The meetings included White House, State Department and FBI officials from the USA and corresponding officials from Russia.They also agreed on a tabletop exercise with the two countries, establishing a hotline mechanism for escalating issues to do with cyber crime and agreed to enhance cooperation on fighting 'cyber-enabled' crime, including things like theft of trade secrets, fraud and misuse of technology and communications for terrorist activities, and to enhance exchanges on network protection.Eugene Kaspersky, founder of the eponymous company, gave an explanation at a recent Kaspersky event at the Science Museum.Then you get less sharing as you move away from that inner core.""They have resources that the commercial sector will never have, like satellite imagery, and will have authorities that the commercial sector will have to execute their mission."In essence, as Kaspersky says, cyber security collaboration will continue to mirror collaboration within ordinary geopolitics.
The Lazarus group is believed to be behind the 2009 Sony hackThe hackers behind the Bangladesh bank cyberheist have targeted yet another bank.A bank in Philippines was found to have been the fourth victim of targeted attacks by cybercriminals using the same malware that saw $81m £55.2m stolen from Bangladesh's central bank.However, researchers are still investigating details about the code used in the Ecuadorean bank hack.Now a fourth unnamed bank in Philippines has also found to be linked to the Swift malware, although details about the attack, including whether funds were stolen, are yet to be revealed."We've never seen an attack where a nation-state has gone in and stolen money," he added.Given the hacker group's previous exploits, the security and financial community has been on alert and in efforts to prevent further attacks, has initiated Operation Blockbuster — which involves sharing of information about the group to mitigate more such attacks in the future.
Image caption In February this year, hackers stole $81m £55m from the central bank of BangladeshA top cyber-security firm is investigating whether North Korea could be linked to attacks on banks in recent months.Symantec said it had evidence that the same group attempted to steal money from a bank in the Philippines, one in Vietnam and Bangladesh's central bank.In addition, the code shares similarities with malware used by the group known as Lazarus which has been accused of various attacks on the US and South Korea, including the attacks against Sony Pictures Entertainment.That code-sharing is less true when it comes to nation-state attacks which is why some security firms will name those they believe are behind these relatively rare intrusions.Typically the code used in these attacks is more about stealthy spying than outright theft so is less useful to those after cash.But it is difficult to be sure because code is code and once it is widely disseminated online it becomes harder to see who is behind the keyboard.
Researchers with Symantec cite a recent trio of attacks that involved rare code seen in both the Sony cyberattack and earlier attacks against companies — including banks — in South Korea and the US.Assuming North Korea is behind the attacks, it would be a worrisome and exceedingly rare instance in which a nation-state is hacking global banks to steal money.The researchers go into details about their own analysis, pointing toward the SWIFT payments network and the series of fraudulent transactions being used to steal money from banks.When looking for other malware with the same control bytes combination, the team was taken back to an early version of the aforementioned malware Backdoor.Contopee, which is tied back to the Bangladesh attack.Backdoor.Contopee, says Symantec, was formerly used by hackers who themselves are associated with Lazarus, a collective behind cyberattacks that primarily focus on South Korea and the United States.Lazarus, then, is linked back to Backdoor.Destover, the malware used against Sony Pictures ahead of The Interview s theatrical release a movie that mocks the North Korean dictator while simultaneously showing citizens overthrowing the government, in case you ve forgotten .
Your browser does not support HTML5 videoPlayPausePlayPauseMute0%00:00 / 00:00FullscreenSmallscreen Embed Feed animated history of the EUThe Brexit debate has revealed in a brutal light the UK's existential crisis: what is it to be a modern nation-state in a neo-liberal global system?There is a role model, albeit small, with unenviable weather, that provides some hints as to what concepts of nationhood could look like in the 21st century.The birthplace of Skype although headquartered in London and run by a Swede and a Dane, it was actually built by four Estonian engineers , it has produced a string of start-ups, including FinTech darling and reputed "Unicorn", TransferWise.Every citizen is issued a smart card and reader, which can be used to access government services everywhere.Since Estonia has roughly 80,000 companies today that would represent a significant increase.So how has Estonia managed to do this?
