US Cyber Security

[American Patriot]

Starting this thread for information and articles in regards to US Cyber Security.

I think I had something under the military specifically, but this is general information based on... we will call them some "on-goings" for now, of which I have been made aware.

Head up, hot stuff. Keep your eyes open for ANY articles linking cyber-terrorism, hacking attacks... and Russia, China and certain of their allies to attacks on ANYTHING in the coming days.

Rick

[American Patriot]

Russian and Chinese governments provide safe haven for cyber criminals: report news
10 December 2008
http://www.domain-b.com/infotech/itn...criminals.html

Cyber criminals who engage in internet fraud, blackmail and money laundering are provide safe havens by the Russian and Chinese governments and are given political cover as well as refuse to co-operate with foreign law enforcement bodies for reputation and intelligence reasons, according to the annual Virtual Criminology report.

The annual Virtual Criminology Report by online security software developer McAfee examines the emerging global cyber security threats and is made up of interviews with senior employees and input from global organisations such as the Serious Organised Crime Agency, the United Nations, NATO, SOCA and experts from leading groups and universities.

The report found that a number of countries were giving ''political cover'' to cyber criminals against attempts at prosecution by other nations and the main cyber-kingpins remain scot free, while minor lackeys are caught and prosecuted.

Russia and China are the main culprits protecting these criminals engaged in cyber crimes operating in their countries and actively help them to evade international prosecution while Brazil is one among the top three countries hosting zombie machines and botnets.

According to the report, many governments and allied groups were using the Internet for cyber spying and cyberattacks on national infrastructure network systems such as electricity, air traffic control, financial markets and government computer networks and 120 countries use the Internet for Web espionage operations.

Many of these attacks originate from China, and the Chinese government had earlier gone public saying that they are involved in activities of cyber-espionage although the Chinese Embassy in London recently said that all these allegations are not new and China has been accused on different occasions in the past, but every time the international community has not produced any evidence.

The report found that there was growing evidence of ''cyber espionage'', with countries organizing co-ordinating internet attacks on other countries and India and Belgium are among the latest countries to have complained that its government sites had come under web attacks, which have originated from China.

There was also evidence of Russia having carried out state-sponsored cyber warfare in its latest but short war against Georgia by attacking government computer networks.

NATO intelligence agencies, believe the attack on Estonia, which disrupted government, news and bank servers for several weeks, was carried out by hackers and traditional protective measures were not enough to protect against the attacks on Estonia's critical national infrastructure.

Botnets unsurprisingly were used but the complexity and coordination seen was new as there were a series of attacks with careful timing using different techniques and specific targets. The attackers stopped deliberately rather than being shut down.

Cyber attacks have in the recent past become more sophisticated, designed to specifically slip evade government cyber defences and have progressed from initial curiosity probes to well-funded and well organised operations for political, military, economic and technical espionage.

The report has also warned that cyber terrorism has become a real threat and in the near future it will be powerful enough to launch attacks that will damage and destroy critical national infrastructure, like a country's national grid, gas and water supplies, and bank payment systems.

The Virtual Criminology report, also found that the volume of internet viruses, one of the web criminal's main weapon, has almost tripled in the last year with a majority of them trying to solicit or steal money through fake e-mails supposedly to be originating from banks, and innocent internet users being tempted by ''get rich quick'' schemes.

There have been several high profile 'vishing' attacks and 'phreaking', which is hacking into telephone networks to make long distance phone calls in Japan and 50 per cent of all data breaches have been via peer-to-peer software.

Cyber criminals will now look at indigenous ways to exploit the popularity of applications on social networking sites such as MySpace and Facebook, the report said.

[American Patriot]

