Posts Tagged ‘cyber security’

How Kaspersky’s Software Fell Under Suspicion of Spying on America

January 5, 2018

Officials lack conclusive evidence, but incidents involving the firm’s antivirus products raised alarms

 Image result for Eugene Kaspersky, photos
Kaspersky CEO Warned of Cyber Attacks on 2017 European Elections
In an interview with The Wall Street Journal at the World Economic Forum in Davos last year, Eugene Kaspersky, CEO of cyber security firm Kaspersky Labs, said European governments should expect highly sophisticated cyber attacks during their elections. (Originally published Jan 1, 2017.) Photo: Bloomberg News.

Eugene Kaspersky was late for his own dinner party.

Eugene Kaspersky at his company’s Moscow headquarters in 2017.Photo: Pavel Golovkin/Associated Press

At his invitation, guests from the Washington cybersecurity community waited one evening in 2012. Seated at the National Press Club were officials from the White House, State Department, Federal Bureau of Investigation and other agencies, said people who were there. Guests had started their first course when Mr. Kaspersky arrived, wearing a tuxedo with a drink in hand.

Mr. Kaspersky, chief executive of Russian security-software vendor Kaspersky Lab, proposed a toast to the ranking guest, Estonian President Toomas Hendrik Ilves, whose country had suffered a cyberattack five years earlier. The assault followed Estonia’s decision to remove a Soviet-era monument from its capital, and U.S. officials suspected Russia was behind it.

“Toomas,” Mr. Kaspersky said. “I am so sorry that we attacked you.”

The comment stopped all conversation until Mr. Ilves broke the silence. “Thank you,” he said, raising his glass. “This is the first time anyone from Russia has ever admitted attacking my country.”

​No one suggested Kaspersky was involved in the Estonian hack, but Mr. Kaspersky’s toast played into a suspicion held by many in the U.S. intelligence community that his company might be wittingly or unwittingly in league with the Russian government—a suspicion that has only intensified since.

The process of evaluating Kaspersky’s role, and taking action against the company, is complicated by the realities of global commerce and the nature of how modern online software works. A top Department of Homeland Security official said in November congressional testimony the U.S. lacks “conclusive evidence” Kaspersky facilitated national-security breaches.

While the U.S. government hasn’t offered conclusive evidence, Wall Street Journal interviews with current and former U.S. government officials reveal what is driving their suspicions.

Some of these officials said they suspect Kaspersky’s antivirus software—the company says it is installed on 400 million computers world-wide—has been used to spy on the U.S. and blunt American espionage. Kaspersky’s suspected involvement in U.S. security breaches raises concerns about the relationship between the company and Russian intelligence, these officials said.

Employees at Kaspersky Lab in Moscow, October 2017. Photo: Kirill Kallinikov/Sputnik/Associated Press

DHS, convinced Kaspersky is a threat, has banned its software from government computers. The company sued the U.S. government on Dec. 18 in U.S. District Court in Washington, D.C., saying the ban was arbitrary and capricious, and demanding the prohibition be overturned. DHS referred inquiries to the Justice Department, which declined to comment.

Kaspersky, in a statement, said: “Unverified opinions of anonymous officials about Kaspersky Lab continue to be shared, and should be taken as nothing more than unsubstantiated allegations against a company whose mission has always been to protect against malware regardless of its source, and which has repeatedly extended an offering to the U.S. government to help alleviate any substantiated concerns. We have never helped and will never help any government with its cyberespionage efforts.”

The company in a court filing said any Russian government engagement in cyberespionage isn’t evidence that a Russia-headquartered company such as Kaspersky is facilitating government-sponsored cyberintrusions, adding: “In fact, more than 85 percent of Kaspersky Lab’s revenue comes from outside of Russia—a powerful economic incentive to avoid any action that would endanger the trusted relationships and integrity that serve as the foundation of its business by conducting inappropriate or unethical activities with any organization or government.”

The Russian Embassy in Washington, D.C., didn’t respond to requests for comment. In October, Kremlin spokesman Dmitry Peskov didn’t address whether the Russian government stole NSA materials using Kaspersky software but criticized the U.S. software ban as “undermining the competitive positions of Russian companies on the world arena.”

Servers in Russia

.
Mr. Kaspersky enrolled at the KGB-sponsored Institute of Cryptography, Telecommunications, and Computer Science, finished in 1987 and was commissioned in Soviet military intelligence, he has told reporters. He has acknowledged his company has done work for the KGB’s successor, the FSB.

Kaspersky, closely held, says it has unaudited 2016 revenues of $644 million. Current and former U.S. intelligence officials said they doubt Kaspersky could have risen to such heights outside of Russia without cooperating with Russian authorities’ aims, a conjecture the company denies.

