And much more.
We begin the the latest round of the Great Game from the Washington Post:
Top U.S. intelligence official backs arming Ukraine forces against Russia
The top U.S. intelligence official said Thursday that he supports arming Ukrainian forces against Russian-backed separatists, as the Obama administration continues deliberations about whether to deepen involvement in a conflict pitting the West against Russian President Vladi-mir Putin.
James R. Clapper Jr., the director of national intelligence, said providing weapons to Ukraine would likely trigger a “negative reaction” from the Russian government, which Western officials are hoping will ensure that separatists stick to a European-brokered cease-fire that took effect this month.
“It could potentially further remove the very thin fig leaf of their position that they have not been involved in Ukraine,” Clapper told members of the Senate Armed Services Committee, adding that Russia could respond by sending more sophisticated weapons to separatist areas.
From RT, asserting a naval presence:
Russia secures military deal to use Cyprus’ ports despite EU concerns
Russian navy ships will keep having access to stop off at Cyprus’ ports in Mediterranean as the two countries have agreed to prolong the pre-existing deal on military cooperation.
The agreement, which applies to Russian vessels involved in counter-terrorism and anti-piracy efforts, was signed by President Vladimir Putin and his Cypriot counterpart, Nicos Anastasiades, in Moscow.
The signing came aimed heightened tensions and sanctions between Russia and the EU over the military conflict in Ukraine.
President Putin, however, stressed that the agreement, as well as Russia-Cypriot ”friendly ties aren’t aimed against anyone.”
From Agence France-Presse, how to keep them from droning on:
From Nextgov, what could possibly go wrong?:
CIA’s New Big Data Hub Will be Hosted in the Cloud
The CIA is preparing to take the next step in its quest to shake up the status quo of siloed agencies within the intelligence community.
CIA Chief Information Officer Doug Wolfe confirmed Wednesday the intelligence agency will start using Cloudera’s Enterprise Data Hub platform by April, a move he expects “to extend the innovation and push the envelope on a whole range of different solutions” for all 17 IC agencies.
The enterprise data hub, also known as a “data lake,” would presumably provide standardized data sets compiled by intelligence analysts across various agencies to decision-makers among many other features found in the company’s widely used open source big data platform.
From SINA English, a Chinese wall:
Some foreign tech brands removed from China government purchase list
CHINA has dropped some of the world’s leading technology brands from its approved state purchase lists, while approving thousands more locally made products.
Chief casualty is US network equipment maker Cisco Systems Inc, which in 2012 counted 60 products on the Central Government Procurement Center’s list, but by late 2014 had none, according to a Reuters analysis of official data.
Apple Inc has also been dropped over the period, along with Intel Corp’s security software firm McAfee and network and server software firm Citrix Systems.
An official at the procurement agency said there were many reasons why local makers might be preferred, including sheer weight of numbers and the fact that domestic security technology firms offered more product guarantees than overseas rivals.
From the Guardian, absence of evidence asserted:
No evidence of NSA and GCHQ Sim card hack, says allegedly compromised firm
- Gemalto, the world’s largest Sim card manufacturer, denies claims intelligence services hacked into its servers and stole the keys to billions of mobile phones
The firm allegedly hacked by the NSA and GCHQ has stated that it cannot find any evidence that the US and UK security services breached and stole the encryption keys billions of Sim cards.
The alleged hack was revealed by documents from the NSA files provided by Edward Snowden, which detailed attacks on Gemalto – the world’s largest Sim card manufacturer – which allegedly saw them steal encryption keys that allowed them to secretly monitor voice calls and data from billions of mobile phones around the world.
But after an investigation, the Dutch security company, which supplies Sim cards to all of the major UK mobile phone networks and 450 operators globally, has said that no evidence of a theft of Sim card security details has been found.
From the Intercept, the sound of one hand clapping:
Gemalto Doesn’t Know What It Doesn’t Know
The company was eager to address the claims that its systems and encryption keys had been massively compromised. At one point in stock trading after publication of the report, Gemalto suffered a half billion dollar hit to its market capitalization. The stock only partially recovered in the following days.
After the brief investigation, Gemalto now says that the NSA and GCHQ operations in 2010-2011 would not allow the intelligence agencies to spy on 3G and 4G networks, and that theft would have been rare after 2010, when it deployed a “secure transfer system.” The company also said the spy agency hacks only affected “the outer parts of our networks — our office networks — which are in contact with the outside world.”
Security experts and cryptography specialists immediately challenged Gemalto’s claim to have done a “thorough” investigation into the state-sponsored attack in just six days, saying the company was greatly underestimating the abilities of the NSA and GCHQ to penetrate its systems without leaving detectable traces.