LATEST NEWS

India TodayLATEST NEWSStory

India has to gear up to face the virtual assault
Bhuvan Bagga
New Delhi, January 2, 2009
Close India Today expert view on India has to gear up to face the virtual assault with Pak It is not just terror on the ground that India is worried about any more. The Computer Emergency Response Team of India (CERT-In) estimates that Pakistan- based hackers have attacked Indian networks more than 100 times since the November 26 strike on Mumbai. According to Gulshan Rai, director, CERT-In–the specialised arm of India’s Information Technology ministry – network hacks from Pakistan- based programmers have been “naïve but effective”. Click here to Enlarge Says Rai: “As soon as the dust over the November 26 attacks settled and the Pakistani role in it became clear, Pakistan- based hackers have defaced more than 100 Indian websites with anti- India messages. Other attacks include those on government networks and networks of government- affiliated agencies.” In fact, the IT ministry has its own informal list of “most wanted” Pakistan- based hackers. Cyberlord, an Internet nickname of one such has executed 70 attacks on Indian Web sites. Similarly yusufislam (58 attacks), el_ muhammed (46 attacks), iranianboysblackhat (52 attacks), mirim (35 attacks) and cracker_ child (103 attacks) lead the way for Pakistan-origin cyberspace strikes.Experts even say that these are “the Dawoods, the Zaki-ur-Rehman Lakhvis and the Masood Azhars of the virtual world”. They are strongly anti-Indian and several of them work freelance for anti-Indian outfits in the real world. It is not just hackers from Pakistan. Says Rai: “In 2008, Chinabased entities broke into one State Bank of India website and took complete control. Luckily it was only a consumer information site. But also remember that almost every bank has critical financial data online and it does not take a genius to realise what would happen if a hacker — especially one that is statesupported — took over the site, and deleted or manipulated all financial records.” CERT- In recorded 401 cybersecurity- related incidents in November 2008 and a total of 291 defaced websites — primarily by agents based out of Pakistan, China, Russia, Iran and America. On November 29, a cyber security related blog on ZD Net reported that a “virus outbreak had affected 75 percent of all systems at the largest US military base in Afghanistan. The intrusion was severe enough to necessitate the briefing of the President. We don’t know the source of the attack but signs point to state actors, with the most popular contenders either being Russia or China”. The West woke up to the threat early, even going on to make the ahead of its time Sandra Bullock starrer Hollywood blockbuster The Net in 1995. With the kind of attacks we’ve been facing in 2008, India should strengthen its cyber security force many fold. A senior IPS officer told Mail Today: “We don’t really have advanced cyber security systems, certainly not as strong as in the US or in the UK. We also need strong state support to thwart such attacks.” A Delhi Special Cell Police officer said: “The US, Russia and China officially allow the use of ethical hackers to solve Internet crime and cybersecurity breaches. However, in India, a police officer can be arrested for asking for funds to hire a hacker, since hacking itself is illegal. The Indian state does not differentiate between ethical hacking and subversive hacking. Yet, the police are expected to show results.” Cyber security experts say that they want to ask for state funding and laws structured to current reality and advancements. The Special Cell officer told Mail Today: “Our officers lack basic knowledge. It is a known fact that India- based hackers get sold to the highest bidder, and some of the best hacking minds in India work for China, the US or Russia. Today, I can send an email to any agency in a way that it would seem to have emerged from any other country. I can break into sites and networks and steal the most strategic secrets. Alok Mukhopadhyay, an Associate at the Institute for Defense Studies and Analyses, says: “Information or rather disinformation warfare is the one for the 21st century. The wars are now being fought over the Internet – not only through attempts of hacking, stealing and defacing, but through a smokescreen of disinformation.” It is not that cyberwars are unknown. Americans routinely target the Chinese and Russian hackers. The Chinese and the Russian state arms retaliate the same way with virus attacks, hacking and defacing. The Special Cell officer said: “At a time when information is the key and an ever bigger proportion of it is in the cyberspace — India better buckle up fast — because if we lose this fight, the physical fight would only become even tougher.” What they specialise in China – Known to be keeping a very close watch on India’s Networks, specially government ones. Known for being good at putting in spywares. Russia – Known for launching up very aggressive financial attacks. Primarily into stealing critical data, oganisation’s or military’s for financial benefits. Pakistan – Primarily into anti-India propaganda, and Website defacing and damaging the primary information pool Eastern Europe – Hacking into financial instruments and stealing data. Middle East including Iran – Into Islamic propaganda, specially into anti- India doctored stories of Hindu-Muslim disunity. Nigeria - Famous for black dollar scam. The infamous hackers Yusufislam – 58 websites defaced/ attack incidents in recent months El_ muhammed – 46 websites defaced/ attack incidents in recent months Iranianboysblackhat – 52 websites defaced/ attack incidents in recent months Cracker_ child – 103 websites defaced/ attack incidents in recent months Mirim – 35 websites defaced/ attack incidents in recent months Courtesy: Mail Today

[vector7]

Cyberspies Penetrate U.S. Electrical Grid, Leave Software That Could Disrupt System

Wednesday, April 08, 2009


WASHINGTON — Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.