Kaspersky’s main product is similar to other antivirus software, which scans computers to identify malicious code or infected files. Such software typically requires total access so it can remotely scan documents or emails and send a record of any suspicious and previously unidentified code back to the software company.

In an interview with The Wall Street Journal at the World Economic Forum in Davos last year, Eugene Kaspersky, CEO of cyber security firm Kaspersky Labs, said European governments should expect highly sophisticated cyber attacks during their elections. (Originally published Jan 1, 2017.) Photo: Bloomberg News.

In Kaspersky’s case, some servers are in Russia. When the DHS banned Kaspersky products, it cited “requirements under Russian law that allow Russian intelligence agencies to compel assistance from Kaspersky or intercept communications transiting Russian networks.” Kaspersky countered that those laws and tools don’t apply to its products because the firm doesn’t provide communications services.

Concerns about the potential threat posed by Kaspersky software have circulated in U.S. intelligence circles for years. U.S. intelligence issued more than two dozen reports referring to the company or its connections, according to a U.S. defense official, with the Pentagon first mentioning the firm as a potential “threat actor” in 2004.

A Defense Intelligence Agency supply-chain report flagged Kaspersky in 2013, referring to its efforts to sell American firms a protection product for large-scale U.S. industrial companies, the defense official said. A former U.S. official said Kaspersky’s efforts to make inroads in the U.S. industrial and infrastructure market made people uncomfortable.

At a February 2015 conference, Kaspersky exposed what it described as a cyber-snooping network it dubbed the “Equation Group.” In fact, it was an elite classified espionage group within the U.S. National Security Agency, said some of the former U.S. officials. Kaspersky linked it to a virus called Stuxnet that the Journal and other publications have since reported was designed by the U.S. and Israel to destroy Iranian nuclear centrifuges. Kaspersky also described other techniques and tactics the U.S. uses to break into foreign computer networks.

Once such techniques are public, they are effectively useless for spying. When NSA officials got word of Kaspersky’s plans to expose its tactics, they pulled the agency’s spying tools from around the world as a preventive measure and reworked how its hackers were functioning, said some of the former U.S. officials. The NSA didn’t respond to requests for comment.

U.S.-Russian relations at the time were deteriorating. President Vladimir Putin had granted NSA leaker Edward Snowden asylum and annexed a swath of Ukraine. Some U.S. officials were convinced Kaspersky was promoting Russian interests and had shared with the Kremlin what it knew about the Equation Group.

“To think that information wasn’t shared with Russian intelligence, or they weren’t supporting Russian intelligence,” said one former U.S. official about Kaspersky, “you’d have to be very nearsighted to not at least think there was something there.”

Mr. Kaspersky at Kaspersky Lab headquarters in Moscow, July 2017. Photo: Pavel Golovkin/Associated Press

Not all U.S. officials believed the worst about Kaspersky, with many citing the high quality of the firm’s cyberthreat research. “There was this innocent until proven guilty attitude,” said another former U.S. official who worked on Russia and national-security matters.

Israeli intelligence shared with U.S. counterparts in 2015 that it had penetrated the networks of Kaspersky, the Journal reported previously. The Israelis discovered Kaspersky software was being used to scan computers not only for viruses but also for classified government information that would be of interest to Russia, said former U.S. officials familiar with the Israeli discovery.

As the NSA investigated the Israeli tip, it homed in on a worker in the agency’s elite hacking unit, then called Tailored Access Operations. The worker had improperly removed classified information about NSA spying operations and installed it on his home computer, said former U.S. officials familiar with the episode. The contractor’s computer ran Kaspersky’s antivirus software, which acted as a digital scout and identified the classified material, these people said.

Assessing damage

.
U.S. investigators immediately sought to assess the damage, including whether Kaspersky’s products were installed on other sensitive computers, including personal machines used by government employees and their families. That could include those used by family members of then President Barack Obama, said one of the former officials familiar with the episode.

Officials feared Russian intelligence could have not only turned personal computers into tracking devices, but also used them as staging points to access other machines inside the White House, the official said. Still, the incident didn’t trigger a broader alarm across the U.S. government about whether any federal agency computers were using Kaspersky.

In response to the Journal’s story on the incident earlier this year, Kaspersky conducted an internal investigation, releasing a report in November. The only incident Kaspersky said it found that matched the story’s description occurred in late 2014. By then, it said, it had been investigating Equation Group for six months when its antivirus software detected previously unidentified variants of the malware on a U.S.-based computer and sent a zip file containing the suspicious code to the Moscow-based virus lab for analysis.

