Click here to close now.

Welcome!

Big Data Journal Authors: Tony Shan, Carmen Gonzalez, Elizabeth White, Liz McMillan, Ed Featherston

Blog Feed Post

August 6 – Politico: More than 1 billion passwords stolen by Russian hacker gang – Haul highlights password problems

August 6, 2014

By: Joseph Marks

With help from David Perera, Tal Kopan and Shaun Waterman

MORE THAN 1 BILLION PASSWORDS STOLEN BY RUSSIAN HACKER GANG — Last night’s New York Times scoop that a gang of criminal hackers deep in the Russian hinterlands had amassed more than 1 billion usernames and passwords linked to half-a-billion email addresses demonstrates both that the Web is increasingly dangerous for consumers and that Russia remains a safe zone for hacking networks, analysts told MC. “The untouchables of the internet have developed a robust hacker economy of scale in Russia,” Trend Micro Chief Cybersecurity Officer Tom Kellermann said.

When hackers gather information at that massive scale — this is likely the biggest haul in history — the danger isn’t just the data they have but the data they can deduce from it, CrowdStrike General Counsel Steve Chabinsky told MC. Many people ignore security experts’ advice and don’t vary their passwords, which means attackers that know the password to one account can try the same password — or variations on it — to breach other accounts. “The volume of these records allows hackers to do their own form of big data analytics, scouring passwords and using them in attacks not only against these corporate victims but against others as well,” said Chabinsky, who was previously deputy assistant director of the FBI’s cyber division.

The massive trove of data — stolen from hundreds of thousands of websites — was discovered by the Milwaukee firm Hold Security, which dubbed the gang CyberVor (cyber thief in Russian). The findings were verified by an independent security expert working on behalf of the Times. The list of compromised sites “includes many leaders in virtually all industries across the world, as well as a multitude of small or even personal websites,” Hold Security said. The hacking ring does not appear to be connected with the Russian government and does not appear to have sold many of the records, the Times reported. The story: http://politi.co/1y3H3L0 The Hold Security report: http://bit.ly/1oAdnUy

SECURITY FIRM FACES “CASHING IN” QUESTIONS — Demonstrating that no good deed goes unpunished, Hold Security has faced suggestions that they are “cashing in” on their discovery by offering a low-cost ($120 per year) service to webmasters to determine if their site was among the 420,000 breached by the gang. After questions from reporters, the firm appears to have taken down the page offering the service, reports Forbes blogger Kashmir Hill. The story: http://onforb.es/1opzTuG

HACKER HAUL HIGHLIGHTS PASSWORD PROBLEMS — The massive trove of stolen account credentials highlights the way the ubiquitous password has become one of the weakest links in the online security chain. Every new online account — from the vital like banking to the trivial like pizza delivery — means another different password to remember; or another chance for cybercrooks to steal your favorite one. Easily remembered passwords can generally be easily guessed, even when encrypted — by computers that try thousands of different possibilities a minute. But an Obama administration program exploring ways to make alternatives to the password commercially viable without infringing on privacy is caught in political crossfire on Capitol Hill.

For the third year running, House appropriators voted earlier this year to gut funding for the program, targeting cash for pilot implementation projects. As Dave Perera reports this morning, “the program’s backers say it’s pure politics. The National Strategy for Trusted Identities in Cyberspace, NSTIC, is a relatively tiny line item in the budget of the government’s technology lab. It comes in at just $16.5 million — a rounding error in the $51.2 billion appropriations bill that funds Commerce, Justice and U.S. scientific agencies.” The full story on NSTIC:http://politico.pro/1lzoXuN

HAPPY WEDNESDAY and welcome to Morning Cybersecurity, where today’s anniversary of the atomic bomb dropping on Hiroshima — whatever else you think about it — is a good opportunity to read the Times’ fascinating obituary of Theodore Van Kirk, the last surviving crew member of the Enola Gay, the plane that dropped that bomb 59 years ago. Van Kirk died last Monday at 93. http://nyti.ms/1pBCeqv Whatever you’re reading today, drop us a line. Send your thoughts, tips and feedback this week to [email protected] and follow @talkopan, @joseph_marks_, @POLITICOPro and @MorningCybersec. Full team info is below.