The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven't sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.

"The Chinese have attempted to map our infrastructure, such as the electrical grid," said a senior intelligence official. "So have the Russians."

• Click here to visit FOXNews.com's Cybersecurity Center.

The espionage appeared pervasive across the U.S. and doesn't target a particular company or region, said a former Department of Homeland Security official. "There are intrusions, and they are growing," the former official said, referring to electrical systems. "There were a lot last year."

Many of the intrusions were detected not by the companies in charge of the infrastructure but by U.S. intelligence agencies, officials said.

Intelligence officials worry about cyber attackers taking control of electrical facilities, a nuclear power plant or financial networks via the Internet.

Authorities investigating the intrusions have found software tools left behind that could be used to destroy infrastructure components, the senior intelligence official said. He added, "If we go to war with them, they will try to turn them on."

Officials said water, sewage and other infrastructure systems also were at risk.

[Ryan Ruck]

I know a number of us here have been warning about the danger from this for some time.

[Malsua]

The issue is whether they actually have control of the SCADA systems or simply compromised a machine at a monitor station or something. These are two vastly different things. If they had full access to the SCADA system this is no less than a 737 flyby near miss at the WTC on Sept 10, 2001.

[Ryan Ruck]

I knew Rick had started a thread about this not too long ago.

Went ahead and moved your post here vector.

[vector7]

Thanks!!!

[Ryan Ruck]

Just a reminder about this post from last year. See in red Mal...

Hackers Cut Cities' Power

Cyber-security experts have long warned of the vulnerability of critical infrastructure like power, transportation and water systems to malicious hackers. Friday, those warnings quietly became a reality: Tom Donahue, a CIA official, revealed at the SANS security trade conference in New Orleans that hackers have penetrated power systems in several regions outside the U.S., and "in at least one case, caused a power outage affecting multiple cities."

"We do not know who executed these attacks or why, but all involved intrusions through the Internet," Donahue said in a statement. "We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge."

Other details were murky: Donahue didn't say when or where the cyber attacks had occurred, or how many people had been affected. He also glossed over what element of the systems had been exploited.

In recent months, security researchers have emphasized long-standing security vulnerabilities in the Supervisory Control and Data Acquisition (SCADA) systems that control U.S. critical infrastructure systems ranging from power plants to dams to public transit (See " America's Hackable Backbone").

At the DefCon hacker conference in August, researcher Ganesh Devarajan of the security firm Tipping Point gave a presentation showing techniques that hackers can use to find points in SCADA systems that are vulnerable to hijacking and sabotage. The next month, the Associated Press obtained a U.S. Department of Homeland Security video, known as the "Aurora Generator Test," demonstrating how a cyber-intrusion could be used to physically destroy a large power generator.

In the past two years, hackers have in fact successfully penetrated and extorted multiple utility companies that use SCADA systems, says Alan Paller, director of the SANS Institute, an organization that hosts a crisis center for hacked companies. "Hundreds of millions of dollars have been extorted, and possibly more. It's difficult to know, because they pay to keep it a secret," Paller says. "This kind of extortion is the biggest untold story of the cybercrime industry."

Paller told Forbes.com in June that he expected those incidents to increase, and warned that a botched extortion attempt could lead to accidental damage. "There's been very active and sophisticated chatter in the hacker community, trading exploits on how to break through capabilities on these systems," he said. "That kind of chatter usually precedes bad things happening."

Cyber-extortion and its collateral damage aren't new, says Bruce Schneier, chief technology officer for security firm BT Counterpane. He says that offshore-hosted Web sites, most often offering pornography and gambling, are frequent victims of hacker extortion. Targeting power companies, however, is a new wrinkle, he says.

But Schneier suggests that security researchers shouldn't assume that SCADA was the weak link in the power system attacks revealed Friday. If, as the CIA suggests, the penetration involved "inside knowledge" of the system, it may have been performed by an employee with administrative access. "How much of this is a computer vulnerability, how much is a human vulnerability?" he asks. "I wouldn't jump to any conclusions."

Regardless of the tactics used to hack the foreign power systems, he warns that the U.S. has no special immunity. "There's nothing magical about a system being in the U.S.," he says. "The same vulnerabilities are everywhere."

