The loosely-associated band of hackers known as Anonymous claims to have targeted the global intelligence think tank Strategic Forecasting, known as Stratfor, boasting on the microblogging site Twitter that personal information, including credit card numbers, belonging to Stratfor clients had been stolen. As of Monday morning, Stratfor’s Website was down, with a placeholder page saying the site was undergoing maintenance and asking visitors to “check back soon.”
Following the breach, hackers posted the details of the information on the information-sharing site Pastebin. In an email obtained by Reuters Sunday, Stratfor acknowledged an unauthorized breach. "As a result of this incident, the operation of Stratfor's servers and email have been suspended," the company wrote. Stratfor also issued an email to its members, which was obtained by the Associated Press, warning that some names and personal information would wind up on other sites.
"We are diligently investigating the extent to which subscriber information may have been obtained," read the letter, signed by company CEO George Friedman. "Stratfor's relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me.”
Anonymous has defaced and shut down Websites belonging to the music industry, companies that severed ties with WikiLeaks and various government agencies. The FBI and international law-enforcement agencies have been investigating the attacks and making arrests for the past few months. The Department of Homeland Security has begun to take Anonymous and other non-professional cyber-attackers more seriously as it issued warnings about potential attacks earlier this year.
In September, Obama administration officials spoke about the need for increased penalties for computer crimes in light of increased data breaches and hacking activity. The increase in computer crime, including Anonymous-led distributed denial-of-service attacks, Website attacks where data is stolen and general online mayhem, has led the White House to call for an increase in criminal penalties for computer crimes.
Online attacks have become more serious as attackers target sensitive personal data and corporate secrets and undermine infrastructure security. However, the penalties under the Computer Fraud and Abuse Act don't match the seriousness or complexity of cyber-crime, Associate Deputy Attorney General James Baker and Secret Service Deputy Special Agent in Charge, Criminal Investigative Division, Pablo Martinez said Sept. 7 in a hearing before the Senate Judiciary Committee. The proposal was based on the White House's cyber-security plan unveiled in May.
(http://www.eweek.com/c/a/Security/Stratfor-Targeted-by-Hacking-Group-Anonymous-652070/)
Wednesday 11 January 2012
IBM's Watson to Help Doctors Diagnose, Treat Cancer
The next assignment for IBM's Watson supercomputer is to evaluate treatments for cancer. Health insurer WellPoint, which is looking into real-life applications for Watson, has announced that a leading cancer institution in Los Angeles, Cedars-Sinai's Samuel Oschin Comprehensive Cancer Institute, will provide expertise to the company on developing applications based on IBM's Watson data-analytics machine.
Cedars-Sinai is a medical facility focused on diagnosing and treating many types of cancers. WellPoint offers health plans such as Blue Cross and Unicare.
"As we design the WellPoint health care systems that leverage IBM Watson's capabilities, it is essential that we incorporate the highly specialized knowledge and real-life practice experiences of the nation's premier clinical experts," Dr. Harlan Levine, executive vice president of WellPoint's Comprehensive Health Solutions, said in a statement.
Watson allows doctors to understand the large amounts of clinical data and patient histories in medical libraries. The supercomputer gained fame on "Jeopardy" earlier this year and incorporates deep computing and data analytics as well as natural-language processing (NLP) capabilities from Nuance Communications.
WellPoint plans to expand the use of Watson to specialists such as cardiologists and pediatricians, Anthony Nguyen, WellPoint's senior vice president of care management, told eWEEK in September.
By working with WellPoint, IBM hopes to coordinate communication among health care providers, benefits administrators and patients.
WellPoint announced its collaboration with Cedars-Sinai Dec. 16.
A large amount of information and numerous sources of data make oncology an area that could potentially benefit from Watson, said Dr. M. William Audeh, medical director of the Samuel Oschin Comprehensive Cancer Center, which is part of the Oschin Institute at Cedars-Sinai.
"I think that's the kind of challenge that lends itself to a supercomputer like Watson, to try to integrate all of that information," said Audeh.
"What we're talking about is the genomic revolution; genomic information is now being applied more and more to cancer medicine," Audeh added. "New technologies for both diagnosis and treatment and targeted therapies are contributing to the large complexity, and that's why I think the time is right to apply a computer-based approach of the sort that Watson offers to integrate all of that information."
Although Cedars-Sinai won't use Watson itself, as part of the agreement, the institute will advise WellPoint on which clinical content to include in future applications built using the supercomputer, Audeh explained.
Selecting the information to feed into Watson is challenging and complicated.