Kaspersky Lab headquarters in Moscow.Photo: Sergei Karpukhin/REUTERS

The analysis discovered hacking tools now known to have belonged to the NSA, as well as four documents bearing what appeared to be classification markings, Kaspersky said, without mentioning the NSA or U.S. government by name. Mr. Kaspersky ordered the files deleted from the company’s systems within days and the information wasn’t shared with third parties, the company said.

Kaspersky said it did keep certain malware files from that collection. It said it also detected commercially available malware on the U.S. computer, which could have been used to remove files.

In the summer of 2016, a mysterious online group calling itself the Shadow Brokers posted stolen NSA cyberspying tools. The Shadow Brokers claimed in its postings that some of the tools came from Equation Group.

Again, U.S. officials rushed to determine how the tools were stolen. Among the posted computer code were technical manuals the NSA uses as part of its spying operations. These are akin to guidebooks, showing the agency’s hackers how to penetrate various systems and walking them through the procedures for different missions.

One lead pointed back to Kaspersky products, said current and former U.S. officials. Investigators now believe that those manuals may have been obtained using Kaspersky to scan computers on which they were stored, according to one of the officials.

Kaspersky said it has no information on the content of the classified documents it received in 2014 because they were deleted. It isn’t clear if the manuals the Shadow Brokers posted are the same documents.

Around the time the Shadow Brokers were spilling NSA secrets, emails stolen from the Democratic National Committee were showing up on WikiLeaks in what intelligence officials have said publicly they concluded was a Russian-led hacking operation to discredit the campaign of Hillary Clinton. Officials from the White House, the Pentagon, the State Department and the intelligence community met in late 2016 to debate responses to the alleged Russian aggression, said some former U.S. officials.

At the State Department, among options considered was taking retaliatory action against Kaspersky, said former officials involved in the deliberations. Daniel Fried, then chief sanctions coordinator at the State Department, told the Journal he recommended to colleagues they look for elements of Russia’s cyberpower the U.S. could target. He told colleagues Kaspersky at least needed to be considered as a potential player in Russia’s moves against the West.

“I asked rhetorically, do you want to testify before some committee about when did you know about this and why didn’t you do anything?” said Mr. Fried, now a Distinguished Fellow at the Atlantic Council, a think tank focusing on international affairs.

The State Department referred inquiries to the Justice Department, which declined to comment.

Some U.S. officials, including top White House security officials at the time, were concerned any action against Kaspersky could hurt U.S. companies by provoking a Russian response against them. U.S. officials also worried that, to justify harsh penalties, they would have to divulge what they knew about Kaspersky and its possible links to Russian intelligence, said several former officials.

Ultimately, the Obama White House didn’t seriously consider sanctioning Kaspersky, some former U.S. officials said.

Last year, Homeland Security created and led an interagency task force that collected information about the scope of the risk the Kaspersky software posed and began coordinating efforts across the government to minimize the risks.

In the months after President Donald Trump took office, concern about Kaspersky grew. Sen. Jeanne Shaheen (D., N.H.) put forward an amendment in the annual military-spending bill that would prohibit Kaspersky’s use on government computers.

Sen. Jeanne Shaheen at a hearing in June. Photo: Zach Gibson/Getty Images

During hearings on the matter on Capitol Hill, “I thought the most damning example” came from intelligence-community representatives, she said in an interview. “When each of them got asked would you put Kaspersky on your own personal computer and the answer was no, that’s a pretty strong message that maybe we should be taking a look at this.”

In September, the DHS banned Kaspersky products from government computers, instructing agencies to remove any Kaspersky software and report back on where it was found. The public statement accompanying the ban reads like a declassified version of the intelligence community’s suspicion regarding Kaspersky:

“The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.”

Kaspersky says the DHS ban has had a “severe adverse effect” on its commercial operations in the U.S., with retailers removing its products from shelves and an unprecedented number of product returns.

—Aruna Viswanatha contributed to this article.

Write to Gordon Lubold at Gordon.Lubold@wsj.com

Advertisements

Armed Forces lose out to cyber war — Military denied extra funding by adviser ‘determined to screw over MoD’

November 27, 2017

By 

The Armed Forces will not receive any extra funding as a result of a major national security review, the Ministry of Defence has been told.

Ministers had hoped to avoid potentially damaging cuts to the military if the review recommended a boost in MoD resources to fight terrorism.

But The Telegraph has learned that Mark Sedwill, the national security adviser, believed it was more important to increase funding to fight cyber-attacks than bolster the Armed Forces.

