What Appthority found isn’t a particular revelation. Developers will often hard code their own login credentials into apps while writing and debugging early versions, just to keep things simple. If they forget to remove that data before moving into beta testing and launch phases, it’s there for the taking.… More

Federal agencies ignore cyber security while breaches continue

7 October 2017 by Steve Blum
, ,

Cyber security at federal agencies continues to be so bad that the Government Accountability Office is throwing up its hands and saying we’ve already told you what needs to be done, so just do it

While federal agencies are working to carry out their [Federal Information Security Modernization Act]-assigned responsibilities, they continue to experience information security program deficiencies and security control weaknesses in all areas including access, configuration management, and segregation of duties. In addition, the inspectors general evaluations of the information security program and practices at their agencies determined that most agencies did not have effective information security program functions.


NSA shares blame with criminals for massive ransomware attack

14 May 2017 by Steve Blum
, , , ,

Cybercriminals successfully penetrated more than 200,000 computer systems in 150 countries in a continuing attack that began late last week. The initial assault was unwittingly blocked by a security blogger who triggered an off switch while trying to figure out what was going on. But that didn’t help systems that were already infected – it will can still spread from computer to computer within a network – and a new version, without the kill switch, is reported to be already out and running wild.… More

Wikileaks' CIA dump plugs massive Cisco security hole

25 March 2017 by Steve Blum
, , , ,

If you look into the core of the Internet or just in a typical corporate or institutional data center, you’ll see rack after rack loaded with switches, routers and other gear made by Cisco. A vulnerability in even one of their products can leave a lot of networks and data open to attack. So you might come to the conclusion that spotting that kind of flaw and fixing it as quickly as possible is matter of national security.… More

Wikileaks shows there's no such thing as a top secret hack

11 March 2017 by Steve Blum
, , ,

Not the latest version.

The Central Intelligence Agency’s guide to cracking is getting bad reviews from the tech community. Published earlier this week on Wikileaks, the thousands of files of internal documentation maintained by the CIA’s engineering development group are mostly openly available cook books and mundane advice on how not to get caught.

A story by Sean Gallagher at Ars Technica steps through some of it and concludes it amounts to an outdated “Malware 101” textbook…

It’s not clear how closely tool developers at the CIA followed the tradecraft advice in the leaked document—in part because they realized how dated some of the advice was.


A known cyber threat is no threat to those who know it

1 January 2017 by Steve Blum
, , ,


Vermont municipal electric utility employees read the cyber security alert jointly published by the FBI and the federal homeland security department, and did what it suggested: check their computers for the specific type of malware detailed in the report. According to a press release from the City of Burlington’s Electric Department

U.S. utilities were alerted by the Department of Homeland Security (DHS) of a malware code used in Grizzly Steppe, the name DHS has applied to a Russian campaign linked to recent hacks.


FBI wants network administrators to tighten security, up to a point

31 December 2016 by Steve Blum
, , ,

Crackers working for the Russian government broke into the computer system of “a U.S. political party” during the last election cycle. That’s the unsurprising top line conclusion of a joint report issued by the federal homeland security department and the FBI. Two separate teams working for Russian intelligence agencies phished more than a thousand party functionaries and eventually gained access to administrator level privileges on the target system.

Beneath that top line, though, lurks a fascinating, and ironic, description of how state-sanctioned crackers can penetrate workaday IT networks maintained by corporations and government agencies, and what can be done to stop them.… More