U.S. Fighter Project Infiltrated by Cyberspies

Michael Barkoviak / DailyTech

April 21, 2009

‘According to a new report, information regarding the U.S. government’s next-generation aircraft was hacked into on numerous occasions.’ -

About 11 days after a report indicated foreign cyberspies targeted the U.S. electrical grid, another report has revealed cyberspies successfully attacked the Pentagon’s Joint Strike Fighter project, according to media reports. Several Joint Strike Fighter aircraft are already flying, with future development costs already factored into the Pentagon’s budget in 2009 and 2010.

Intruders were able to copy saved information regarding the design and electronics systems of the F-35 Lightning II fighter jet, which could make it easier to defend against its capabilities. Computer systems used for the project were originally compromised as early as 2007, and have continued to be targeted by intruders.





Whoever was hacking into the system investigated the plane’s design, performance statistics, and specific details regarding its electronic systems, according to the official. It appears computer networks used by contractors can be blamed for the original security breach, sources said. Lockheed Martin, Northrop Grumman, and BAE System are working on the project alongside the US government.

The most sensitive information — which is stored on computers not connected to the internet — was not breached by intruders, it was reported. All information stolen was encrypted during the theft, which has made it nearly impossible for government security experts to see which information was compromised.

The Air Force declined to make a statement to the Wall Street Journal, but an internal investigation was reportedly launched into the matter. It appears the attacks originated to Chinese IP addresses, investigators said with a “high level of certainty.”


F-35 Lightning II fighter jet (Source: BAE)

The federal government is aware there is a growing cyber threat from organized computer hacking rings, but has been very slow to react to the new threats. Hackers have targeted the Federal Aviation Administration (FAA)’s air traffic control system, along with the U.S. power infrastructure.

Many western nations, including officials in the U.S., blame China for launching organized attacks against numerous targets, though the Chinese government has shrugged off numerous accusations. The country “opposes and forbids all forms of cyber crimes,” according to a statement issued by the Chinese Embassy

Report: 2008 Saw More Records Breached Than The Previous Four Years Combined

Most compromises could have been avoided, Verizon study says

Apr 15, 2009 | 05:36 PM
By Tim Wilson
DarkReading
Click here to view more details
More electronic records were breached in 2008 than the previous four years combined, according to a report published today by Verizon Business Systems.

This second annual study -- based on data analyzed from Verizon Business' actual caseload comprising 285 million compromised records from 90 confirmed breaches -- revealed that corporations fell victim to some of the largest cybercrimes ever during 2008, the company said.

The financial sector accounted for 93 percent of all such records compromised last year, and a staggering 90 percent of these records involved groups identified by law enforcement as engaged in organized crime.

Verizon Business investigative experts found, as they did in the company's first report covering 230 million compromised records from 2004 to 2007, that nearly nine out of 10 breaches were considered avoidable if security basics had been followed. Most of the breaches investigated did not require difficult or expensive preventive controls.

Similar to the first study's findings, the latest study found that highly sophisticated attacks account for only 17 percent of breaches. However, these relatively few cases accounted for 95 percent of the total records breached -- proving that motivated hackers know where and what to target, the company says.

"The compromise of sensitive information increased dramatically in 2008, and it's past time to be vigilant about enterprise security," said Dr. Peter Tippett, vice president of research and intelligence for Verizon Business Security Solutions. "This report should serve as another wake-up call that good security and a proactive approach are paramount to running a business in this day and age -- particularly since the economic crisis is likely to trigger a further increase in criminal activity."

Despite Increased Security Spending, Severity Of Breaches Is On The Increase CompTIA study says human error is the most frequent cause of breaches

Apr 14, 2009 | 06:38 PM
By Tim Wilson
DarkReading


Despite increased spending on both security technology and training, most companies are experiencing more severe data breaches, according to a newly-completed study.

In its seventh annual security research study, the Computing Technology Industry Association (CompTIA) surveyed some 1,500 IT and security pros in countries around the globe. In the study, CompTIA found that the frequency of breaches had not increased significantly between 2008 and 2007, but the severity of those breaches has increased slightly. The average severity of a breach in 2008 was ranked as 5.6 on a ten-point scale, up from 5.3 in 2007 and 4.8 in 2006.

"The number of breaches may not be going up, but companies are feeling their impact a little bit more each year," says Tim Herbert, vice president of research at CompTIA.

Almost 10 percent of U.S. respondents said security breaches have cost their organizations more than $100,000 in the past 12 months. About a third saw employee productivity affected by a breach, and 20 percent saw an impact on revenue-generating activities. Nineteen percent experienced some server or network downtime as the result of a breach, and 10 percent paid fines or legal fees.

While most U.S. respondents still consider viruses and malware the top threat, more than half (53 percent) attributed their breaches to "human error," while only 47 percent attributed them to technical malfunction.

Almost a third (31 percent) of U.S. respondents said their breaches were caused by "accidental" errors coming from inside the company, while 10 percent described the breaches as "malicious" insider attacks. The majority of breaches were caused by external attacks, according to the study.

Interestingly, while the severity of breaches is on the increase, most organizations continue to rely on traditional tools -- such as firewalls and antivirus suites " as their primary defense against them. Although most organizations are holding steady or increasing their security spending -- and there has been a slight uptick in the use of different tools, such as intrusion detection -- "it's possible that a lot of organizations are still fighting fires, and perhaps not looking far enough into the future," Herbert says.