Amid growing public anger among Tory MPs and former senior officers at the scale of the possible cuts, Gavin Williamson, the new Defence Secretary, was set to have a showdown meeting this week with Philip Hammond.

Mr Williamson, who is due to make his first appearance at the dispatch box since replacing Sir Michael Fallon three weeks ago, wants an extra £2 billion a year to prevent a fresh round of potentially devastating cuts.

Image may contain: 1 person, sitting and suit

National security adviser Mark Sedwill is understood to have told the MoD that it will not get any more money on top of its £36bn-a-year budget CREDIT: PA WIRE

Read the rest:

http://www.telegraph.co.uk/news/2017/11/26/armed-forces-denied-extra-funding-cash-diverted-cyber-warfare/

***************************************

UK military must adapt to ‘darkening’ landscape, says armed forces chief

Air Chief Marshal Sir Stuart Peach insists security and defence should be kept separate from Brexit negotiations

Air Chief Marshal Sir Stuart Peach
 Peach: ‘The capabilities we have in the UK will not go away because of Brexit.’ Photograph: Alastair Grant/PA

The British military needs to adapt to face a “darkening” security landscape of international terrorism, the North Korea crisis and competition from the east, including Russia’s modernised military capability, the outgoing head of the armed forces said.

The chief of defence staff, Air Chief Marshal Sir Stuart Peach, said Nato was the “cornerstone” of British security and he could see no point in duplicating its role with an EU army.

Peach, who takes over as the chairman of Nato’s military committee next year, said: “Nato is a hard power. It has divisions. It has corps. It has aircrafts. It has ships. It has submarines. It has a command and control structure. It has a proper sense of direction and leadership both through the North Atlantic Council and the military committee.

Post-Brexit Britain would continue to find “appropriate” ways to support approved missions that the European Union undertakes. “The capabilities we have in the UK will not go away because of Brexit, we just have to find the appropriate way in the future structure of offering those capabilities to Europe,” he said.

Read the rest:

https://www.theguardian.com/uk-news/2017/sep/26/uk-military-must-adapt-to-darkening-landscape-says-outgoing-army-chief

Looking at The Challenges of The New World Order

November 4, 2017

The Straits Times

Image may contain: 2 people

A woman holds a Chinese newspaper with a picture of US President Donald Trump at a news stand in Shanghai.PHOTO: AFP

The winds of change are blowing.

This year, change swept through the corridors of power in the United States, Asia and Europe, with US President Donald Trump taking office, China’s President Xi Jinping unveiling a new team at the top, and new leaders taking over in countries such as France and South Korea.

Free trade came under growing pressure from the forces of protectionism and populism, jeopardising agreements such as the Trans-Pacific Partnership.

Political and economic changes aside, new technologies continued to both enrich the lives and endanger the livelihood of millions worldwide.

The Straits Times Global Outlook Forum returns on Dec 5, to help readers make sense of these changes and what they can do to prepare for the challenges in the new year.

Titled 2018: Facing The Challenges Of A New World Order, the annual conference is organised by The Straits Times in partnership with presenting sponsor OCBC Premier Banking. The keynote speaker for this year’s forum at the Ritz-Carlton hotel will be Minister for Finance Heng Swee Keat.

One panel discussion at the forum will be dedicated to the issue of cyber security. Experts from the government and private sector will look into hacking and what can be done to fend off such attacks at the discussion to be moderated by ST senior technology correspondent Irene Tham.

One speaker is Mr David Koh, chief executive of the Cyber Security Agency (Prime Minister’s Office) and deputy secretary (special projects) and defence cyber chief at the Ministry of Defence.

He will be joined by Mr Richard Skinner, partner (strategy) of consultancy PwC Singapore, and Mr John Lee, president of the Singapore chapter of Isaca, which advocates for professionals in information security, assurance, risk management and governance.

Eleven-year-old Reuben Paul, a Texas-based cyber security ambassador and “child hacker”, will also be delivering a special address.

Another topic at the forum is global politics. One question to be discussed is what the world can expect as President Xi wants China to move centre stage in global affairs, while leaders in the West are increasingly distracted by populism, nationalism and voter discontent.

The audience will hear from prominent historian Wang Gungwu, Associate Professor Elvin Lim, head of the department of political science at the National University of Singapore (NUS), and Mr Richard Jerram, chief economist of the Bank of Singapore.

Professor Wang, chairman of the ISEAS – Yusof Ishak Institute, the East Asian Institute and Lee Kuan Yew School of Public Policy (NUS), will give his views on China after the recent 19th national party congress; Prof Lim, who specialises in US politics, will offer his take on America in the Trump era.

