Eideard

Hackers based in China had “widespread access” to computer systems from Nortel Networks for almost 10 years, according to a Tuesday report from the Wall Street Journal.

The hack was carried out via seven stolen passwords that belonged to Nortel executives, the Journal said. Evidence suggests that the attacks originated in China and started in 2000. The cyberscammers managed to access “technical papers, research-and-development reports, business plans, employee emails and other documents,” thanks to installed spyware.

The Journal was made aware of the intrusions by Brian Shields, a former Nortel employee who led the investigation into the hacks…

As noted by security firm Sophos, Nortel changed the offending passwords, but didn’t do much beyond a rather fruitless, six-month investigation.

Sophos analyst Graham Cluley warned not to immediately point the finger at China, an easy target.

“It’s very hard to prove a Chinese involvement. Yes, the data might have been transmitted to an IP address based in Shanghai, but it is possible that a computer in Shanghai has been compromised by.. say.. a remote hacker in Belgium,” he wrote. “It’s all too easy to point a finger, but it’s dangerous to keep doing so without proof.”

Any serious geek – or principled journalist – knows that Graham Cluley is correct about determining where a hack originates. Not that the Wall Street Journal allows its writers who fit the first category to express the second. That is – not since Rupert bought the paper.

The serious question is what sort of Dumbos were running Nortel? Bad enough they waltzed around with passwords easy to crack – at the highest level of the company. They never did a thorough enough filtering of their system to deal with trojans left behind.

A wave of “panda-monium” has swept through a northern Arizona city thanks to a mischievous street sign hacker who warned motorists of a “ROGUE PANDA ON RAMPAGE.”

State transportation officials said Tuesday that a person was able to post the hoax warning by hacking into an electronic message board in Flagstaff, Arizona, over the weekend.

Rest easy, though. Authorities said the city is safe from pandas, if not from jokesters.

Officials said the message board alerting drivers to street improvements near a busy city intersection was probably altered late on Sunday or early on Monday. It was fixed by 11 a.m. local time on Monday.

“Someone had to know what they were doing to go in and change the message,” said Mackenzie Kirby, an Arizona Department of Transportation spokeswoman. “It’s not easy.”

Kirby joked that there had been no sightings of any rogue pandas in the community, but she has been sent several photoshopped images via email of the cuddly creatures tooled up for trouble.

You can never too careful, eh? Obviously Arizona’s governor must call for increasing border security with Sichuan.

Cellular-based automotive roadside assistance services like GM’s OnStar and BMW Assist allow remote unlocking of vehicles by communicating with remote servers via standard mobile networks. Now a pair of security systems engineers have managed to prove it takes just a few hours of clever reverse engineering to crack the in-car cellular network-based technology to gain access to vehicles. They call their method “War Texting.”

Don Bailey and Mathew Solnik of security company iSEC Partners set up an ad-hoc GSM network, which allowed them to communicate directly with the in-car system, posing as authorized servers. A proprietary protocol that is normally in use proved not be secure enough. All they eventually needed to do, was to send simple messages from a laptop to the car’s computer.

Bailey and Solnik will present their findings during the upcoming Black Hat USA conference in Las Vegas in a briefing entitled “War Texting: Identifying and Interacting with Devices on the Telephone Network,” although they will skip the details regarding the attack, to allow manufacturers to fix vulnerable systems.

However, apparently not just car security technologies are defenseless against the “War Texting” hacking method, as cellular networks are also utilized by SCADA systems that monitor and control industrial infrastructure, or facility-based processes.

Isn’t it a little overdue to require manufacturers of systems like these to build-in security protocols to guarantee safety and security. I surely hope no one is counting on wireless providers to do it.

The cartoon’s not plausible. A PayPal spokesman saying, “I’m sorry”? C’mon.

Hackers seized control of a PayPal Twitter feed for more than an hour on Tuesday, then sent out messages criticizing the payment processor in the second attack of its type in two days…

The attackers sent out messages promoting paypalsucks.com, a site devoted to what it says is “exposing the nightmare of doing business ‘the PayPal way.’”

The Tweets were removed within a few hours of the hijacking…

A PayPal spokesman said via email that the attack on the Twitter account had not affected the company’s operations….

So, in other words, PayPal still sucks?

