VULNERABILITIES
Ghost in the Shell: Countries step up on cybersecurity
Ever watch the “Ghost in the Shell” movie and think that wide scale hacking of machines, and huge networks are impossible? Now Japan, ranked number one in high-tech countries by Forbes, think that the “doomsday” scenario is possible and felt the threat is very real in the near future.
Japan to set up cyber security bureau
Recently, Seiko Noda, the Internal Affairs and Communications Minister of Japan stated that there is a “growing risk” for machines and equipment to be hijacked by digital means.
We will make stronger efforts in (cyber security) talent development and other cyber security issues,
commented Noda during an interview with The Nikkei.
The urgency of cyber security was felt as Noda takes the matter into Japan’s fiscal 2018 budget draft to provide funding for the creation of a bureau specialized in cyber security. In addressing this new frontier, the Japanese policy-makers realized that they are way behind tech-leaders such as U.S. and Israel in term of attracting potential cyber-security talents and personnel.
U.S. Government ranks 16 out of 18 in SecurityScorecard report
Despite being top of the game in technology-wise, Japan is not the country that unprepared for cyber-security. In fact, the U.S. government was inadequate for the task as well in protection of sensitive information and digital data, according to SecurityScorecard, a security risk rating agency.
In a recent report from SecurityScorecard, the agency placed the U.S. government on the 16th position when comparing it with the security practices of 18 industries. For the report, SecurityScorecard reportedly reviewed 552 local, state, and federal organizations to see how their security practices stacked up across 10 key categories.
The two industry ranked behind the U.S. government are namely telecom and finally sitting at the last place, education sector.
However, historical records from SecurityScorecard showed the U.S. government actually improved its rating for languishing at the bottom place before moving two places up to 16th.
ENISA seeks funds to manage European cyber security
The European countries felt the heat too in shoring up their defense against malicious cyber-attacks. Interestingly, debt-ridden Greece raised the issue in European Commission seeking for more funding on cyber security for Athens-based European Union Agency for Network and Information Security (ENISA).
According to Vassilis Maglaras, the secretary general for communications of Greece’s ministry for digital policy, told local media that the ENISA should take on a “bigger role” and “only role” in cyber security of European Union (EU). To expand its scope, the ENISA needs fresh funding which currently is capped at EUR 11 million annually.
“It’s an organization (ENISA) that had a mandate that was irrelevant 15 years ago, it was very small because the info-communication technology sector was not so developed. But now it’s a very huge issue so it has to have more money,” explained Maglaras.
In his opinion, a stronger, better funded ENISA is equivalent to safer Europe, not just to Greece alone. However, one of the main barriers for an integrated cyber-security system pointed to the unwillingness of each EU member to share sensitive information with ENISA.
However, all these will change when a new ruling for EU cyber security legislation comes into effect next year where EU members are required to open up and share more information.
Asia unites in cyber defense
Closer to home, Indonesia and Australia have both initiated steps in cybersecurity measures and both initiatives are linked with the city-state of Singapore. For instance, the Singaporean government has invited Joko “Jokowi” Widodo, Indonesian president for the upcoming Singapore International Cyber Week 2017, held during 18-21 September 2017.
Since we have established a national cyber agency, we will need more input. So I’m interested to attend the event in Singapore to talk about cyber security issues. Jokowi told local media.
Since June 2017, Indonesia has inaugurated its national cyber agency named Cyber Body and National Encryption Agency (BSSN) and the agency is scheduled for operation by September 2017.
Similarly, Singapore has also established agency specialized in mitigating cyber risks, called the Cyber Security Agency (CSA) of Singapore. The CSA has then signed an agreement with Australia’s Cyber Security Agency in cooperation for protection of critical information infrastructure.
Under the agreement, both countries will hold “joint cybersecurity exercise” to test their capability in facing the common threat. In addition, the two countries have in mind to host a “cyber-risk reduction workshop” for all the countries in the Association of Southeast Asian Nations (ASEAN) by the end of 2017.
Verdict
As the saying goes, out of adversity comes opportunity. In this case, it seems that in face of adversity, countries unite to fight a common enemy, namely cyber threats. Indeed, this new threat that cyber threats pose can be anonymous, faceless, cross boundaries and yet bring devastating losses to data integrity, financial wealth and even safety of human lives.
The world leaders have since recognized this threat and pitch a defense plan against it. However, the best form of defense actually start from the individual, thus – Are you prepared for cyber-warfare?
BREAKING NEWS
Libssh Security Flaw leaves thousands of servers vulnerable to hijacking
Libssh Security Flaw leaves thousands of servers vulnerable to hijacking. A security flaw in libssh leaves thousands, and potentially more, servers vulnerable to an attack. Libssh is a multiplatform C library which allows users to remotely execute programs, transfer files, manage public keys and use a secure and transparent tunnel.
The security flaw, discovered by Peter Winter-Smith from NCC Group, allows a hacker to bypass the authentication process on the servers and gain access to the system without having to enter a password.
An attacker can do this by sending the SSH server “SSH2_MSG_USERAUTH_SUCCESS” message instead of the “SSH2_MSG_USERAUTH_REQUEST” message that a server usually expects and which libssh uses as a sign that an authentication procedure needs to initiate.
The libssh system will treat this message to mean the authentication has already taken place and allow the attacker access to the server. The flaw (CVE-2018-10933) was released in January 2014 in release 0.6.0.
