Computer

Feds file fraud charge in Columbia Sportswear hacking case

by

Feds file fraud charge in Columbia Sportswear hacking case.
Federal prosecutors sent a message to would-be hackers Thursday, filing a single count of computer fraud against Michael Leeper, the former Columbia Sportswear information technology manager who allegedly continued to log in to the company’s computer system for years after he quit.
Prosecutors claim he continued to access Columbia’s system for more than two years with the hopes of commercial gain.
In March, Columbia filed a civil lawsuit against Leeper and Denali Advanced Integration, his new employer, claiming Leeper hacked into the Columbia system hundreds of time.
Columbia claims it terminated Leeper’s regular network account.
Leeper denied any wrongdoing and claimed Columbia knew he was getting into the company’s system.
He also argued that his hacking had not caused any harm to the Portland outdoor apparel and footwear company.
The civil case is pending.
Sam Kaufman, the Portland attorney representing Leeper, declined comment on the criminal case, as did Columbia officials.
— Jeff Manning 503-294-7606, jmanning@oregonian.com

These Scientists Took Over a Computer by Encoding Malware in DNA

by

These Scientists Took Over a Computer by Encoding Malware in DNA.
And now, for the first time, researchers from the University of Washington have managed to take over a computer by encoding a malicious program in DNA.
Strands of DNA are made from four building blocks, represented by the letters A, C, G, and T. These letters can be used to represent the 1s and 0s of computer programs.
When those strands were sequenced, the malware launched and compromised the computer that was analyzing the sequences, allowing the team to take control of it.
“The present-day threat is very small, and people don’t need to lose sleep immediately,” says Tadayoshi Kohno, a computer security expert who led the team.
“But we wanted to know what was possible and what the issues are down the line.” The consequences of such attacks will become more severe as sequencing becomes more commonplace.
In the early 2000s, it cost around $100 million to sequence a single human genome.
To make their malware work, the team introduced a vulnerability into a program that’s commonly used to analyze DNA data files.
That’s a bit of a cheat, but the team also showed that such vulnerabilities are common in software for analyzing DNA.
“My hope is that over the next 5 to 10 years, people take a strong interest in DNA security, and proactively harden their systems against adversarial threats,” says Kohno.

Cyber crime: Britain’s public bodies hacked more than 400 times in the last three years

by

Cyber crime: Britain’s public bodies hacked more than 400 times in the last three years.
These are not lovable rogues – they want money.” Dr Tim Owen, director of the University of Central Lancashire’s Cyber Crime Research Unit Attacks But data obtained under Freedom of Information rules by the i and Johnston Press Investigations can reveal for the first time the full extent to which the cyber defences of Britain’s public bodies are being penetrated on a regular basis.
Between March 2014 and April this year there were 424 successful attacks, mostly using ransomware, on the computer systems of 182 NHS bodies, local authorities and other public bodies.
A total of 111 UK councils reported 256 ransomware incidents.
These incidents, the vast majority of which have not been previously made public, range from the blocking hospital websites for months at a time to the encryption of 20,000 adult social care records at an English local authority.
Nine health service trusts and several councils confirmed that they had not reported successful breaches of their security systems to law enforcement while one NHS trust said it had been told by police that an attacker had been found to be outside the European Union and therefore no further action was taken.
One leading expert told i that hackers were targeting with the NHS with “murderous intent” in the full knowledge that attacking the computer systems of hospitals put lives at risk.
The investigation revealed one incident in which a ransom had been paid.
Dr Tim Owen, director of the University of Central Lancashire’s Cyber Crime Research Unit, said: “These people targeted the NHS because they wanted to cause maximum danger and disruption to people’s lives.
Several prominent organisations, including the Human Tissue Authority (HTA), the National Gallery in London and UK Sport, said they had been the victim of attacks.