NOT on the way to deliver newspapers for Rupert

T-Mobile is considering joining Ford by pulling its advertising in News of the World following Monday’s allegations that the newspaper hacked Milly Dowler’s phone after she went missing.

A T-Mobile spokesman told the Telegraph: “We’re currently reviewing our advertising position with News of the World, following the recent allegations, and await the outcome of the ongoing police investigation.”

It is also understood that Currys and PC World are reviewing their options.

On Tuesday afternoon, it emerged that car manufacturer Ford has pulled its advertising in the News of the World. They…said in a statement: “Ford is a company which cares about the standards of behaviour of its own people and those it deals with externally. We are awaiting an outcome from the News of the World investigation and expect a speedy and decisive response. Pending this response we will be using alternative media within and outside News International Group instead of placing Ford advertising in the News of the World…”

A spokesperson from Halifax bank told the Telegraph on Tuesday they would be “reviewing and considering their options with regards to future advertising” in the News of the World, following Npower and Ford’s decision to consider places ads in the Sunday tabloid…

Twitter and Facebook were from Monday busy with users urging advertisers to boycott the News of the World. Many threatened specific companies that they would withdraw their custom unless those companies dissasociated themselves from the newspaper. There was also a Facebook page campaigning for a boycott.

Murdoch’s tradition of opportunism, sleaze and sensationalism — as a substitute for journalism — appears to be reaching a potential qualitative change among advertisers. Who do you want your brand to be associated with, after all? Reputable journalists, hard copy or online? Or creeps who hack into a kidnapped girl’s cellphone hoping for an extra special headline?

Face it. The only aspect of “ethics” that can impress a thug like Murdoch is a reduction in profits.

The computer network at the largest U.S. defense contractor is suffering what’s being described as a “major disruption”…according to a report from Reuters, and the word is that somehow, RSA SecurID tokens–those little keychain dongles that generate seemingly random strings of numbers every 60 seconds–are involved.

Remember, if you will, that RSA disclosed it was under what it described as an “extremely sophisticated attack” in March. Later in April, the EMC-owned security outfit disclosed some of the anatomy of the attack, though it didn’t say much about what information was taken.

A few days ago, Robert Cringely reported that a major U.S. defense contractor had a very bad weekend, as a network issue took down remote access, meaning that anyone who routinely worked remotely had to go instead into the nearest office. The way he tells it, the incident was followed by word that all employees using the tokens would be issued new ones and would be required to change their passwords. The tokens are used to provide two-factor authentication to the corporate network from outside the firewall that’s meant to keep outsiders out…

EMC isn’t commenting on the incident. But Reuters is quoting Steve Winterfeld of TASC, a company spun off from Northrop Grumman, as saying RSA hasn’t provided enough details on how its network was breached, and that this has led him to consider the RSA devices as no longer secure. People are, he says, “freaked out.”

He’s likely not alone. As of 2009, there were more than 40 million people either using RSA tokens or RSA number-generating software on their smart phones.

My only question is – how did Lockheed manage to waste so much time before deciding to, uh, change out the possible compromised RSA keys?

The smallish community bank I do business with made that decision within a day or so of learning of the breach at RSA. Maybe it cost them a few bucks extra to replace every SecurID key – because I doubt if RSA was willing to pick up the tab for their sloppiness – but, safety and security for your customers is worth a lot more.

Dweeb-in-Chief
Daylife/Reuters Pictures used by permission

Sony said Monday that hackers may have taken personal information from an additional 24.6 million user accounts after a review of the recent PlayStation Network breach found an intrusion at a division that makes multiplayer online games.

The data breach comes on top of the 77 million PlayStation accounts it has already said were jeopardized by a malicious intrusion. The latest incident occurred April 16 and 17 — earlier than the PlayStation break-in, which occurred from April 17 to 19, Sony said.

About 23,400 financial records from an outdated 2007 database involving people outside the U.S. may have been stolen in the newly discovered breach, including 10,700 direct debit records of customers in Austria, Germany, the Netherlands and Spain, it said.

The outdated information contained credit card numbers, debit card numbers and expiration dates, but not the 3-digit security code on the back of credit cards. The direct debit records included bank account numbers, customer names, account names and customer addresses.

Company spokeswoman Taina Rodriguez said Sony had no evidence the information taken from Sony Online Entertainment, or SOE, was used illicitly for financial gain.

Sony has no evidence they know how to tie their own shoes.