The SANS Institute's Paller, who says Donahue had carefully considered the decision to reveal the power grid attacks, believes the CIA made its revelation with American security in mind. "My sense is that they wouldn't have disclosed this if they thought the problem had been fixed," he says.

[vector7]

U.S. seeks hackers to protect cyber networks

Homeland Security wants someone who can 'think like the bad guy'


WASHINGTON - Wanted: Computer hackers.

Buffeted by millions of digital scans and attacks each day, federal authorities are looking for hackers — not to prosecute them, but to pay them to secure the nation's networks.

General Dynamics Information Technology put out an ad last month on behalf of the Homeland Security Department seeking someone who could "think like the bad guy." Applicants, it said, must understand hackers' tools and tactics and be able to analyze Internet traffic and identify vulnerabilities in the federal systems.

And in the Pentagon's budget request submitted last week, Defense Secretary Robert Gates hung out his own help-wanted sign, saying the Pentagon will increase the number of cyber experts it can train each year from 80 to 250 by 2011.

Amid dire warnings that the U.S. is ill-prepared for a cyber attack, the White House conducted a 60-day study of how the government can better manage and use technology to protect everything from the nation's electrical grid and stock markets to tax data, airline flight systems, and nuclear launch codes.

President Barack Obama appointed former Bush administration aide Melissa Hathaway to head the effort, and her report was delivered Friday, the White House said.

While the country had detailed plans for floods, fires or errant planes drifting into protected airspace, there is no similar response etched out for a major computer attack.

David Powner, director of technology issues for the Government Accountability Office, told Congress last month that the U.S. has no recovery plan for a digital disaster.

"We're clearly not as prepared as we should be," he said.

Persistent attack

The U.S., administration officials say, has not kept pace with technological innovations needed to protect its computer networks against emerging threats from hackers, criminals or other nations looking for national security secrets.

U.S. computer networks, including those at the Pentagon and other federal agencies, are under persistent attack, ranging from nuisance hacking to more nefarious assaults, possibly from other nations, such as China. Industry leaders told Congress during a recent hearing that law enforcement and other protections are too outdated to fend off threats from criminals, terrorists and unfriendly foreign nations.

Just last week, a former government official revealed that spies had hacked into the U.S. electric grid and left behind computer programs that would let them disrupt service. The intrusions were discovered after electric companies gave the government permission to audit their systems, said the ex-official, who was not authorized to discuss the matter and spoke on condition of anonymity.

Cyber threats are also included as a key potential national security risk outlined in a classified report put together by Adm. Mike Mullen, chairman of the Joint Chiefs of Staff. And Pentagon officials say they spent more than $100 million in the last six months responding to and repairing damage from cyber attacks and other computer network problems.

Nadia Short, vice president at General Dynamics Advanced Information Systems, said the job posting for ethical hackers fills a critical need for the federal government.

The analysts keep constant watch on the government networks as part of a surveillance programs called Einstein that was initiated by the Bush administration under the U.S. Computer Emergency Readiness Team. US-CERT is a partnership of the Homeland Security Department, other public agencies and private companies. The Einstein program is an automated process for collecting and sharing security information.

Short said the $60 million, four-year contract with US-CERT uses the so-called ethical hackers to analyze threats to the government's computer systems and develop ways to reduce vulnerabilities.

Struggle for control

Faced with such cyber challenges, Obama ordered the 60-day review to examine how federal agencies manage and protect their massive amounts of data and what the government's role should be in guarding the vast networks that control the country's vital utilities and infrastructure.

Over the past two months, Hathaway met with hundreds of industry leaders, Capitol Hill staff and other experts, seeking guidance on what the federal government's role should be in protecting information networks against an attack. And she sought recommendations on how officials should define and report cyber incidents and attacks; how the government should structure its cyber oversight and how the nation can increase security without stifling innovation.

A task force of technology giants, including representatives from General Dynamics, IBM, Lockheed Martin and Hewlett-Packard Co. urged the administration to establish a White House-level official to lead cyber efforts and to develop ways to share information on problems more quickly with the private sector.

The administration has struggled with the basics, such as who should control the nation's cyberspace programs. There appears to be some agreement now that the White House should coordinate the overall effort, rejecting suggestions that the National Security Agency take it on — a plan that triggered protests on Capitol Hill and from civil liberties groups worried about giving such control to U.S. spy agencies.