Special prosecutor sought in Washtenaw County hacking case

by

PITTSFIELD TOWNSHIP, MI – A 26-year-old Ypsilanti man accused of hacking into Washtenaw County’s computer system had his case adjourned Thursday, July 6, because there was no authorized prosecuting attorney at the hearing.
Konrads Voits appeared briefly in Pittsfield Township’s 14A-1 District Court, where Judge J. Cedric Simpson adjourned a probable cause conference until July 20.
While Washtenaw County’s Chief Assistant Prosecutor Steven Hiller was present at the hearing, he was unable to represent the people due to a circuit court judge’s decision in June to disqualify the prosecutor’s office. “We cannot advocate in any way in this case,” he said.
Voits’ attorney, Assistant Washtenaw County Public Defender Robin Stephens, argued in a motion that since the county is the victim in the case, the county shouldn’t be prosecuting it.
Police allege he assumed someone else’s identity and hacked into the computer system.
Voits faces charges of unauthorized access to computers, a felony punishable by up to five years in prison, and using a computer to commit a crime, which carries four to 10 years imprisonment.
In a second case, Voits is charged with identity theft, fraudulent access to computers, $20,000 or more, using computers to commit a crime and receiving and concealing stolen property, more than $200. “I don’t have the other side of the story,” he said.
Voits has already been bound over to circuit court in the first case and a pretrial hearing was set for Aug. 2.

Four Steps to Protect Your Business From A Data Breach

by

Plan, train & protect With high-profile data breaches regularly hitting the headlines, it’s essential for every business to take action to protect their customers’ data.
From restricting physical access to your computer systems to using high-tech data encryption tools, you can reduce your risk of becoming the latest victim of cyber criminals.
Encryption software scrambles the text in a file, making it look like garbage to anyone who copies the file from a stolen hard drive or intercepts it while it is being sent over the Internet.
Use Two-Factor Authentication If a criminal manages to log into your company’s computer system, they could cause serious damage to your network or steal sensitive data.
A good way to ensure this doesn’t happen is to require your employees to use two-factor authentication to log into their work accounts.
In addition to asking for a password, a system using two-factor authentication also requires an employee to input a code, which is sent via SMS or email.
In order to circumvent this system, a data thief would have to not only guess the employee’s password but also gain access to their mobile device or email account.
Provide Data Security Training For Employees Even if you have strong security systems in place, a data breach could still occur if your employees don’t follow company policies correctly.
For example, employees may use weak passwords that are easy to guess, copy sensitive data onto USB sticks so they can work with it at home, give outsiders access to your company premises, or leave company laptops or mobile devices in places where criminals can access them.
Therefore, you should have a plan in place to reduce the damage if a data breach occurs.

Computer expert: Some voting machines can be directly hacked

by

A computer science professor told the Senate Intelligence Committee Wednesday that voting machines that create an electronic record of the voters’ decisions are open to fraud and computer hacking, vulnerabilities that are big enough to potentially change the outcome of some elections.
J. Alex Halderman, professor of computer science at Michigan University, said he and his team began studying “direct-recording electronic” (DRE) voting machines 10 years ago and found that “we could reprogram the machine to invisibly cause any candidate to win.
We also created malicious software — vote-stealing code — that could spread from machine-to-machine like a computer virus, and silently change the election outcome.”
Halderman’s testimony comes as the committee is trying to assess the scope of Russia’s attempts to not only spread disinformation in the 2016 elections, but also its efforts to hack into U.S. voting systems.
As a computer science professor, Halderman has not only run academic trials on hacking voting machines, he has also run real-time examples. “The one instance when I was invited to hack a real voting system while people were watching was in Washington D.C in 2010, and in that instance it took less than 48 hours for us to change all the votes and we were not caught,” Halderman said about the experiment.
The committee has heard from multiple experts who have said the Russian efforts in 2016 did not result in any changed votes.
Additionally, not all states or local election jurisdictions use the DRE voting machined described by Haldeman.
But Halderman said he does not believe claims that because some voting machines aren’t connected to the Internet, they are somehow safe.
The committee has heard testimony for months now that Russia’s efforts to disrupt the 2016 elections were not a one-time attempt, and that the threats will continue to grow and become more sophisticated.