Joining them from ST are associate editor Rahul Pathak, who will talk about his recent reporting trip to North Korea, and Ms Audrey Quek, Opinion editor (global affairs), who will moderate the discussion.

• To register, go to https://eventreg.asiaone.com/register/stglobal2017

• Registration fee is $230, but there is an early bird special of $185 if you register by Nov 20. There are further discounts for group purchases and OCBC card holders.

A version of this article appeared in the print edition of The Straits Times on November 04, 2017, with the headline ‘ST forum to look at challenges of new world order’. Print Edition | Subscribe
.
.

Kaspersky antivirus software sometimes copies your files files

November 4, 2017

Image may contain: tree, sky and outdoor

SAN FRANCISCO (Reuters) – Eugene Kaspersky said his company’s widely used antivirus software has copied files that did not threaten the personal computers of customers, a sharp departure from industry practice that could increase suspicions that the Moscow-based firm aids Russian spies.

The acknowledgement, made in an interview last Friday as part of the Reuters Cyber Security Summit, comes days after Kaspersky’s company said its software had copied a file containing U.S. National Security Agency hacking tools from the home computer of an agency worker in 2014.

 Image may contain: sky and outdoor

Kaspersky’s firm has for years faced suspicions that it has links with Russian intelligence and state-sponsored hackers. Kaspersky denies any cooperation with Russian authorities beyond cyber crime enforcement.

In September, the U.S. Department of Homeland Security banned Kaspersky software from use in federal offices, citing the company’s ties with Russian intelligence. The company is the subject of a long-running probe by the U.S. Federal Bureau of Investigation, sources have told Reuters.

Antivirus software is designed to burrow deeply into computer systems and has broad access to their contents, but it normally seeks and destroys only files that contain viruses or are otherwise threatening to a customer’s computers, leaving all other files untouched.

Searching for and copying files that might contain hacking tools or clues about cyber criminals would not be part of normal operations of antivirus software, former Kaspersky employees and cyber security experts said.

In the Reuters interview, conducted at Kaspersky Lab’s offices in Moscow, Eugene Kaspersky said the NSA tools were copied because they were part of a larger file that had been automatically flagged as malicious.

He said the software removed from the agency worker’s computer included a tool researchers dubbed GrayFish, which the company has called the most complex software it has ever seen for corrupting the startup process for Microsoft’s Windows operating system.

Kaspersky said he had ordered the file to be deleted “within days” because it contained U.S. government secrets.

But he defended the broader practice of taking inert files from machines of people that the company believes to be hackers as part of a broader mission to help fight cyber crime.

“From time to time, yes, we have their code directly from their computers, from the developers’ computers,” Kaspersky told Reuters.

‘IMPROPER PRACTICE’

Three former Kaspersky employees and a person close to the FBI probe of the company, who first described the tactic to Reuters this summer, said copying non-infectious files abused the power of antivirus software. The person associated with the FBI said in one case Kaspersky removed a digital photo of a suspected hacker from that person’s machine.

Eugene Kaspersky declined to discuss specific instances beyond the NSA case, saying he did not want to give hackers ideas for avoiding detection.

“Sometimes we are able to catch cyber criminals, that’s why I am not so comfortable to speak about this to media,” he said in the interview. “Many of them are very clever, they can learn from what I am saying.”

Other industry experts called the practice improper. Mikko Hypponen, chief research officer at Finnish security company F-Secure, said that when his firm’s software finds a document that might contain dangerous code, “it will prompt the user or the administrator and ask if it can upload a copy to us.”

Dan Guido, chief executive of cyber security firm Trail of Bits, which has performed audits on security software, said Kaspersky’s practices point to a larger issue with all antivirus software.

“All of them aggregate a huge amount of information about their clients, which can be easily exploited when put in willing hands,” he said.

U.S. news organizations have reported that Kaspersky, or Russian spies hijacking its service, have been searching widely among customers’ computers for secret files, citing anonymous U.S. intelligence officials. Reuters has not verified such reports.

Kaspersky said he hoped to alleviate concerns about his company by opening up his source code for review by third parties in independently run centers, as well as by raising the maximum amount it offers for information about security flaws in its programs to $100,000.

To read the latest Reuters coverage of cyber security, click on www.reuters.com/cyberrisk

Reporting by Joseph Menn in San Francisco; Additional reporting by Jack Stubbs in Moscow, Jim Finkle and Alastair Sharp in Toronto and Dustin Volz in Washington; Editing by Jonathan Weber and Bill Rigby

Israeli leader in Argentina, lauds effort to solve 1994 Jewish center bombing

September 13, 2017

Image may contain: 2 people, suit

Argentine President Mauricio Macri gives Israeli Prime Minister Benjamin Netanyahu a box with hard drives containing all of Argentina’s government archives related to the Holocaust, during a ceremony at the Casa Rosada Presidential Palace in Buenos Aires Tuesday. | REUTERS

BUENOS AIRES (Reuters) – Benjamin Netanyahu on Tuesday used the first Latin America visit of a sitting Israeli prime minister to praise President Mauricio Macri’s effort to solve the bombing of a Buenos Aires Jewish center in 1994 that killed 85 people.