[vector7]

Computer Spies Breach Fighter-Jet Project

APRIL 21, 2009
By SIOBHAN GORMAN, AUGUST COLE and YOCHI DREAZEN

WASHINGTON -- Computer spies have broken into the Pentagon's $300 billion Joint Strike Fighter project -- the Defense Department's costliest weapons program ever -- according to current and former government officials familiar with the attacks.

Similar incidents have also breached the Air Force's air-traffic-control system in recent months, these people say. In the case of the fighter-jet program, the intruders were able to copy and siphon off several terabytes of data related to design and electronics systems, officials say, potentially making it easier to defend against the craft.

The latest intrusions provide new evidence that a battle is heating up between the U.S. and potential adversaries over the data networks that tie the world together. The revelations follow a recent Wall Street Journal report that computers used to control the U.S. electrical-distribution system, as well as other infrastructure, have also been infiltrated by spies abroad.

Attacks like these -- or U.S. awareness of them -- appear to have escalated in the past six months, said one former official briefed on the matter. "There's never been anything like it," this person said, adding that other military and civilian agencies as well as private companies are affected. "It's everything that keeps this country going."

Many details couldn't be learned, including the specific identity of the attackers, and the scope of the damage to the U.S. defense program, either in financial or security terms. In addition, while the spies were able to download sizable amounts of data related to the jet-fighter, they weren't able to access the most sensitive material, which is stored on computers not connected to the Internet.

Former U.S. officials say the attacks appear to have originated in China. However it can be extremely difficult to determine the true origin because it is easy to mask identities online.

A Pentagon report issued last month said that the Chinese military has made "steady progress" in developing online-warfare techniques. China hopes its computer skills can help it compensate for an underdeveloped military, the report said.

The Chinese Embassy said in a statement that China "opposes and forbids all forms of cyber crimes." It called the Pentagon's report "a product of the Cold War mentality" and said the allegations of cyber espionage are "intentionally fabricated to fan up China threat sensations."
Question of the Day

The U.S. has no single government or military office responsible for cyber security. The Obama administration is likely to soon propose creating a senior White House computer-security post to coordinate policy and a new military command that would take the lead in protecting key computer networks from intrusions, according to senior officials.

The Bush administration planned to spend about $17 billion over several years on a new online-security initiative and the Obama administration has indicated it could expand on that. Spending on this scale would represent a potential windfall for government agencies and private contractors at a time of falling budgets. While specialists broadly agree that the threat is growing, there is debate about how much to spend in defending against attacks.

The Joint Strike Fighter, also known as the F-35 Lightning II, is the costliest and most technically challenging weapons program the Pentagon has ever attempted. The plane, led by Lockheed Martin Corp., relies on 7.5 million lines of computer code, which the Government Accountability Office said is more than triple the amount used in the current top Air Force fighter.

Six current and former officials familiar with the matter confirmed that the fighter program had been repeatedly broken into. The Air Force has launched an investigation.

Pentagon officials declined to comment directly on the Joint Strike Fighter compromises. Pentagon systems "are probed daily," said Air Force Lt. Col. Eric Butterbaugh, a Pentagon spokesman. "We aggressively monitor our networks for intrusions and have appropriate procedures to address these threats." U.S. counterintelligence chief Joel Brenner, speaking earlier this month to a business audience in Austin, Texas, warned that fighter-jet programs have been compromised.

Foreign allies are helping develop the aircraft, which opens up other avenues of attack for spies online. At least one breach appears to have occurred in Turkey and another country that is a U.S. ally, according to people familiar with the matter.

Joint Strike Fighter test aircraft are already flying, and money to build the jet is included in the Pentagon's budget for this year and next.



Computer systems involved with the program appear to have been infiltrated at least as far back as 2007, according to people familiar with the matter. Evidence of penetrations continued to be discovered at least into 2008. The intruders appear to have been interested in data about the design of the plane, its performance statistics and its electronic systems, former officials said.

The intruders compromised the system responsible for diagnosing a plane's maintenance problems during flight, according to officials familiar with the matter. However, the plane's most vital systems -- such as flight controls and sensors -- are physically isolated from the publicly accessible Internet, they said.

