Wednesday, August 03, 2011

Las Vegas Hot and Dry for Black Hat Conference

The Black Hat security conference opens in Las Vegas, Nevada, today to hot, dry weather, and a very full schedule.
Security researchers will demonstrate new hacking techniques that probe networking devices, exploit holes in common database management systems and target vulnerabilities deep inside various operating systems. Other experts will reveal research into the destructive power of new, more sophisticated malware strains designed to remain virtually undetectable long after they penetrate target systems.

...The focus will turn to weaknesses in cloud architecture when two members of WhiteHat Security Inc.'s Threat Research Center, Matt Johansen and Kyle Osborn, show off serious holes in Google Chromebooks, notebook computers that run the Google Chrome OS. Users of these new devices primarily use the Chrome browser to navigate the operating system and access email, files and other documents on the Web.

In a Black Hat webinar last month, Johansen said the Chromebook platform is open to Web browser attack techniques. It uses a browser-extension trust model, Johansen said, and those extensions act like Web applications, which can be attacked using the same techniques that cybercriminals have been using for years. _SearchSecurity
Meanwhile, the "biggest-ever" series of cyber attacks has been revealed in a McAfee report. Signs point to China (or perhaps Russia) as the origin of the cyber mischief.
Security experts have discovered the biggest series of cyber attacks to date, involving the infiltration of the networks of 72 organizations including the United Nations, governments and companies around the world.

Security company McAfee, which uncovered the intrusions, said it believed there was one “state actor” behind the attacks but declined to name it, though one security expert who has been briefed on the hacking said the evidence points to China.

The long list of victims in the five-year campaign include the governments of the United States, Taiwan, India, South Korea, Vietnam and Canada; the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency; and an array of companies, from defense contractors to high-tech enterprises.

In the case of the United Nations, the hackers broke into the computer system of the UN Secretariat in Geneva in 2008, hid there unnoticed for nearly two years, and quietly combed through reams of secret data, according to McAfee.

“Even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators,” McAfee’s vice president of threat research, Dmitri Alperovitch, wrote in a 14-page report released on Wednesday.

“What is happening to all this data … is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook), the loss represents a massive economic threat.”

McAfee learned of the extent of the hacking campaign in March this year, when its researchers discovered logs of the attacks while reviewing the contents of a “command and control” server that they had discovered in 2009 as part of an investigation into security breaches at defense companies.

It dubbed the attacks “Operation Shady RAT” and said the earliest breaches date back to mid-2006, though there might have been other intrusions as yet undetected. (RAT stands for “remote access tool,” a type of software that hackers and security experts use to access computer networks from afar).

Some of the attacks lasted just a month, but the longest — on the Olympic Committee of an unidentified Asian nation — went on and off for 28 months, according to McAfee.

“Companies and government agencies are getting raped and pillaged every day. They are losing economic advantage and national secrets to unscrupulous competitors,” Alperovitch told Reuters.

“This is the biggest transfer of wealth in terms of intellectual property in history,” he said. “The scale at which this is occurring is really, really frightening.” _FinancialPost
Given its shady history, China is the most likey perpetrator, although Russia cannot be ruled out entirely. The cyber and crypto arms races are ongoing and unlikely to end until humans stop using advanced computing, communications, and codes.

No comments: