Search the Community

STAGIU DE VOLUNTARIAT / PRACTICĂ LA CERT-RO Directorul General al CERT-RO Dan Cîmpean caută un număr de patru (4) voluntari pe perioada: 21 Iulie 2020 - 15 Septembrie 2020 , care sunt interesați să trăiască timp de două (2) luni experiența profesională a unui Director din Centrul Național de Răspuns la Incidente de Securitate Cibernetică. Condiții de participare: · Student(ă) sau absolvent(ă) de studii superioare · Cunoștințe de limba engleză nivel cel puțin mediu · Interesat(ă) de a activa, lucra și învăța în una din instituțiile de vârf ale Guvernului României · Un (1) student și o (1) studentă din București, ce vor activa la CERT-RO · Un (1) student și o (1) studentă din județe, ce vor activa online · Disponibilitate de a activa in medie 2 ore pe zi, flexibil. Selecția se va face de către Departamentul HR al CERT-RO pe baza CV-urilor primite. CV-ul trebuie trimis la adresa de mail HR@CERT.RO până la data de 17 iulie 2020, 23:59.

Salutare tuturor! Sunt la Facultatea de Psihologie la Master, iar lucrarea mea implică să dau un chestionar de personalitate celor care știu să facă hacking de orice tip sau hacktivism. Totul este confidențial....iar rezultatele finale vi le pot da. Vreau să întreb dacă ați completa un chestionar în google forms de acest tip ca să vă atașez linkul? http://researchcentral.ro/index.php?action=listateste&ID=96 Aștept păreri!

Competitia de la Cyber Security Challenge UK, cea cu Flag Day, continua si in 2015. Enjoy! » Overview

Just a moment...

President Barack Obama has ordered the shoring up of sanctions that the US could use against individuals and nations that attack the country with cyber tools and threats. No new sanctions have been created, but Obama is keen to see existing measures applied with more force and frequency. The US has used these tools before, and they were raised during discussions about the alleged North Korea attack on Sony Pictures. The president presents his actions as a reaction to the real menace that is growing in scale and capability and continues to hurt US firms like Home Depot. "I find that the increasing prevalence and severity of malicious cyber-enabled activities originating from, or directed by, persons located, in whole or in substantial part, outside the US constitute an unusual and extraordinary threat to the national security, foreign policy and economy of the US. I hereby declare a national emergency to deal with this threat," he said. The response is a greater use of sanctions, and an increase in the powers available to the government, according to a White House blog post. "We are at a transformational moment in how we approach cyber security. The actions we take today will help ensure that the internet remains an enabler of global commerce and innovation," said Lisa Monaco, US homeland security advisor to president Obama. "We need to deter malicious cyber activity and to impose costs in response to the most significant cyber intrusions and attacks, especially when those responsible try to hide behind international boundaries. "Effective incident response requires the ability to increase the costs and reduce the economic benefits from malicious cyber activity. We need a capability to deter and impose costs on those responsible for significant harmful cyber activity where it really hurts - at their bottom line." Businesses such as the US Postal Service have been attacked with greater frequency over the past year and, while international entities are not always blamed, China is a regular suspect. Sanctions can be imposed against a nation or an individual, and they are expected to be used only at times when US assets and infrastructure are under threat. Source

China finally admits it has special cyber warfare units — and a lot of them. From years China has been suspected by U.S. and many other countries for carrying out several high-profile cyber attacks, but every time the country strongly denied the claims. However, for the first time the country has admitted that it does have cyber warfare divisions – several of them, in fact. In the latest updated edition of a PLA publication called The Science of Military Strategy, China finally broke its silence and openly talked about its digital spying and network attack capabilities and clearly stated that it has specialized units devoted to wage war on computer networks. An expert on Chinese military strategy at the Center for Intelligence Research and Analysis, Joe McReynolds told TDB that this is the first time when China has explicit acknowledged that it has secretive cyber-warfare units, on both the military as well as civilian-government sides. CHINESE CYBER WARFARE UNITS According to McReynolds, China has three types of operational military units: Specialized military forces to fight the network -- The unit designed to carry out defensive and offensive network attacks. Groups of experts from civil society organizations -- The unit has number of specialists from civilian organizations – including the Ministry of State Security (its like China’s CIA), and the Ministry of Public Security (its like FBI) – who are authorized to conduct military leadership network operations. External entities -- The unit sounds a lot like hacking-for-hire mercenaries and contains non-government entities (state-sponsored