Argentine courts have blamed the attack on Iran. But no one has been brought to trial in either that case or the deadly 1992 bombing of the Israeli embassy in Buenos Aires. Iran denies playing a role in either attack.

“We know without a doubt that Iran and Hezbollah initiated and backed up the attacks,” Netanyahu told reporters. Hezbollah is an Islamist militant group based in Lebanon.

He praised fellow conservative Macri for jump-starting efforts to solve the crimes. Critics accuse previous Argentine leader Cristina Fernandez of trying to improve ties with Iran rather than focusing on bringing the bombers to justice.

“He strengthened Argentina’s position compared with what it was before. I honor his commitment and the integrity of his effort to determine what happened,” Netanyahu said.

Under Fernandez, the prosecutor probing the attack on the AMIA Jewish community center was found dead in January 2015, just hours before he was to appear in Congress to outline his accusation that Fernandez had tried to clear the way for a “grains for oil” deal with Iran by whitewashing Iran’s role in the truck bombing.

The prosecutor, Alberto Nisman, was discovered on the floor of his Buenos Aires apartment with a pistol by his side and a bullet in his head. The death was classified as a suicide, but Nisman’s family and friends dismissed that idea as absurd.

Opinion polls show most Argentines believe his death was a homicide.

Macri won the presidency and succeeded Fernandez in late 2015. He has since boosted ties with the United States and Israel while trying to attract the foreign investment he says is needed to stimulate an economy damaged by the inflationary policies and heavy currency controls of the Fernandez years.

Macri has met with Nisman’s family and says he has made a high priority of solving his death and the AMIA bombing.

Netanyahu and Macri are also “in ideological harmony” on issues like free trade, development and security, Israel’s ambassador to Argentina Ilan Sztulman told local radio.

Netanyahu is traveling with executives of 30 Israeli companies looking to increase trade with Latin America.

They include cyber security, irrigation and other agricultural technology firms that could help Argentina reinforce its position as the world’s top exporter of soymeal livestock feed and a major supplier of corn and raw soybeans.

After Argentina, Netanyahu will visit Colombia and Mexico before addressing the United Nations General Assembly on Sept. 19. The diplomatic flurry might take domestic attention off two corruption investigations centering on Netanyahu in Israel.

He was accompanied on the trip by his wife Sara Netanyahu. On Friday, Israel’s attorney general said he was considering indicting her on suspicion of using state funds for personal dining and catering services amounting to some $100,000.

Additional reporting by Eliana Raszewski in Buenos Aires and Jeffrey Heller in Jerusalem; Editing by Bernadette Baum and Howard Goller

Instagram Says Hack That Targeted Celebrities Was Wider Than Previously Thought

September 2, 2017

Theft of email addresses and phone numbers also affected regular users; company says no passwords were stolen

Image result for Instagram, cell phone app, photos

Sept. 1, 2017 7:40 p.m. ET

Social-media app Instagram said a hack it disclosed earlier this week affected a larger number of users than it previously detected.

Instagram, owned by Facebook Inc., FB 0.03% earlier this week said hackers stole email addresses and phone numbers—but not passwords—tied to some celebrity accounts.

On Friday, the photo- and video-sharing app said the theft affected regular users as well and wasn’t just “targeted at high-profile users.” Instagram reiterated that no passwords were stolen.

The contact information was stolen after hackers exploited a bug in Instagram’s software that the company says has since been patched up.

Instagram, which has 700 million monthly users, said it doesn’t know which specific accounts were affected and said a “low percentage” of its users were affected, without providing more specific figures.

Stolen email addresses and phone numbers aren’t as sensitive as passwords, because it typically takes a lot of work to gain control of a user’s phone number or email account without the help of a stolen password, cybersecurity experts say. Gaining access to somebody’s password could be more harmful.

The stolen data are being sold online, according to Instagram. Some information was up for sale for $10 through a database called Doxagram, which claimed to have some contact information for high-profile accounts including that of Facebook Chief Executive Mark Zuckerberg  and pop star Rihanna.