One well-respected security expert thinks humanity will see its first death as a result of a hack within 10 years - and it may even have already happened.Stuxnet could already have killed people," Mikko Hypponen, chief research officer for F-Secure told Business Insider, referring to the sophisticated computer worm that targeted Iranian nuclear facilities that most people believe was developed by the American and Israeli intelligence services.The security executive doesn't think whether or not someone has died is what's important.It could kill people, and they did it anyway.Like Stuxnet, nation-state-sponsored hackers are suspected, with investigators pointing pointing fingers at a Russia-based team.Stuxnet and the Ukranian power grid show there are hackers out there with the capability out there today to cause fatalities, even if just as collateral damage.
Inspired by the Google Doodle, Facebook has been starting to roll out special features dedicated to help users celebrate important days and festivals in their respective countries.While having an upside down flag would usually be considered to be just a silly mistake, in the Philippines, this takes on a graver meaning – during peace time, the flag is flown with the blue section at the top and the red section at the bottom.Independence DayThe Philippines was colonised by both the Spanish and later the US before officially becoming an independent nation state in 1946.This is when Filipinos revolted against the Spanish and created their own national flag and anthem.Although the declaration was neither recognised by Spain or the US, when the country was granted independence in 1946, historians and nationalists urged the government to change the date back to the 19th Century date.Once during the Philippine-American War between 1899 to 1901 and, again, during the Japanese Occupation of the Philippines when the country declared war against the UK and the US in 1944.
NBC News Russian government hackers compromised the network of the Democratic National Committee so well that they were reading private emails and chats for the past year.The revelation comes just a month after the nation's top spy warned that hackers were indeed spying on both candidates."We've already had some indications of that," James Clapper, the director of national intelligence, said in May."Our team considers them some of the best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups we encounter on a daily basis," Alperovitch wrote."The intrusion is not totally surprising: The Chinese government reportedly hacked both Obama and McCain in 2008, and hackers tried repeatedly to break into the campaign accounts of Obama and Romney in 2012.Hackers working for foreign governments can gain valuable insight into a presidential candidate's mindset before they take office, or uncover private communications that might give their country a leg up in diplomatic negotiations.More from Tech Insider:Russian government hackers have been spying on private Democratic emails for about a yearThis is the biggest issue with the Apple Watch's new 911 feature AAPL 'Finding Dory' is funny and heartbreaking, but it's not better than the originalHere's how a vintage internet company ended up center stage at WWDCSweden wants to kill cash within 5 years, and it's getting really closeNOW WATCH: Hackers showed us how to break into the power grid — and it was shockingly easyLoading video...
Jeff Swensen/Getty ImagesFour decades ago, breaking into the files of the Democratic National Committee meant burglarizing the headquarters at the Watergate hotel.The security of our system is critical to our operation and to the confidence of the campaigns and state parties we work with, congresswoman and DNC chair Debbie Wasserman Schultz wrote in a press statement.Cozy Bear, Crowdstrike says, first breached the DNC a year ago, while Fancy Bear struck more recently, with the targeted goal of accessing the Trump research files.We identified advanced methods consistent with nation-state level capabilities including deliberate targeting and access management tradecraft, Crowdstrike s co-founder Dmitri Alperovitch writes in a blog post.— Thomas Ptacek @tqbf June 14, 2016All of that means that the focus on the DNC s opposition files may be a mere distraction for the Trump-obsessed media, says Dave Aitel, a former NSA analyst who now runs the security firm Immunity.Attacks against electoral candidates and the parties they represent are likely to continue up until the election in November.
One, dubbed Fancy Bear, has been active for the last ten years and is thought to be part of the Russian military intelligence GRU."In fact, our team considers them some of the best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups we encounter on a daily basis.The team found that Cozy Bear had managed to get into the DNC server last summer using a SeaDaddy implant developed in Python and compiled with py2exe and another Powershell backdoor., broke into the DNC servers and it was its clumsy attempts to steal data that tipped off the IT staff about both operations."Instead, we observed the two Russian espionage groups compromise the same systems and engage separately in the theft of identical credentials."The DNC can't really have anything on Trump that isn't already somewhere on the internet, and it is hard to imagine that the hack would reveal anything more intriguing than what Trump is already saying almost daily."