hackers) that can be organized and mobilized for network warfare operations. According to experts, all the above units are utilized in civil cyber operations, including industrial espionage against US private companies to steal their secrets. CHINESE CYBER UNIT 61398 In 2013, American private security firm Mandiant published a 60-page report that detailed about the notorious Chinese hacking group 'Unit 61398', suspected of waging cyber warfare against American companies, organizations and government agencies from or near a 12-story building on the outskirts of Shanghai. The UNIT 61398 also targeted a number of government agencies and companies whose databases contain vast and detailed information about critical United States infrastructure, including pipelines, transmission lines and power generation facilities. MOST WANTED CHINESE HACKERS Last year, the United States filed criminal charges against five Chinese military officials, named Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui, for hacking and conducting cyber espionage against several American companies. The alleged hackers were said to have worked with the PLA’s Unit 61398 in Shanghai. Among spying on U.S companies and stealing trade secrets, they had also accused for stealing information about a nuclear power plant design and a solar panel company’s cost and pricing data. Source

The Cyber Security Challenge final has launched, tasking 42 amateur white hats to regain control of a naval gun system on board HMS Belfast as a part of a simulated cyber attack by the 'Flag Day Associates' hacktivist group. The final challenge is the brainchild of experts from GCHQ, the National Crime Agency, Lockheed Martin, Airbus Group, PGI, C3IA and Palo Alto Networks (in partnership with BT). The finalists will attempt to regain control of a gun system which has been hacked remotely and forced to target London's City Hall. Contestants will also be required to find similar security holes in a simulated water treatment and manufacturing facility using industry-standard tools, such as the Kali Linux distribution. The winner will be crowned on Friday. The simulation is the final round in the fifth Cyber Security Challenge, which has seen "thousands" of entrants combat the Flag Day Associates in a variety of fictional situations. The challenge is designed to help businesses and government departments spot talented individuals and recruit them into cyber security. Stephanie Daman, CEO of the Cyber Security Challenge, said that many of 2014's finalists now have cyber security jobs. "Around half of last year's finalists are already in their first cyber security jobs, whilst the majority of the rest are well on their way, taking training courses, accreditations or internships to boost their CVs. There is no reason why all 42 of our finalists today can't follow in their footsteps." Past winners include 19-year-old student William Shackleton and chemist Stephen Miller. Cabinet Office minister Francis Maude listed the high turnout and success of participants finding cyber security jobs as proof of the challenge's success. "Today's competition highlights the very best new cyber security talent as they are challenged by a set of exciting and innovative scenarios developed by GCHQ alongside industry experts," he said. "Government and business need skilled and talented people to feed the demand for better cyber security in the UK. "This competition is the biggest and best yet, and events like this play an important role in providing the next generation of cyber professionals." The challenge final follows a wider push by the UK government to better defend critical infrastructure systems against cyber attacks. The UK and US governments announced plans to mount a series of simulated cyber war games in January with the intention of bolstering critical infrastructure systems. The initiatives follow warnings that the cyber threat facing critical infrastructure is growing. The US Industrial Control Systems Cyber Emergency Response Team revealed on Thursday that US industrial control systems were hit by cyber attacks at least 245 times over a 12-month period. Source

IN THE CIA’S mission of global influence and espionage, its hackers have just been elevated to a powerful new role. On Friday afternoon, CIA director John Brennan publicly issued a memo to the agency’s staff calling for a massive re-organization of its hierarchy and priorities. And center stage in the CIA’s new plans is a new Cyber Directorate that will treat “cyber”—in federal-speak, hackers and hacking—as a major new focus for both offense and defense. “Digital technology holds great promise for mission excellence, while posing serious threats to the security of our operations and information, as well as to U.S. interests more broadly,” Brennan’s memo reads. “We must place our activities and operations in the digital domain at the very center of all our mission endeavors. To that end, we will establish a senior leadership position to oversee the acceleration of digital and cyber integration across all of our mission areas.” The CIA’s interest in hacking isn’t new: After all, it’s known to have actively participated in the mission to disable Iranian nuclear facilities using the Stuxnet malware, in partnership with the NSA and Israeli intelligence. But more