“Gemalto learned about this five-year-old hack by GCHQ when the The Intercept called them up for a comment last week. That doesn’t sound like they’re on top of things, and it certainly suggests they don’t have the in-house capability to detect and thwart sophisticated state-sponsored attacks,” says Christopher Soghoian, the chief technologist at the American Civil Liberties Union. He adds that Gemalto remains “a high-profile target for intelligence agencies.”
Target tally totaled, via SecurityWeek:
Target Data Breach Tally Hits $162 Million in Net Costs
The cost of the Target breach keeps on climbing.
According to the firm’s latest earnings report, the net expense of the breach stands at $162 million.
The actual total has now reached a gross expense of $191 million. That amount was partially offset by a $46 million insurance receivable in 2014. In 2013, the company’s gross expense related to the breach was $61 million, which was offset by a $44 million insurance payment. That brings the net expense of the breach for the retail giant to $162 million.
According to the Ponemon Institute’s ninth annual global study on data breach costs released last year, the average total price tag of a breach was $145 for every record stolen or lost – an increase of nine percent compared to the cost noted in the previous report. The study focused on 314 companies across 10 countries. All the companies that participated in the 2014 study had experienced a data breach ranging from a low of 2,400 compromised records to a high of slightly more than 100,000. The most expensive data breaches occurred in the U.S. and Germany, and cost $201 and $195 per compromised record, respectively.
From Threatpost, Anthem for more bad news:
Up to 18.8 Million Non-Anthem Customers Affected in Breach
In addition to roughly 80 million Anthem customers, nearly 20 million more individuals who aren’t customers of the health insurer could ultimately wind up implicated in this month’s massive data breach.
The company disclosed yesterday that between 8.8 million and 18.8 million Blue Cross Blue Shield customers’ records may have been storoed in the database that was hacked. Anthem is part of a network of independent BCBS plans, and the latest batch of affected customers may have used their BCBS insurance in states such as Texas or Florida where the company runs partnerships.
It’s the first time the company has disclosed information regarding the breach as it relates to data other than its own since the compromise was announced on Feb. 5.
From SecurityWeek, ad-hacking your wireless:
Researchers Spot Aggressive Android Adware on Google Play
Highly aggressive adware has been found hidden in ten Android applications hosted on Google Play, Bitdefender reported.
Adware is highly common on both desktop PCs and smartphones. However, the threats discovered by the security firm stand out not just because they are aggressive, but also because they employ clever tricks to stay hidden on the infected device.
Once installed, the apps redirect victims to a webpage, hosted at mobilsitelerim.com/anasayfa, which serves ads designed to trick users into installing other pieces of adware disguised as system or performace updates, or get them to sign up for premium services. The displayed ads differ depending on the user’s location, Bitdefender said.
“Although they’re not malicious per se, by broadcasting sensitive user information to third parties, they resemble aggressive adware found on desktop PCs. The resulting barrage of pop-ups, redirects and ads irks users and seriously damages both the user experience and the performance of Android devices,” Bitdefender security researcher Liviu Arsene explained in a blog post.
And from Threatpost, an enduring threat:
Ransomware Looming As Major Long-Term Threat
On May 30, 2014, law enforcement officials from the FBI and Europol seized a series of servers that were being used to help operate the GameOver Zeus botnet, an especially pernicious and troublesome piece of malware. The authorities also began an international manhunt for a Russian man they said was connected to operating the botnet, but the most significant piece of the operation was a side effect: the disruption of the infrastructure used to distribute the CryptoLocker ransomware.
The takedown was the result of months of investigation by law enforcement and security researchers, many of whom were collaborating as part of a working group that had come together to dig into CryptoLocker’s inner workings. The cadre of researchers included reverse engineers, mathematicians and botnet experts, and the group quickly discovered that the gang behind CryptoLocker, which emerged in 2013, knew what it was doing. Not only was the crew piggybacking on the GameOver Zeus infections to reach a broader audience, but it also was using a sophisticated domain-generation algorithm to generate fresh command-and-control domains quickly. That kept the CryptoLocker crew ahead of researchers and law enforcement for a time.
“The interesting thing is all the opsec involved in this. The architecture thought out with this was really clear. The people working on this really sat down and architected and then engineered something,” said Lance James of Deloitte & Touche, who spoke about the takedown effort at Black Hat last year. “It took a lot more people on our side to hit it harder.”
After the jump, Austria enacts an Islamic crackdown, on to the ISIS front, first with a spooky assessment, crowdsourcing an anti-ISIS army, and a ‘Jihadi John’ profile from Old Blighty its spooky origins, Yemeni Arab Spring activists see their hopes dim, a Boko Haram bombing body count, bomb-sniffing pachyderms deployed, on to Pakistan and an American blogger slain, thence to North Korea and Japanese sanctions threatened, Washington deploys its top airborne spycraft to the South China Sea, Japan’s already considerable military power, and Shinzo Abe engineers more overseas naval deployments, and eases more legal restrictions. . . Continue reading