“Out of an abundance of caution, we encourage you to be vigilant about the security of your account, and exercise caution if you observe any suspicious activity such as unrecognized incoming calls, texts, or emails,” Instagram co-founder Mike Krieger said in a blog post.

Earlier this week, hackers reportedly pried into the account of singer Selena Gomez and posted nude photos of her ex-boyfriend, the pop star Justin Bieber.  An Instagram spokesman declined to say if Ms. Gomez was among those affected by the breach.

Write to Deepa Seetharaman at Deepa.Seetharaman@wsj.com

https://www.wsj.com/articles/instagram-says-hack-that-targeted-celebrities-was-wider-than-previously-thought-1504309242

Norway tightens IT security, vote count procedures in run-up to election

September 1, 2017

Reuters

OSLO (Reuters) – Norway is tightening security procedures ahead of parliamentary elections on Sept. 11 to prevent possible vote tampering, the government said on Friday.

The security of IT systems will be enhanced, and all votes must be counted manually at least once in addition to the customary scanning of ballot papers by computers, it added.

There are no indications that anyone is trying to improperly influence the outcome of the election, the government also said.

Reporting by Terje Solsvik; editing by John Stonestreet

The U.S. Navy is staffed by humans

August 26, 2017

By Ravi Velloor
The Straits Times

Four days after the USS John S. McCain suffered major damage in a collision while on approach to Singapore, questions swirl about the manner of the accident, and its reasons.

That it should have come so soon after a sister vessel the USS Fitzgerald suffered a similar accident while leaving a Japanese port, has raised a bunch of troubling questions.

As they say, the first time may be an accident and the second coincidence, but three becomes a pattern.

In the US Navy’s case – or more specifically, the 7th Fleet’s case – there have been not three, but four costly mishaps just this year.

Two other ships currently deployed to the Asia-Pacific, the USS Antietam that ran aground in Tokyo Bay and the USS Lake Champlain that struck a South Korean fishing boat, suffered damage this year.

That certainly makes for a pattern. With a US warship calling in Singapore every three days or so, there is every reason for the Republic to take more than a little interest in what’s going on.

Naturally, conspiracy theories abound.

One line of thinking is that hackers may have corrupted the massive computer systems of the John S. McCain and perhaps, other vessels.

In the case of the John S. McCain, that does not seem the case. Admiral Scott Swift, commander of the Pacific fleet, seems to have ruled out a cyber attack in near categorical terms.

Adm Swift should know, of course, but George Kurtz, former head of technology at MacAfee who now owns CrowdStrike, one of the world’s top cyber security companies, had a more nuanced view.

Image may contain: outdoor

USS John S. McCain sustained damage to her port side, which is the left side of the vessel facing forward. Photo was taken off Changi Naval Base on Aug 21, 2017. ST PHOTO: ​DESMOND FOO

 

While declining to speculate, he told me that any assessment of an incident of this nature would necessarily have to be placed in a geo-political context.

In the John S. McCain’s case, it had just completed a Freedom of Navigation Operation, or FONOP, in the South China Sea where it was repeatedly warned by Chinese vessels.

The current chatter in cyber security circles, he said, is that while the McCain’s computers may not have been compromised, it is probably worth examining if anyone could have tinkered with the GPS system to send her, or the other vessel, off course by a few hundred metres.

It is an interesting theory and not the first time it has come up for mention.

In the James Bond movie Tomorrow Never Dies, Pierce Brosnan is sent off by MI-6 on precisely such a mission: to block a power-mad media tycoon’s attempt to start the next world war by engineering an incident at sea. In that instance, a British man of war is diverted into the hands of what appears to be Chinese military, sparking fury in Whitehall.

While nothing can be ruled out these days, the likely explanation could be more mundane and hark back to the essence of the craft – the quality of seamanship.

All major navies of the world do suffer accidents. It is estimated that since World War II, the major navies would have together recorded at least 1,400 mishaps.

Closer home, in early 2014, the Indian Navy chief, Admiral DK Joshi, quit after a series of accidents involving his force. The costliest of those mishaps was the loss of a docked Kilo class submarine that sank after an explosion on board while loading missiles for a mission.

At the time, poor observance of protocols was cited as the reason. The larger pattern was one of falling standards, poor equipment, and inadequate training.

But the United States is considered the gold standard of the navy game. It has the best technology, whether for the turbines that provide the power below deck, or in the missiles and radars stacked above. Its warships are designed for far greater crew comfort, than, say, a comparable Russian craft. And it is the rare naval officer in the world who has not read up on the life and times of Admiral Hyman Rickover, father of the US nuclear navy, or wished to be like him.

Yet, the US Navy too is staffed by humans. And there is little doubt that its personnel have been under strain and its resources stretched.