than ever, those sorts of digital elements are being integrated into the CIA’s human intelligence operations, says Jim Lewis, a fellow at the Center for Strategic and International Studies who has had conversations with intelligence and military officials over the last year about the plans for the CIA’s digital overhaul. Those “humint” operations, as the intelligence community calls them, typically involve real spies on the ground, unlike the NSA’s remote cyberespionage or the cyberwarfare activities of the Pentagon’s Cyber Command. “This kind of cyber activity has become increasingly important to them,” says Lewis. “It’s not NSA’s [signals intelligence] mission; it’s not Cyber Command’s war fighting mission. It’s traditional espionage using cyber techniques,” says Lewis. That combination of humint and digital operations could mean a spy infiltrating an organization to plant spyware by hand, for instance, or a digital investigation to check the bona fides of a source or agent. “If you think of NSA as a vacuum cleaner and Cyber Command as a hammer, this is a little more precise, and it’s about supporting human operations.” The CIA’s announcement represents yet another sign that cyber-offense is gaining importance for practically every intelligence and military agency. The FBI late last year asked for new rules of criminal procedure that would vastly expand its power to hack into the computers of criminal suspects. And we know from Snowden leaks that the NSA has built the world’s most powerful hacking organization, pulling off high-resource operations that have rarely been seen elsewhere in the cybersecurity world. The NSA’s most recent operations reportedly include hacking SIM card manufacturer Gemalto and planting insidious malware in the firmware of hard drives. But Lewis argues that the CIA announcement is also intended to help the CIA shift from its paramilitary role during the wars in Iraq and Afghanistan into more of a peacetime espionage role, where digital spying will be doubly important. “They’ve been involved in armed conflict and operating drones,” says Lewis. “Now they have to go back to old-school spying, recruiting agents, getting people to tell you secrets in a peaceful environment.” Brennan’s announcement is also intended largely as a personnel move, says Alan Paller, research director for the SANS Institute, which educates and evaluates the cybersecurity skills of many government staffers. “His reorg is at least 80 percent about…giving the cybersecurity mission more of a front and center position and equal authority, rather than a technical support role at the beck and call of intelligence analysts,” Paller says. That new level of prestige and opportunity for the CIA’s hackers, says Paller, will be crucial to recruiting in an age where human minds, not stockpiles of weapons, can decide foreign conflicts. “Only extraordinarily skilled cyber defenders and cyber operators can enable a unit or a business or a nation to survive,” Paller says. “You cannot train your way to supremacy. You have to recruit people with the right brain wiring and invest heavily in constantly building their skills. Those correctly wired people are rare.” Source

Numerous malicious attacks on computers and mobile devices as well as networks of important entities have recently made the news and have brought back to the surface the debate on cyber warfare and the dangerousness of cyber weapons. The increasing dependence on the Internet and the recent spur of attacks are beginning to create greater concern. The fear is not just based on the possibility that a cyber attack could simply cause the non-availability of information and services we are now accustomed to. The Internet has not just reshaped the way we obtain news, communicate with others, take care of our finances, watch TV and listen to music, but it is also permeating other essential fields of our lives. From power smart grids to the “Internet of Things,” the potential targets of cyber warriors are now multiple and the possible consequences catastrophic. Premeditated, politically or socially motivated attacks against a computer-dependent society could be orchestrated by foreign powers and affect nations at any level: from the availability of utilities, to denied access to important financial and medical information, to causing a significant impact on national GDPs. This article will explore the concept of cyber warfare and cyber weapons, plus recount latest happenings and discuss whether the danger is real. Cyber Warfare and Cyber Weapons The definition of cyber warfare and cyber weapons is not as clear-cut as it might seem. Distinguishing these attacks from simple cyber crimes is essential to define rules of engagements by countries and to establish what should be considered a direct act of war against the sovereignty and wellbeing of a state. According to the Tallin Manual on the International Law Applicable to Cyber Warfare – a study commissioned by the NATO Cooperative Cyber Defence Centre of Excellence that is not considered a legally binging document – cyber weapons are cyber means of warfare designed, used or intended to cause either injury or death of people or damage to or destruction of objects. Without a globally recognized definition, however, it is hard to strictly define and