INTEL OFFICIALS PREPARE TO GO AFTER SECOND SNOWDEN — Intelligence officials are considering asking the Justice Department to open a criminal investigation into the leak of documents related to the government’s terrorist watchlist to Glenn Greenwald’s The Intercept, Reuters reported late yesterday. The documents were dated August 2013, two months after Edward Snowden bolted the NSA and passed a trove of documents to Greenwald and other journalists. The investigation threat would seem to confirm the intelligence community has a second leaker on its hands, but the community would not confirm that fact to Reuters. The story:http://reut.rs/1stSKuR

And some background: There have been rumors rumbling since early July that a second intelligence community source was feeding leaks to reports. That’s when German broadcaster ARD published an unsourced story about XKeyscore targeting users who visit anonymizing sites such as Tor. “I do not believe that this came from the Snowden documents … I think there’s a second leaker out there,” security researcher Bruce Schneier wrote at the time (http://bit.ly/1jO8F08) Greenwald responded by tweeting, “seems clear at this point.” (http://bit.ly/1v7YAWa).

But, even if The Intercept’s August 2013 documents are genuinely from a different source, that doesn’t mean a second leaker on the unprecedented scale of Snowden, a senior law enforcement official cautioned MC. “The unfortunate reality is some people leak information or provide information to those not entitled to receive it, but that’s not anything new,” the source said. “It’s certainly something we take seriously, but I don’t think anybody’s at the point where they think there’s another Edward Snowden.” Background from CNN, which broke the second leaker story: http://cnn.it/1y2AjwU and The Intercept report: http://bit.ly/1qVpsXQ

IN OTHER SURVEILLANCE NEWS, TOR — The Defense Department did not receive personal data about Tor users through a government-funded project to detect vulnerabilities, a DOD spokeswoman told Reuters yesterday. The project was conducted by researchers at Carnegie-Mellon University’s Software Engineering Institute with funding from DOD. The researchers had planned to describe their work at the Black Hat security conference in Las Vegas this week but the university canceled the talk amid the controversy, Reuters reported. In a note on Tor’s website last week, project leader Roger Dingledine said the service had identified computers on its network that had been quietly altering Tor traffic for five months in an attempt to unmask users connecting to “hidden services,” which include drug bazaars and whistleblower sites. Details from Reuters: http://reut.rs/V0viYM

FEDS FAIL EMAIL HYGIENE TEST — Most organizations are not doing enough to prevent their email domains from being forged by hackers and federal agency websites are especially failing — so much so that the government ought to mandate they put their house in order, a new report recommends. Just 4 percent of top federal sites qualified for the nonprofit Online Trust Alliance’s email honor roll, well below the 8.3 percent average for websites generally. Social media sites topped the list with 28 percent qualifying. Major financial institutions were next at 17 percent. To make the honor roll, organizations had to implement best practices for authenticating email that help prevent spearphishing and other malware attacks. Tal has the story http://politico.pro/1kmk6Ss

POSSIBLE IRANIAN CONNECTION IN ISRAELI DDOS ATTACKS — Security firm Arbor Networks spotted sharp upticks in DDoS attacks against Israel starting days after the Hamas-attributed deaths of three Israeli teenagers sparked the latest round of fighting. Attacks went from an average of 30 per day in June to an average of 150 per day in July, peaking at 429 attacks on July 21st, the firm said in a blog post. The attack pattern “bears a striking resemblance” to the “Itsoknoproblembro” botnet attacks launched against U.S. financial firms in 2013, Arbor adds. The Qassam Cyber Fighters, an Islamist hacking group with possible official Iranian ties, took responsibility for the financial industry attacks. Arbor says they don’t know who controls the “Brobot” botnet today, but it’s “being used to attack Israeli civilian governmental agencies, military agencies, financial services and Israel’s cc TLD DNS infrastructure.” The blog post: http://bit.ly/1kDe14s