It’s estimated that the vulnerability currently affects at least 3000 servers, however this is based on a small search and the scale of the problem is not yet known. There were concerns that the popular version control site for developers to work collaboratively on projects, GitHub, was affected but they have released a statement denying this. Github claims the way they use libssh means they are not vulnerable to this exploit.
“We use a custom version of libssh; SSH2_MSG_USERAUTH_SUCCESS with the libssh server is not relied upon for pubkey-based auth, which is what we use the library for,”
a GitHub security official said on twitter
While we use libssh, we can confirm that https://t.co/0iKPk21RVu and GitHub Enterprise are unaffected by CVE-2018-10933 due to how we use the library.
— GitHub Security (@GitHubSecurity) October 16, 2018
The security flaw is only on the server side, meaning users who have a libssh based SSH client installed on their computer will be safe from potential attackers looking to exploit this vulnerability.
While there are currently no public exploits available for the vulnerability, they are easy to put together so these are likely to pop up online in the coming days and weeks.
The team at libssh released versions 0.8.4 and 0.7.6 yesterday to handle this bug.
HACKING NEWS
Several vulnerabilities found in RouterOS that Affected MikroTik Routers
Several vulnerabilities found in RouterOS that Affected MikroTik Routers
Tenable researcher, Jacob Baines, has discovered multiple vulnerabilities in the Mikrotik routers; four separate security flaws that are vulnerable to hacking attacks. Mikrotik made it into the news in September after it was discovered routers had been hijacked using a security flaw on the RouterOS, and attackers we able to spy on users.
RouterOS, Mikrotik’s operating system was found to have around four security flaws. This includes a remote code execution vulnerability (CVE-2018-1156), File upload memory exhaustion flaw (CVE-2018-1157), recursive JSON parsing stack exhaustion (CVE-2018-1158), and www memory corruption (CVE-2018-1159).
While these are separate vulnerabilities, they all require legitimate user credentials before being able to exploit. These vulnerabilities are particularly dangerous, allowing an attacker to gain full control of the system, by remote attacks.
This security vulnerability has been exploited in the past, memorably the hacking of 7500 routers for intercepting user’s traffic and the cryptojacking campaign in which routers were exploited for cryptocurrency mining.
According the Tenable the multiple vulnerabilities affected RouterOS versions 6.42.6 and 6.40.8. Tanable contacted MikroTik in May 2018 to inform them about the flaws, after which Mikrotik released patches to fix the issue. However, not everyone is vigilant with patching their router when these flaws become known, and Jacob Baines has estimated that around 200,000 routers across the world may still be open to this exploit.
We second Tenable’s statement in encouraging users to update their system to the latest patch at the earliest possible time to help protect against these security vulnerabilities.
BREAKING NEWS
Chinese Spying Chips Found Hidden on US companies’ servers
Chinese Spying Chips Found Hidden on US companies’ servers. Business and markets news company Bloomberg reported today that a very small surveillance chip, similar in size to a grain of rice, has been found hidden in servers used by US companies. These servers are being used by nearly 30 American companies, including big names such as Apple and Amazon.
The servers are designed in the US by an American company called Super Micro, and do not include the chip in their designs. It is thought the chip must have been added in China, during the manufacturing process for the servers. The chip is an example of a “hardware hack” where hardware is modified to perform functions that wasn’t originally intended in the design. It is suspected the purpose of the chip is to spy on American companies and their users.
The lengthy publication by Bloomberg reports that Apple and Amazon were among those companies affected, but both companies refute the claim. An Apple spokesperson told Bloomberg that they had no history of finding malicious chips or hardware manipulations in any of its servers. Apple no longer used Super Micro servers after ending their contract with them in 2016.
Amazon also disputes the claims about their servers containing malicious chips and says they have not worked with the FBI to investigate malicious hardware within the company. Super Micro join Apple and Amazon in denying the claims about its servers.
In response to the allegations, China’s Ministry of Foreign Affairs released a statement saying “China is a resolute defender of cybersecurity. It advocates for the international community to work together on tackling cybersecurity threats through dialogue on the basis of mutual respect, equality and mutual benefit. Supply chain safety in cyberspace is an issue of common concern, and China is also a victim. China, Russia, and other member states of the Shanghai Cooperation Organization proposed an “International code of conduct for information security” to the United Nations as early as 2011. It included a pledge to ensure the supply chain security of information and communications technology products and services, in order to prevent other states from using their advantages in resources and technologies to undermine the interest of other countries. We hope parties make less gratuitous accusations and suspicions but conduct more constructive talk and collaboration so that we can work together in building a peaceful, safe, open, cooperative and orderly cyberspace.
[stackCommerce layout=”2″ count=”5″ sort=”best_sellers”][/stackCommerce]
-
GAME REVIEW6 years ago
Top Hacking Simulator Games Every Aspiring Hacker Should Play: Part 1
-
DEALS6 years ago
Great Ethical Hacking Courses for Beginners
-
BREAKING NEWS6 years ago
US Online Retail Company suffered a data breach affecting 6.5 million customers
-
HACKING NEWS6 years ago
The APT attacks hitting East Asia
-
GAME REVIEW6 years ago
Hacknet Review
-
DEALS6 years ago
Music, Voice and Sound interface kits: What you need to know
-
GAME REVIEW6 years ago
Top Hacking Simulator Games Every Aspiring Hacker Should Play: Part 2
-
HOW TO6 years ago
How To Become an Ethical Hacker – Beginners Guide