recognize true acts of cyber warfare, prevent attacks, hold entities accountable and define legal responses. The inability to agree to basic notions is a considerable weakness in the international arena and leaves space to much uncertainty and endless possibilities for nations beginning to employ these warfare techniques. Several definitions have been given by scholars, but, in general, a cyber weapon is intuitively considered any software, virus, and intrusion device that can disrupt critical infrastructures of other countries, from military defense systems to communications to electric power smart grids to financial systems and air traffic control. Debates have been rising on the possibility to consider cyber weapons tools used not only to directly impair systems but also to spy on nations through cyber espionage. Again, the lack of a globally-recognized legal definition doesn’t help. Have cyber weapons ever been deployed? You may recognize an incident that happened in 2009, the first known use of a cyber weapon: Stuxnet. It was a complex piece of malware believed to be an example of government cyber weapon aimed at severely disrupting the Iranian nuclear program. The paternity of the attack has been a source of debate, but in the end, it was believed to be a joint US/Israel operation. Stuxnet targeted a plant in Natanz, Iran. By turning off valves and impairing centrifuges, equipment was damaged and the Iranian uranium enrichment program effectively slowed down. However, Stuxnet might have not even been the first cyber war tool directed toward Iran. Flame, another powerful malware that masqueraded itself as a routine Microsoft software update, had already been used to map and monitor Iranian networks and collect critical information. Is a Cyber World War a Concern? A 2013 report by Director of National Intelligence James R. Clapper explained that the possibility of a major cyber attack to US critical infrastructures causing a long-term and widespread disruption of services by major players like Russia and China is remote. However, smaller scale attacks by smaller states or non-state entities seem to be a concern. According to the report, “less advanced but highly motivated actors could access some poorly protected US networks that control core functions, such as power generation, during the next two years, although their ability to leverage that access to cause high-impact, systemic disruptions will probably be limited. At the same time, there is a risk that unsophisticated attacks would have significant outcomes due to unexpected system configurations and mistakes, or that vulnerability at one node might spill over and contaminate other parts of a networked system.” This may not come as a surprise to anyone, but any telecommunications infrastructure attack could cause enough harm to generate fear. Every government or corporation entire infrastructure, let alone the public at large, may be at stake. Can digital attacks really have tangible effects? Absolutely. An oil pipeline in Turkey was cyber attacked and exploded in 2008. The pipeline was super-pressurized and alarms were shut off. By hacking security cameras, attackers (allegedly Russian) were able to hide the blast from the control room that, unaware, was unable to respond promptly. Another attack to a German steel company demonstrated how, by simply infiltrating the information systems running the plant, hackers could cause major damage. Although not a single Internet successful attack has been recognized as directed by a foreign terror organization against the United States homeland, there have been instances of intrusions intended to inflict significant harm on the American government or state agency, as well as US businesses. Last November, there was an intrusion into the networks of the Department of the State that led to the unclassified email system shutdown. Carol Morello, the diplomatic correspondent for The Washington Post who covered the affair, noted the activity was related to hacking of White House computers reported a month prior, and to security breaches that occurred at both the U.S. Postal Service and the National Weather Service. Those incidents pointed to Russian hackers as prime suspects; the perpetrators were believed to be working directly for the Russian government. Sony Pictures Entertainment (SPE) is another recent case; its networks were infected in a November 2014 incident. According to the FBI, the occurrence resembled past cyber efforts by North Korea. What makes a cyber warfare attack appealing? Mainly the fact that it can come at little or no cost for the perpetrator. An attacker with great technical capabilities can create disruption by using a single computer wherever he or she is located. While the use of conventional weapons requires expensive manufacturing and physical travel to target locations, cyber attacks can be conducted from anywhere. Traditional weapons have a cost that might be prohibitive for many and are hard to transport (or deliver) in secrecy. In other cases, attacks might require the sacrifice of the offenders. Cyber attacks are quick, can be equally destructive and can definitely be inexpensive to execute. According to Amy Chang, research associate at the Center for a New American Security, “Cyber warfare is a great alternative to