OPERATION ARACHNAPHOBIA STILL GOING STRONG IN PAKISTAN: A Pakistani APT group has remained active even after it was outed by ThreatConnect’s Intelligence Research Team in August, 2013, launching malware attacks aimed at Indian military and government targets, according to a joint report from ThreatConnect and FireEye released yesterday. Since the first report, the group dubbed Operation Arachnophobia has embedded Bitterbug malware in phony news articles about the arrest of an Indian diplomat and about the disappearance of Malaysia Airlines flight 370 which the “lure” article casts as a Pakistani attack. Details:http://bit.ly/1ssTrDL

REPORT WATCH:

– Sixty percent of companies plan to spend their IT funds on improving cybersecurity over the next two years, and 88 percent said IT investments overall will be important or critical, according to a PwC survey of more than 200 private company leaders in the second quarter of this year: http://pwc.to/1ooEc9R

QUICK BYTES

– Former NSA Chief Keith Alexander is defending the profits of his new cybersecurity firm again — this time to the Associated Press. AP: http://bit.ly/1ATkuwQ

– Smart building technology could open up a new breed of cyberattacks. TechCrunch:http://bit.ly/XBcUYy

– Boston University researchers have been awarded a $10 million grant from the National Science Foundation to test a new cloud-based modular cybersecurity system. GCN:http://bit.ly/1y3Wdjp

– The Veterans Affairs Department launched a new campaign yesterday to educate veterans about identity theft prevention. VA: http://1.usa.gov/1kFwMUV

– Blackphone and Signal have different business philosophies but hit the same post-Snowden privacy concerns. Reuters: http://reut.rs/1sdaLLV

That’s all for today. Have a great Wednesday!

Read the full article at: http://www.politico.com/morningcybersecurity/0814/morningcybersecurity14903.html

The post August 6 – Politico: More than 1 billion passwords stolen by Russian hacker gang – Haul highlights password problems appeared first on ThreatConnect - Threat Intelligence.

Read the original blog entry...

More Stories By Adam Vincent

Adam is an internationally renowned information security expert and is currently the CEO and a founder at Cyber Squared Inc. He possesses over a decade of experience in programming, network security, penetration testing, cryptography design & cryptanalysis, identity and access control, and a detailed expertise in information security. The culmination of this knowledge has led to the company’s creation of ThreatConnect™, the first-of-its-kind threat intelligence platform. He currently serves as an advisor to multiple security-focused organizations and has provided consultation to numerous businesses ranging from start-ups to governments, Fortune 500 organizations, and top financial institutions. Adam holds an MS in computer science with graduate certifications in computer security and information assurance from George Washington University. Vincent lives in Arlington, VA with his wife, two children, and dog.