Warning of new malware attacks against power grids

by

Warning of new malware attacks against power grids.
Malware may be life threatening.
That poses a serious problem to everyone.
Cybersecurity firms Dragos and ESET have found malware called Crash Override or Industroyer that likely shut down power grids in the Ukraine.
Although that country is halfway around the world, an attack by Russia (most likely) on Ukraine’s power should alarm everyone.
Just imagine your electricity being turned off by a computer bug.
What if you couldn’t cook, keep your medicine refrigerated or keep your house cool or warm?
What if the electricity was turned off at hospitals and police stations?
That’s why the U.S. government is taking these malware attacks seriously.
Make sure they know that you’re concerned about malware attacks on our power grid.

The NSA has linked the WannaCry computer worm to North Korea

by

The NSA has linked the WannaCry computer worm to North Korea.
The National Security Agency has linked the North Korean government to the creation of the WannaCry computer worm that affected more than 300,000 people in some 150 countries last month, according to U.S. intelligence officials.
[NSA officials worried about the day its potent hacking tool would get loose.
It was the first computer worm to be paired with ransomware, which encrypts data on victims’ computers and demands a ransom to restore access.
It states that the hackers behind WannaCry are also called “the Lazarus Group,” a name used by private-sector researchers.
That data point was a “building block” for the North Korea assessment, the individual said.
The linkage shows that despite the Obama and Trump administrations’ efforts to deter North Korean aggression, the country does not appear to have been discouraged from launching one of the most wide-ranging cyberattacks the world has seen.
The NSA cyber tool at the base of WannaCry was an exploit dubbed EternalBlue by the agency.
Michael Daniel, president of the Cyber Threat Alliance, a nonprofit group devoted to improving cyberdefenses through data sharing, said there were a “reasonable number” of victims in the United States.
When the South Koreans want to respond to North Korea, Schiff said, they use a form of information warfare.

Expert Says Spyware Attacks Appear to Be Targeting Senior Citizens

by

A Fort Worth woman says she was trying to look up customer service for her phone company when her computer was locked by hackers. “It’s my friend,” she said, laughing.
Imagine her surprise when that friend appeared held for ransom.
Call this number immediately,'” Zimmerman said.
What started as a simple Google search for the customer service number at her phone company ended with a call to the 800-number on that bright red screen telling her she had big problems.
Zimmerman knew it was a scam, so she hung up the phone after giving the person on the other end a choice word or two.
She ended up shutting down her computer and restarting it, and she hasn’t had any trouble since then.
Still, she likely has spyware on her computer.
Remember your computer manufacturer will never hijack your computer and charge money to get it back.
Anti-virus software helps protect you from spyware, but there’s another more complicated virus out there that does the same thing.

Fifty Password Hashes Per Hour: How Insiders Could Compromise Any Corporate Network With A $20 Device

by

Armed with this device, they were able to covertly collect user authentication data from a corporate network at a rate of 50 password hashes per hour.
After that, the device was connected to the targeted machine and started to automatically feed the server with stolen credential data.
As a result, researchers were able to collect authentication data sent by the attacked PC and its applications, as they tried to authenticate domain and remote servers.
In addition, researchers were also able to collect this data from other computers in the network segment.
Moreover, as the specifics of the attack allowed for intercepted data to be sent through the network in real time, the longer the device was connected to the PC, the more data it was able to collect and transfer to a remote server.
This means that potentially anyone, who is familiar with the Internet and has basic programming skills, could reproduce this experiment.
Domain user passwords should be changed regularly.
All of the computers within a corporate network have to be protected with security solutions and regular updates should be ensured.
Besides intercepting the authentication data from a corporate network the experimental device can be used for collecting cookies from browsers on the attacked machines.
Read more about the experiment and about the measures that can be taken to protect corporations and home users from attacks of this type on Securelist.com Kaspersky Lab is one of the world’s fastest-growing cybersecurity companies and the largest that is privately-owned.