conventional weapons. […] It is cheaper for and far more accessible to these small nation-states. It allows these countries to pull off attacks without as much risk of getting caught and without the repercussions when they are.” Accountability is hard to prove when cyber weapons are used. By using several proxies or infecting computers indirectly, it is difficult to trace back to a particular malicious hacker or organization on any form of attacks. And even if a culprit is found, it is hard to accuse a nation of a deliberate act of war, especially due to lack of a legal framework. The problem today is that we live in a high-tech world of uncertainty where people are not well trained and equipped for these new threats that can disrupt communications, and network traffic to and from websites and can potentially paralyze Internet service providers (ISPs) at the international level across national borders. So, in the face of constant security threats, there is a need for all to fully understand how to handle cyber security issues and cyber war and how to mitigate risks and minimize the damage, as best as possible if the circumstances arise. Cyberspace and its Security What can be done and who should act in defense of a nation’s cyberspace? The answer may be complicated. Defending cyberspace is not an easy feat, considering the number of interconnected computers, mobile devices and networks. The majority of the systems, including those regulating nations’ critical infrastructures, are interconnected and then vulnerable not only to direct attacks but also to infection by transmission. Ironically, the numerous technological advances might also pose a risk, as cyber terrorists seem to be always a step forward in identifying security vulnerabilities before security experts can patch them. Lack of recognized rules in cyberspace and difficulty to implement boundaries complete the picture. Lacking a real global response to cyber warfare, many countries and organizations are creating structures and task forces to prepare against cyber threats. According to intelligence studies, more than 140 countries have funded cyber weapon development programs. The U.S. is particularly active and created the USCYBERCOM that “plans, coordinates, integrates, synchronizes, and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full-spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.” In 2012, the U.S. Defense Advanced Research Projects Agency (DARPA) invested $110 million in Plan X, a “Cyberspace is now recognized as a critical domain of operations by the U.S. military and its protection is a national security issue. Plan X is a foundational cyberwarfare program to develop platforms for the Department of Defense to plan for, conduct, and assess cyber warfare in a manner similar to kinetic warfare.” The program was included in DARPA’s reported $1.54 billion cyber budget for 2013-2017. Recently, the U.S. Naval Academy also received $120M to build a classified cyber warfare center in 2016. The center will allow midshipmen to work on classified system and acquire cyber warfare skills. Organizations like the European Advanced Cyber Defence Centre (ACDC), the NATO Computer Incident Response Capability (NCIRC) and the Internet Engineering Task Force (IETF), amongst many others, are working on fighting back against organized, international cyber criminals that have used cyberspace as a warfighting domain. However, this may not be enough to avoid terrorism-based cyberwar attacks, so everyone ought to prepare proactively and effectively by securing systems as much as possible. In an Internet-connected world, every end user is at risk, either directly or indirectly. The Internet provides many different ways to attack. Internet-connected systems must be secured on a global scale. With cyberspace being so vast, flexible, and unregulated, all its users are highly vulnerable to dangers from outside threats. Recent cyber attacks highlight the potential threat posed by information warfare tactics and techniques that use computer connectivity and exploit vulnerabilities sometimes caused by users’ inattentiveness or lack of basic cyber security practices. Proper use of intrusion-detection and intrusion-prevention systems (IDS/IPS) and firewalls (a network’s first line of defense against threats) is a basic response. Through real-time analysis of network traffic—i.e., to investigate and contain these security threats—people can detect the majority of the less sophisticated hacking attacks at a user level. Larger companies must be more aware than ever about their network security vulnerabilities and secure their properties with proper Advanced Threat Protection Platforms for endpoint protection and server security. In the case of government-orchestrated cyber attacks, one of the main lines of defense is the creation of a common front against attackers. There is no better time than now to open collaboration and dialogue amongst various industries and government agencies to take action. Attacks against larger, interconnected systems might be more easily disclosed by comparing data and creating common task forces. Detection and prevention alone may not be enough to stop the attackers, each time, but at least it may inhibit future, similar threats. The Internet might be becoming a new