@BigDataExpo Stories
SYS-CON Events announced today that ProfitBricks, the provider of painless cloud infrastructure, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY., and the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. ProfitBricks is the IaaS provider that offers a painless cloud experience for all IT users, with no learning curve. ...
SYS-CON Events announced today that Emcien will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Emcien’s vision is to let anyone use data to know the future. Emcien has built an automated, predictive analysis product that improves the lives of real people. Emcien allows people to automate their data analysis so they can build a better future.
SYS-CON Events announced today that Dyn, the worldwide leader in Internet Performance, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, control, and optimize online infrastructure for an exceptional end-user experience. Through a world-class network and unrivaled, objective intelligence into Internet conditions, Dyn ensures...
SYS-CON Events announced today that Open Data Centers (ODC), a carrier-neutral colocation provider, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. Open Data Centers is a carrier-neutral data center operator in New Jersey and New York City offering alternative connectivity options for carriers, service providers and enterprise customers.
SYS-CON Events announced today that On the Avenue Marketing Group, a sales and marketing firm that utilizes events to market and sell products to consumers, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. On the Avenue Marketing Group (OTA) is a sales and marketing firm that utilizes events to market and sell products to consumers. On behalf of our clients, we attend thousands of fairs, festivals, exp...
SYS-CON Events announced today that ActiveState, the leading independent Cloud Foundry and Docker-based PaaS provider, has been named “Silver Sponsor” of SYS-CON's DevOps Summit New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. ActiveState believes that enterprises gain a competitive advantage when they are able to quickly create, deploy and efficiently manage software solutions that immediately create business value, but they face many challenges that ...
SYS-CON Events announced today that Vitria Technology, Inc. will exhibit at SYS-CON’s @ThingsExpo, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Vitria will showcase the company’s new IoT Analytics Platform through live demonstrations at booth #330. Vitria’s IoT Analytics Platform, fully integrated and powered by an operational intelligence engine, enables customers to rapidly build and operationalize advanced analytics to deliver timely business outcomes ...
SYS-CON Events announced today that Alert Logic, the leading provider of Security-as-a-Service solutions for the cloud, has been named “Bronze Sponsor” of SYS-CON's 16th International Cloud Expo® and DevOps Summit 2015 New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY, and the 17th International Cloud Expo® and DevOps Summit 2015 Silicon Valley, which will take place November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Akana, formerly SOA Software, has been named “Bronze Sponsor” of SYS-CON's 16th International Cloud Expo® New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. Akana’s comprehensive suite of API Management, API Security, Integrated SOA Governance, and Cloud Integration solutions helps businesses accelerate digital transformation by securely extending their reach across multiple channels – mobile, cloud and Internet of Thi...
SYS-CON Events announced today that CommVault has been named “Bronze Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY, and the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. A singular vision – a belief in a better way to address current and future data management needs – guides CommVault in the development of Singular In...
SYS-CON Events announced today that SafeLogic has been named “Bag Sponsor” of SYS-CON's 16th International Cloud Expo® New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. SafeLogic provides security products for applications in mobile and server/appliance environments. SafeLogic’s flagship product CryptoComply is a FIPS 140-2 validated cryptographic engine designed to secure data on servers, workstations, appliances, mobile devices, and in the Cloud....
SYS-CON Events announced today that StorPool Storage will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. StorPool is distributed storage software that allows service providers, enterprises and other cloud builders to run data storage on standard x86 servers, instead of using expensive and inefficient storage arrays (SAN).
SYS-CON Events announced today that QTS Realty Trust, one of the nation’s largest and fastest-growing providers of data center facilities and cloud services and a leader in security and compliance, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. QTS Realty Trust, Inc. (NYSE: QTS) is a leading national provider of data center solutions and fully managed services, and a leader in security and compliance...
SYS-CON Events announced today that IndependenceIT, a leading software provider of simplified IT management solutions for workspaces, applications and desktops-as-a-service, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. IndependenceIT's Cloud Workspace® Suite combines application, end-user and infrastructure management into a seamless, easy-to-manage platform, with a unified management interface an...
SYS-CON Events announced today that that Innodisk, the service-driven provider of industrial embedded flash and DRAM storage products and technologies, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Innodisk is a service-driven provider of industrial embedded flash and DRAM storage products and technologies. With satisfied customers across the embedded, aerospace and defense, cloud storage markets an...
SYS-CON Events announced today that Site24x7, the cloud infrastructure monitoring service, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Site24x7 is a cloud infrastructure monitoring service that helps monitor the uptime and performance of websites, online applications, servers, mobile websites and custom APIs. The monitoring is done from 50+ locations across the world and from various wireless carr...
SYS-CON Events announced today that Intelligent Systems Services will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Established in 1994, Intelligent Systems Services Inc. is located near Washington, DC, with representatives and partners nationwide. ISS’s well-established track record is based on the continuous pursuit of excellence in designing, implementing and supporting nationwide clients’ mission-cri...
SYS-CON Events announced today that B2Cloud, a provider of enterprise resource planning software, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. B2cloud develops the software you need. They have the ideal tools to help you work with your clients. B2Cloud’s main solutions include AGIS – ERP, CLOHC, AGIS – Invoice, and IZUM
SYS-CON Events announced today that Tufin, the market-leading provider of Security Policy Orchestration Solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. As the market leader of Security Policy Orchestration, Tufin automates and accelerates network configuration changes while maintaining security and compliance. Tufin's award-winning Orchestration Suite™ gives IT organizations the power and a...
SYS-CON Events announced today that Cloudian, Inc., the leading provider of hybrid cloud storage solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Cloudian, Inc., is a Foster City, California - based software company specializing in cloud storage software. The main product is Cloudian, an Amazon S3-compliant cloud object storage platform, the bedrock of cloud computing systems, that enables c...