The intruders entered through vulnerabilities in the networks of two or three contractors helping to build the high-tech fighter jet, according to people who have been briefed on the matter. Lockheed Martin is the lead contractor on the program, and Northrop Grumman Corp. and BAE Systems PLC also play major roles in its development.

Lockheed Martin and BAE declined to comment. Northrop referred questions to Lockheed.

The spies inserted technology that encrypts the data as it's being stolen; as a result, investigators can't tell exactly what data has been taken. A former Pentagon official said the military carried out a thorough cleanup.

Fighting online attacks like these is particularly difficult because defense contractors may have uneven network security, but the Pentagon is reliant on them to perform sensitive work. In the past year, the Pentagon has stepped up efforts to work with contractors to improve computer security.

Investigators traced the penetrations back with a "high level of certainty" to known Chinese Internet protocol, or IP, addresses and digital fingerprints that had been used for attacks in the past, said a person briefed on the matter.

As for the intrusion into the Air Force's air-traffic control systems, three current and former officials familiar with the incident said it occurred in recent months. It alarmed U.S. national security officials, particularly at the National Security Agency, because the access the spies gained could have allowed them to interfere with the system, said one former official. The danger is that intruders might find weaknesses that could be exploited to confuse or damage U.S. military craft.

Military officials declined to comment on the incident.

In his speech in Austin, Mr. Brenner, the U.S. counterintelligence chief, issued a veiled warning about threats to air traffic in the context of Chinese infiltration of U.S. networks. He spoke of his concerns about the vulnerability of U.S. air traffic control systems to cyber infiltration, adding "our networks are being mapped." He went on to warn of a potential situation where "a fighter pilot can't trust his radar."

—Evan Perez contributed to this article.

[vector7]

U.S. power grid seen at risk

Key members of Congress launched an effort Thursday to protect the nation's electricity grid from criminals, vandals or U.S. enemies, who could use the Internet to cripple computers that control the generation and distribution of power.

The effort, led by the chairmen of the House and Senate homeland security committees, follows reports of hackers - possibly working for foreign governments - probing power controls for weaknesses.

Legislation sponsored by Sen. Joe Lieberman, Connecticut independent, and Rep. Bennie Thompson, Mississippi Democrat, would authorize the Federal Energy Regulatory Commission, or FERC, to supersede the power industry's self-governing body in setting security standards.

The grid is increasingly dependent on control systems operated over computer networks including the Internet.

In 2007, researchers at the Department of Energy's Idaho National Laboratory produced a video illustrating how hackers could destroy a generator by forcing it to operate at speeds that would literally shake it apart - a scenario dubbed the Aurora vulnerability.

Last year, CIA official Thomas Donahue told a conference of utility company executives that a cyberattack on the electric grid of an unspecified country had caused a widespread power outage as part of an extortion plot.

And earlier this year, the Wall Street Journal reported that hackers - including some thought to be in China and Russia - had placed malicious software on controlling computers that could be used to disrupt the U.S. power supply in the event of a war or other conflict.

"We are aware of penetration by foreign countries into our electrical grid before, so this legislation is absolutely vital," said Rep. Peter T. King, New York Republican and ranking member of the House Homeland Security Committee. Mr. King is a co-sponsor of the bill.

Mr. Thompson said that lawmakers' inquiries since 2007 had found self-regulation "effectively left many utilities vulnerable to attacks."

"The findings were disturbing," Mr. Thompson said. "Most of the electric industry had not completed the recommended mitigations" of vulnerabilities "despite being advised to do so by the Federal Energy Regulatory Commission and the North American Electric Reliability Corporation [NERC]."

NERC is an industry body that sets standards for the owners and operators of electrical generation and transmission infrastructure.

The bill would enable federal regulators at FERC to respond to any finding by the Department of Homeland Security about specific, imminent cyberthreats by issuing emergency rules without first consulting with the electricity industry or giving the industry prior notice.

NERC had no immediate comment on the bill, although officials have said they are always willing to provide input when asked.

[American Patriot]

Something big is up.

[American Patriot]

China has been able to reroute traffic on the internet.....

/sigh

[quartertiller]

Quite often messages appear in the inbox with China or Russia origin. Hovering the link shows it to be of question.

[American Patriot]

Not too good here...