weapon for terrorists, so overcoming cyber vulnerability requires multiple different organizations to come forward and stop the launch of cyber threats that can manipulate the physical world while operating without international boundaries. Conclusion Some of the numerous larger-scale cyber attacks can be intuitively considered acts of cyber war. With many countries large and small investing in cyber warfare, it is impossible not to think of the use of “information warfare” as a new form of terrorism. Information warfare goes beyond simply attacking computers and communications networks, as a computer-literate terrorist can wreak havoc causing physical destruction and harm to populations. The Internet can be turned into a weapon used against targets by terrorists hidden in cyberspace to carry out cyber violence and disruption, while being physically located elsewhere. Computer-related crimes, as an extension of terrorist attacks, have the potential of bringing catastrophic side effects. Cyberspace is increasingly becoming a place of risk and danger, vulnerable to hacks and cyber warfare. With today’s civilization dependent on interconnected cyber systems to virtually operate many of the critical systems that make our daily lives easier, it is obvious that cyber warfare can be the choice for many governments and states, especially those that don’t have access to expensive, conventional weapons of mass destruction. So, how do we counteract such attacks? If cyber warfare is considered war, then anti-terrorism defenses must be deployed. First, though, a legal basis for responses to attacks must be defined. A legal definition of cyber war and cyber weapon, a definition agreed upon globally, is necessary to define the perimeters within which nations can operate in cyberspace. It is important to define what to consider cyber espionage, cyber war or an act of simple hacking. Lacking a clear definition and a global cyber etiquette, nations are left with creating their own defense against cyber weapons and cyber espionage. Exploring real-world examples, continuously monitoring the Information Superhighway, and endorsing cyber security awareness, web security and online safety are the tools currently available for an effective international governance of the Internet. Although the United States has not been subjective to real, destructive cyber terrorism as of today, in terms of hostile action or threat, it has identified a number of ways terrorists can use the computer as a tool for hacking or information warfare. As the job of a cyberterrorist has become more difficult to detect, in time, information control may also be critical for successful counter-terrorism and avoidance of infrastructure warfare. Therefore, it is paramount to investigate some common defense mechanisms that can help pinpoint and capture these threats before they affect massive numbers of people and impair activities in a much more pervasive way. References Brecht, D. (2014, December). Are Cyber Threats the New Terrorism Frontier? Cyber Warnings E-Magazine, 28-32. Retrieved from index Clapper, J. R. (2013, March 12). US Intelligence Community Worldwide Threat Assessment Statement for the Record. Retrieved from http://www.odni.gov/files/documents/Intelligence%20Reports/2013%20ATA%20SFR%20for%20SSCI%2012%20Mar%202013.pdf Donohue, B. (2014, December 19). FBI Officially Blames North Korea in Sony Hacks. Retrieved from FBI Officially Blames North Korea in Sony Hacks | Threatpost | The first stop for security news Kostadinov, D. (2012, December 21). Cyberterrorism Defined (as distinct from “Cybercrime”). Retrieved from Cyberterrorism Defined (as distinct from “Cybercrime”) - InfoSec Institute Morello, C. (2014, November 16). State Department shuts down its e-mail system amid concerns about hacking. Retrieved from State Department shuts down its e-mail system amid concerns about hacking - The Washington Post NATO REVIEW. (n.d.). The history of cyber attacks – a timeline. Retrieved from http://www.nato.int/docu/review/2013/cyber/timeline/EN/index.htm Paganini, P. (2013, December 6). Cyber warfare – Why we need to define a model of conflict? Retrieved from http://securityaffairs.co/wordpress/20204/intelligence/cyber-warfare-model-of-conflict.html Storm, D. (2014, December 22). Cyberwarfare: Digital weapons causing physical damage. Retrieved from http://www.computerworld.com/article/2861531/cyberwarfare-digital-weapons-causing-physical-damage.html Suciu, P. (2014, December 21). Why cyber warfare is so attractive to small nations. Retrieved from http://fortune.com/2014/12/21/why-cyber-warfare-is-so-attractive-to-small-nations/ Source

Hello every one. At the moment i am preparing a tv program about cyber criminality and how people can protect them selfs against it. For the simple reason that many people become victim from cyber crimes in such big order that it harms our countries, economies and even our healthcare systems and inocent people. And as Snowden showed us, we got a lot of spywhere from other nations where we are not allowed to vote. If there are here serious people who understand the importance of the protection against cyber crimes, and are willing to cooperate then you can send me a PM ofcourse. Or leave a reaction here what you think is important to be treaded in this program.