Surprisingly, spending on security awareness and training went down slightly between 2008 and 2007. "A lot of organizations still say they are not getting support for these programs from top management, or that training is not a high priority," Herbert says. Many organizations also limit their security training to once a year, or even give it only as a part of new employee orientation, he notes.

"Companies don't see it as a marketing campaign, where you have to constantly promote good practices on a regular basis," Herbert says. "Then, when an employee is finally faced with a security problem, they don't always recall what to do, and they make the wrong decision." Many organizations also are dealing with generational issues, he says: "The people entering the workforce today have a very different view on how to use the Internet than people who've been in the workforce for 20 or 30 years."

The study also showed some regional differences in the security experience. For example, organizations in India reported almost twice as many breaches than those in the U.S., but they reported much a much lower severity of impact than their U.S. counterparts.

Learn How to Hack!

Click here to view more details

The U.S. electrical grid is under attack from Russian and Chinese cyber spies who have inserted software that could disrupt the system,

(CBS/ AP) The U.S. electrical grid is under attack from Russian and Chinese cyber spies who have inserted software that could disrupt the system, current and former national security officials tell the Wall Street Journal.

So far, these spies have not tried to damage the system, but the possibility remains likely should a war or national security crisis hit the United States, the officials said.

"The Chinese have attempted to map our infrastructure, such as the electrical grid," a senior intelligence official told the newspaper. "So have the Russians."

In addition to electrical systems, nuclear power plants and financial networks; water and sewage systems are also at risk, officials said.

"There are intrusions, and they are growing. There were a lot last year," a former Homeland Security official told the newspaper.

The report follows a Pentagon announcement Tuesday which showed more than $100 million was spent in the last six months responding to and repairing damage from cyber attacks and other computer network problems, military leaders said.

Air Force Gen. Kevin Chilton, who heads U.S. Strategic Command, said the military is only beginning to track the costs, which are triggered by constant daily attacks against military networks ranging from the Pentagon to bases around the country.

"The important thing is that we recognize that we are under assault from the least sophisticated - what I would say the bored teenager - all the way up to the sophisticated nation-state, with some pretty criminal elements sandwiched in-between," said Chilton, adding that the motivations include everything from vandalism to espionage. "This is indeed our big challenge, as we think about how to defend it."


(CBS/ AP) The Pentagon spent more than $100 million in the last six months responding to and repairing damage from cyber attacks and other computer network problems, military leaders said Tuesday.

Air Force Gen. Kevin Chilton, who heads U.S. Strategic Command, said the military is only beginning to track the costs, which are triggered by constant daily attacks against military networks ranging from the Pentagon to bases around the country.

"The important thing is that we recognize that we are under assault from the least sophisticated - what I would say the bored teenager - all the way up to the sophisticated nation-state, with some pretty criminal elements sandwiched in-between," said Chilton, adding that the motivations include everything from vandalism to espionage. "This is indeed our big challenge, as we think about how to defend it."

According to Army Brig. Gen. John Davis, deputy commander for network operations, the money was spent on manpower, computer technology and contractors hired to clean up after both external probes and internal mistakes. Strategic Command is responsible for protecting and monitoring the military's information grid, as well as coordinating any offensive cyber warfare on behalf of the U.S.

Officials would not say how much of the $100 million cost was due to outside attacks against the system, versus viruses and other problems triggered accidentally by Defense Department employees. And they declined to reveal any details about suspected cyber attacks against the Pentagon by other countries, such as China.

Speaking to reporters from a cyberspace conference in Omaha, Neb., the military leaders said the U.S. needs to invest more money in the military's computer capabilities, rather than pouring millions into repairs.

"You can either pay me now or you can pay me later," said Davis. "It would be nice to spend that money proactively ... rather than fixing things after the fact."

Officials said that while there has been a lot of anecdotal evidence on the spending estimate, they only began tracking it last year and are still not sure they are identifying all the costs related to taking computer networks down after a problem is noticed.

The Pentagon has acknowledged that its vast computer network is scanned or probed by outsiders millions of times each day. Last year a cyber attack forced the Defense Department to take up to 1,500 computers off line. And last fall the Defense Department banned the use of external computer flash drives because of a virus threat officials detected on the Pentagon networks.

The cost updates come as the Obama administration is completing a broad government-wide review of the nation's cybersecurity.

In February, the White House announced that it would conduct a review to "ensure that U.S. Government cyber security initiatives are appropriately integrated, resourced and coordinated with Congress and the private sector," according to a release from the White House.

HAKIN9 IT Security Magazine Spotlight

Be advised of a splendid IT Security Magazine's existence, by the name of HAKIN9 To learn more, you may visit: www.hakin9.org/en

The current issue features in depth articles dealing with:

• Analyzing Malware...
• Metasploit Alternate Uses for a Penetration Test...
• Backdooring Frameworks...
• The Real World Clickjacking...
• Apple Super Drive. Set It Free...
• Mapping HTTP Interface Embedded Devices...
• How Does Your Benchmark of Physical Security Affect Your Environment?...
• iPhone Forensics...
• Safer 6.1...
• Making Open Security Research Sustainable...
• Interview with Raffael Marty...
• Self exposure with......