Considering the nature of its work, it s no surprise that the Pentagon is of huge interest to hackers, whether state sponsored or pajama wearing OK, they could be one and the same .Such schemes are pretty common these days, with companies like Google and Facebook inviting so-called white hat hackers – those doing it to help rather than cause havoc – to probe their online systems for vulnerabilities.Running for just under a month up until May 12 and focusing on five of its public-facing websites, the DoD s program turned up a whopping 138 security vulnerabilities deemed valid and unique, officials revealed over the weekend.And yes, they ve already been closed to prevent future trouble.Starting this month, its three-pronged approach will include a vulnerability disclosure process and policy for the defense department so anyone with information about security weaknesses in its systems, networks, applications, and websites can submit details without fear of prosecution.The Pentagon revealed in 2009 it d spent more than $100 million in a six-month period dealing with damage caused by daily cyber attacks on its networks, with the intrusions carried out by everyone from the bored teenager all the way up to the sophisticated nation-state, with some pretty criminal elements sandwiched in between, an official said at the time.
Although Firaxis already shared information about Egypt this week which we experienced second-hand in our demo , 2K Japan has since released details about how the land of the rising sun will handle itself in Civilization VI.An iron-fisted ruler from the 13th century, Tokimune is best known for successfully leading Japan against the Mongol invasion and spreading Zen Buddhism among the Japanese nobility and warrior class.Japan s special ability in Civilization VI is called Meiji Restoration, which encourages denser cities by providing adjacency bonuses for districts built next to each other.The actual Meiji Restoration was a late 19th century consolidation of imperial power under Emperor Meiji, which allowed the pre-industrial, feudal kingdom to emerge in the 20th century as a powerful and modern nation-state.The in-game ability reflects the urbanization that always follows a transition from an agricultural to an industrial society.It s also the first ability we ve seen thus far that utilizes the new unstacked city-building, and it seems both potent and flexible.
Cyber criminals could access trains, computer networks or message boards.While railway systems may not be the first target that comes to mind, government-backed hackers are clearly invested in infiltrating every aspect of a country – including its transport systems.In the UK, which remains a high-profile target for intrigued foreign nations like Russia, China and the US, new figures indicate there has been four major cyberattacks on railway networks over the past year – all blamed on "nation state activity."The statistics were revealed by UK-based cybersecurity firm Darktrace, which is employed to guard much of the UK's rail network from attack.While detail about the full extent of the hacks remains unknown, the firm said that the breaches have been "exploratory" rather than disruptive.Speaking with Sky News, Sergey Gordeychik, cybersecurity researcher at Russian firm Kaspersky Lab, said access to UK rail could give hackers control over everything from online information boards to the computer systems that manage signals, internal messages and even the trains themselves.
Security researchers have identified a strain of malware that has already infected at least one European energy company.The malware, dubbed SFG, is related to an earlier sample called Furtim, that created a backdoor on targeted industrial control systems.This backdoor might be used to deliver a payload which could be used to extract data or potentially shut down the energy grid, security researchers at endpoint security firm SentinelOne Labs warn.SentinelOne Labs researchers reckon the SFG malware bears all the hallmarks of a nation-state attack - probably of Eastern European origin.The Windows-based malware is designed to to bypass traditional antivirus software and firewalls.It is also primed to detect when it is being run in a sandbox environment - a technique used to detect advanced malware - or in systems using biometric access control systems.