Bad enough they stopped R&D and got rid of much of their design talent. I think they stopped reading newspapers and geek journals, never did learn what could be hacked online.

Sony lost $450 million last year – paid Stringer $4.5 million + stock options
Daylife/Reuters Pictures used by permission

Sony PlayStation gamers expressed shock and disappointment on Wednesday at a massive data hack in which their names, addresses and credit-card details might have been stolen from the PlayStation Network.

Shoppers at London video-games stores said they might leave the network, PSN, which allows them to play games with 77 million other members and buy games online, while some gamers writing in online forums called for a boycott of Sony products…

Sony warned earlier that unidentified hackers had stolen the personal details of its 77 million user accounts, in one of the biggest-ever Internet security break-ins.

The Japanese electronics giant advised users, almost 90 percent of whom are based in Europe and the United States, to change any common passwords they also used for other services.

It said children with accounts established by their parents might have had their data exposed.

“If you think the gamers are pissed over at playstation blog, wait until the Mums get wind of this,” wrote senior member barrybarryk on the PS3news.com online forum…

Sony pulled the plug on the network eight days ago but did not tell the public about the stolen data until Tuesday.

Phew! I don’t know of any industry guaranteed safe from attack. I have some experience with procedures that appear to work – when enforced with diligence and consistency. I’m not certain about any IT departments other than those I personally could vouch for, though.

Oh yeah – just discussing this with another geek in the family – remember all the crap that’s happened at Sony from the closing of research centers to failed security to snooping on users has happened on Stringer’s watch.

His previous business

Matthew Delorey was a 26-year old with a business plan: selling hacked cable modems. This is the sort of business that a budding entrepreneur should probably keep on the down-low, or at least limit to those tiny text ads at the back of magazines where satellite descramblers are sold, but that’s no way to rake in the cash.

That’s why Delorey, of New Bedford, Massachusetts, posted ads on Craigslist and then—rather incredibly—put up YouTube videos with names like “Massmodz.com How to Get Free Internet Free Cable Internet Comcast or any Cable ISP—100% works…”

But Delorey attracted some federal attention, and an FBI agent purchased two modems from Massmodz. The modems were sent to Motorola, which confirmed that they had been hacked, and the FBI arrested Delorey Thursday morning at his home.

He is charged with wire fraud and conspiracy to commit wire fraud. Each charge carries a maximum of 20 years in jail and a $250,000 fine.

Selling hacked cable modems and advertising them openly may have been a decent business model a decade ago, but it hardly seems worth bothering about today. The ISPs have been familiar with the practice since the beginning, when hackers would try to alter modem profiles in order to get more bandwidth than they were paying for.

The FBI may be run by conservative, knuckle-dragging noobies; but, let’s face it – they will notice a crook dumb enough to advertise his services.

A Predator at Balad Air Base in Iraq (Maya Alleruzzo/AP)

You guessed it. The Pentagon thought they didn’t need encryption. Har!

Iraqi insurgents have reportedly intercepted live video feeds from the U.S. military’s Predator drones using a $25.95 Windows application which allows them to track the pilotless aircraft undetected.

Hackers working with Iraqi militants were able to determine which areas of the country were under surveillance by the U.S. military, the Wall Street Journal reported…adding that video feeds from drones in Afghanistan also appear to have been compromised…

This apparent security breach, which had been known in military and intelligence circles to be possible, arose because the Predator unmanned aerial vehicles do not use encryption in the final link to their operators on the ground. (By contrast, every time you log on to a bank or credit card Web site, or make a phone call on most modern cellular networks, your communications are protected by encryption technology.)

When a Predator unmanned aerial vehicle, or UAV, is far from its base, terrain prohibits it from transmitting directly to its operator. Instead, it switches to a satellite link. That means an enterprising hacker can use his own satellite dish, a satellite modem, and a copy of the SkyGrabber Windows utility sold by the Russian company SkySoftware to intercept and display the UAV’s transmissions.

The Air Force became aware of the security vulnerability when copies of Predator video feeds were discovered on a laptop belonging to a Shiite militant late last year, and again in July on other militants’ laptops, the Journal reported. The problem, though, is that the drones use proprietary technology created in the early 1990s, and adding encryption would be an expensive task.

So, why spend the money, right?

No doubt, we’re already paying through the nose for these aircraft. Who was the dummy who decided to leave out encryption?