U.S. Homeland Security contractor reports computer breach

WASHINGTON Thu Aug 7, 2014 5:45am EDT

6 Comments

• Tweet
• Share this
• Email
• Print

U.S. Department of Homeland Security employees work in front of U.S. threat level displays inside the National Cybersecurity and Communications Integration Center during a guided media tour in Arlington, Virginia June 26, 2014.
Credit: Reuters/Kevin Lamarque





Related Topics

• U.S. »
• Tech »
• Media »
• Cyber Crime »

(Reuters) - A company that performs background checks for the U.S. Department of Homeland Security said on Wednesday it was the victim of a cyber attack, adding in a statement that "it has all the markings of a state-sponsored attack."
The computer breach at Falls Church, Virginia-based US Investigations Services (USIS) probably involved the theft of personal information about DHS employees, according to the Washington Post, which first reported the story.
DHS said it had suspended all work with the company amid an investigation by the FBI. A "multi-agency cyber response team is working with the company to identify the scope of the intrusion," DHS spokesman Peter Boogaard said in a statement.
"At this time, our forensic analysis has concluded that some DHS personnel may have been affected, and DHS has notified its entire workforce, out of an abundance of caution, to advise them to monitor their financial accounts for suspicious activity," he said, adding that employees whose data had likely been compromised would be informed.
The Office of Personnel Management had also suspended work with USIS, the Post said, adding that government officials do not believe the breach has affected non-DHS employees.
"We are working collaboratively with OPM and DHS to resolve this matter quickly and look forward to resuming service on all our contracts with them as soon as possible," USIS said in the statement on its website. (here)
"We will support the authorities in the investigation and any prosecution of those determined to be responsible for this criminal attack," it said.
"Experts who have reviewed the facts gathered to-date believe it has all the markings of a state-sponsored attack," the company said.
USIS says it is the biggest commercial provider of background investigations to the federal government, has over 5,700 employees and provides services in all U.S. states and territories, as well as abroad.

[Phil Fiord]

As i live in the NE of our country, I have suspected some attempts of net attacks. I say this as Verizon Fios is what I have for internet and we had a total outage a couple weeks ago with no explanation and the following day the 2 articles on it were flooded over with press release coverage that Fios will have the uploads speeds as fast as downloads with no added fee. Add to that, in teh last couple months I have had what seems to be area backbone servers down so traffic was routed elsewhere after the initial flaw was detected. We never had this until recent months.

[vector7]

"Enormous Cyber Attack" Takes Down Hundreds Of Websites:
How To Track The Global Cyber War

by Tyler Durden
Oct 21, 2016 10:09 AM
http://www.zerohedge.com/news/2016-1...obal-cyber-war


Early this morning, millions of panicked Amiercans realized they may have to
be productive when suddenly their favorite social media website or news outlet
was unavailable for up to an hour. As it turns out, the culprit was
"an enormous cyberattack" which disrupted traffic to hundreds of websites
including Twitter, Spotify, Reddit, eBay and the New York Times,
particularly for internet users on the east coast of the United States.

View image on Twitter



Tom Leyden ✔ @newshawk
Here your Twitter problem. (Level3 outage map)
8:17 AM - 21 Oct 2016

The attack was targeted at a New Hampshire-based company called Dyn,
a DNS service that translates readable names for websites (such as zerohedge.com)
into an IP address that the internet understands. “Without it, we’d all be having
to type numbers into web browsers rather than the names of websites.”
said security researcher Graham Cluley.

Dyn ✔ @Dyn
We are aware of the ongoing service interruption
of our Managed DNS network.
For more information visit our status page.
7:32 AM - 21 Oct 2016

Dyn is one of the largest services of its kind, and its widespread outage means
the companies that rely on it will be unable to load their websites. Users arriving
at the pages will get an error message.

“Starting at 11:10 UTC on October 21st-Friday 2016 we began monitoring and
mitigating a DDoS attack against our…infrastructure,” the company said on its site.
“This attack is mainly impacting US East and is impacting…customers in this region.”

Why this attack, and why now? As of this moment we don't know, however we are
confident that a Russian "involvement" will soon be revealed.

In the meantime, for those who enjoy tracking cyberwars in as they take place,
here is a real-time map of internet attacks courtesy of Norsecorp.

[American Patriot]

I noted a lot of issues this morning, and assume, apparently incorrectly, that it was related to the shit internet service here at the marina where we're staying. lol