Security researchers say attacks on the power stations are so sophiscated they can only be carried out by nation statesHackers are targeting energy companies in Western Europe with sophisticated form of malware.Cybersecurity researchers from SentinelOne Labs say that the malware, which has infected at least one power company in Europe, takes "extreme measures" to avoid detection before it drops its payload, used to report information about the infected network back to a command-and-control centre.Power companies have been the target of hackers before, such as the cyberattack against a Ukranian power grid which caused blackouts in December last year.The researchers don't name the state they think is behind the malware, but note it is of "Eastern European origin" and has traits which suggest it is likely to be the work of a nation state; namely the sophistication of the malware sampled and the cost required to developing something as advanced in nature.SentinelOne said the malware was developed to work on any devices running any version of the Microsoft Windows operating system and is capable of avoiding detection by anti-virus software, firewalls and even more recent endpoint solutions capable of using sandboxing security techniques.
Your browser does not support HTML5 videoPlayPausePlayPauseMute0%00:00 / 00:00FullscreenSmallscreen Close Embed Feed Iran's Nuclear Computer 'Forced to Play AC/DC'A new malware campaign, targeting energy companies in Europe, has been uncovered by security researchers.The malware's "sophistication" and "extreme" security detection evading capabilities are so good that researchers believe it is "a nation-state sponsored initiative".Researchers suspect the malware was developed by engineers located in Eastern Europe.Security firm SentinelOne said that at least one unnamed European energy firm had been targeted by the malware, which was released in May of this year and is still active.SentinelOne's senior researcher Joseph Landry told ArsTechnica that there might be a possibility that the malware was developed by skilled Russian coders.
It's not the next Stuxnet, says SentinelOne, it's just very naughty codeMalware hyped as aimed at the hear of power plants is nothing of the sort according to security outfit Damballa, which has put its name to analysis claiming the "SFG" malware is run-of-the-mill code without sufficient smarts to target SCADA systems.The so-called SFG malware is the spawn of Furtim, and hit headlines as targeting industrial control systems when all it does is creates backdoors for regular data exfiltration and payload dropping.SentinelOne said those attacks looked like the work of a nation-state.But Damballa says the malware is a regular financially-driven menace that lacks SCADA supervisory control and data acquisition targeting.SFG does not appear to be a nation-state operation, and there is no specific threat to any particular sector."
After 70 years of an ever-closer union, on June 23rd the UK decided to break away from the European Union.Listening to some people in the last few weeks it would be hard not to think that Brexit was the first sign of the apocalypse.The European Union was originally founded as a platform to replace the centuries of war in Europe with trade and cooperation.Over the decades, the EU helped nation states integrate their economies and provide the structures that have helped unify Europe.Not through ideology but through the industries of nations working together.Europe was held together ultimately not by a political structure but the practicalities of business.
Top Kremlin officials have denied the hack at the DNC was state-sponsoredTop Kremlin officials have denied accusations of Russian state-sponsored involvement in a cyberattack against the Democratic National Committee DNC following the release of nearly 20,000 internal Democratic Party emails by WikiLeaks.One official, Foreign Minister Sergey Lavrov, brushed off such speculation when questioned by media during talks in Laos with US Secretary of State John Kerry."I don't want to use four-letter words," he said in English, as reported by the Moscow Times.Kerry confirmed to media after the talks he had raised the DNC infiltration with Lavrov, however did not repeat allegations of nation-state collusion."I raised the question and we will continue to work to see precisely what those facts are," Kerry said.
Phone numbers of 15 million Telegram users in Iran reportedly exposed, researchers claimA hacking group with suspected links to the Iranian security services has reportedly compromised the phone numbers of 15 million Telegram users in Iran and over a dozen individual chat accounts on the encrypted platform, according to Reuters.The notorious cybercrime collective implicated is dubbed 'Rocket Kitten' and is known to target dissidents, politicians and journalists with sophisticated spearphishing tactics.Analysis from security firm Checkpoint previously found the group to be "aligned with nation-state intelligence interests".Now, based on fresh research from two experts, Collin Anderson and Claudio Guarnieri, a Telegram vulnerability is reportedly being exploited in a way that could 'map' users of the popular application, which offers encrypted chats and messaging features to roughly 20 million users in Iran.The security flaw, according to Anderson and Guarnieri, and exclusively reported by Reuters, relates to how Telegram uses SMS text messages to activate new devices.