The US Congress was recently informed that about 100 ships have been deployed every day since 2001, the year the US suffered the 9/11 attacks. Since its current strength is 277 vessels that makes for a massive utilisation ratio. This, naturally, tells on maintenance, crew rest and training.

While President Donald Trump has said he wants to take the navy to 350 ships, that is a long way away.

In the immediate future, the pressure on its resources will only grow since many ships are due to have completed their normal use cycle and come due for retirement, or scrapping.

http://www.straitstimes.com/opinion/us-navy-mishap-james-bond-or-poor-seamanship

Related:

.
.
.

UK hacker who halted ‘WannaCry’ cyber attack pleads not guilty in US court

August 14, 2017

AFP and the Associated Press

© Joshua Lott, AFP | Marcus Hutchins (R) the British cyber security expert accused of creating malware that steals banking passwords, arrives at a US Federal Courthouse in Milwaukee on August 14.

Text by NEWS WIRES

Latest update : 2017-08-14

A British cybersecurity researcher credited with helping curb a recent worldwide ransomware attack pleaded not guilty Monday to federal charges accusing him of creating malicious software to steal banking information three years ago.

Marcus Hutchins entered his plea in Wisconsin federal court, where prosecutors charged him and an unnamed co-defendant with conspiring to commit computer fraud in the state and elsewhere. Authorities arrested the 23-year-old man on Aug. 2 at McCarran International Airport in Las Vegas, where he was going to board a flight to his home in Ilfracombe, England. He had been in Las Vegas for a cybersecurity convention.

Hutchins is free on $30,000 bail, but with strict conditions. His bond has been modified so that he can stay in Los Angeles near his attorney and travel anywhere in the U.S., but Hutchins is not allowed to leave the country. He is currently staying at a hotel in Milwaukee.

He was also granted access to use a computer for work, a change from an earlier judge’s order barring him from using any device with access to the internet. Hutchins’ current work wasn’t detailed at Monday’s hearing. The next hearing in the case was set for Oct. 17.

Hutchins’ attorney, Adrian Lobo, hasn’t responded to several phone messages left by The Associated Press over the last week.

>> Read more: How vulnerable are we to cyberattacks?

The legal troubles Hutchins faces are a dramatic turnaround from the status of cybercrime-fighting hero he enjoyed four months ago when he found a “kill switch” to slow the outbreak of the WannaCry virus. It crippled computers worldwide, encrypting files and making them inaccessible unless people paid a ransom ranging from $300 to $600.

Prosecutors allege that before Hutchins won acclaim he created and distributed a malicious software called Kronos to steal banking passwords from unsuspecting computer users. In addition to computer fraud, the indictment lists five other charges, including attempting to intercept electronic communications and trying to access a computer without authorization.

UK HEALTH CARE HIT BY CYBER ATTACK: ‘THIS IS VERY SERIOUS’

The indictment says the crimes happened between July 2014 and July 2015, but the court document doesn’t offer any details about the number of victims. Prosecutors have not said why the case was filed in Wisconsin. The name of Hutchins’ co-defendant is redacted from the indictment.

Hutchins faces decades in prison if convicted on all the charges.

(AP)

Indonesia, Russia to work together to fight terrorism

August 9, 2017

AFP

© AFP | Russian Foreign Minister Sergei Lavrov talks with his Indonesian counterpart Retno Marsudi

JAKARTA (AFP) – Indonesia and Russia pledged Wednesday to strengthen cooperation in cyber-security and counter-terrorism as concern grows about the spread of radicalism in Southeast Asia.

Russian Foreign Minister Sergei Lavrov, who is on a two-day visit to Indonesia, said the two countries would work together more closely to counter the spread of Islamic State (IS) ideology.

“The threat that the ISIL is has not vanished. Its members have been spreading all over the world, including areas close to the Russian and Indonesian borders,” Lavrov said, using another acronym for the group.

Hundreds of radicals from Indonesia have flocked abroad to fight with IS, and the country has seen a surge in plots and attacks linked to the jihadists over the past year.

Indonesian officials have also said dozens of Indonesians have travelled to the southern Philippine city of Marawi to fight with militants loyal to IS.

The militants seized parts of the city over two months ago and have resisted all attempts by the Philippine army to evict them.

“We have agreed that our special services will pay particular attention to increasing coordination in our joint efforts to fight this scourge,” Lavrov said.

Indonesian Foreign Minister Retno Marsudi said the two countries had strong ties on political and defence issues, and Indonesia wanted to deepen trade ties.

The ministers also discussed tensions on the Korean peninsula, the South China Sea and conflict in the Middle East, but gave no details.