"It's a very complicated process to, first of all, select the basic information that needs to go into Watson to make it well-informed about all the various kinds of cancer treatments and all the nuances of information that surround a patient with cancer," said Audeh.
Using its data analytics and NLP capabilities, Watson would integrate data such as medical literature, patient histories, clinical trials, side effects and outcomes data to help doctors decide on courses of treatment.
"I think the hope is that Watson would be taught to integrate basic standard information from the medical literature, from clinical trials, from all the guidelines that have been developed by the medical societies into a database that can then look at an individual patient's particular characteristics," said Audeh.
Watson would also look at the characteristics of a patient's cancer and make recommendations on cost-effective treatment that would lead to the best outcome, he added.
"All of that [would] not replace a physician but provide a more comprehensive resource for all of the medically relevant information than any doctor can currently access on a computer, said Audeh.
With the many possible ways to go about cancer treatment, Watson technology could be helpful in evaluating these methods, said Audeh.
WellPoint plans to launch an application based on Watson next year in clinical pilots.
In addition, IBM announced in May an expansion of its Analytics Solutions Center in Dallas to link health data to electronic health records (EHRs) on mobile devices using NLP and data analytics similar to that of Watson.
Other health care IT giants have also been active recently in developing technology to help find treatments for cancer. In November, Dell donated a cloud infrastructure to the Translational Genomics Research Institute (TGen) for storing data from a personalized medicine trial for pediatric cancer.
In another development, General Electric pledged $100 million to cancer research over the next five years.
WikiLeaks, Patents, Cyber-Attacks Lead Week's Security News
The United States government began presenting its case against Army Private Bradley Manning last week and continued this week. Manning is accused of illegally accessing thousands of classified documents and video and leaking it to the whistleblower site WikiLeaks. The witnesses for the prosecution admitted to a number of glaring security issues, such as not requiring a password to access the sensitive database, and allowing analysts to download games and upload content on to secure classified networks.
While vendors still battle each other on features, many have resorted to taking the fight to the courtroom by claiming patent infringement. Juniper Networks has joined the long line of companies in court by suing startup Palo Alto Networks for "willful" infringement of six firewall patents. However, this lawsuit has a twist. The founders of Palo Alto Networks actually invented the technology the patents cover when they were at a different startup before being acquired by Juniper.
The Wall Street Journal broke the news that the United States Chamber of Commerce, a lobbying organization, was hacked by an unknown person or group last year and stole six week's worth of emails belonging to four employees focusing on Asian policy. The Chamber confirmed the breach, but said the incident was limited in scope and the organization had already dealt with the issue.
“I wish I could delight in the schadenfreude some must feel knowing that a lobbying group who openly opposed tightening cyber-security laws themselves became a poster child for one of the most high-profile intrusions in the news in 2011," Andrew Brandt, director of threat research at Solera Networks Research Labs, told eWEEK. He added that he could "take no joy" in the knowledge that the attackers had succeeded.
The Iowa Republican Party said it was beefing up its infrastructure and improving its monitoring capabilities against potential cyber-attacks that may try to disrupt the Jan. 3 Iowa caucus for the 2012 presidential campaign. Cyber-threats, such as distributed-denial-of-service attacks (DDoS), will increasingly target high-profile individuals, such as politicians, and controversial Websites, said Carl Herberger, vice president of security solutions at Radware. Researchers have demonstrated ways attackers can remotely compromise electronic voting systems and the recent Russian election was marred with reports of DDoS attacks against media organizations reporting on charges of election fraud.
Microsoft unveiled yet another feature, the picture password protection, in the upcoming Windows 8 operating system this week. The new system would allow users to select a personal image and assign a series of gestures to the image. When the user wants to log on to the system, the user would have to select the correct image and then use the proper sequence of images before it would unlock the machine, Microsoft claimed.
While Congress goes on holiday and House Judiciary Chairman Lamar Smith agreed to delay work on the controversial Stop Online Piracy Act till January, SOPA still was in the news this week. Customers were outraged that domain registrar GoDaddy supported SOPA called for a boycott and started moving their domains to competitors. The protest spread over Twitter, and competing registrars took advantage of the outrage by posting various discount codes to entice GoDaddy customers away. While the domain giant reaffirmed its support in a statement issued late Dec. 22, it backed down less than a day later and said it would withdraw its support of the bill. While asserting that "fighting online piracy is of the utmost importance," GoDaddy admitted in a statement on Dec. 23: "We can clearly do better."
(http://www.eweek.com/c/a/Security/Wikileaks-Patents-CyberAttacks-Lead-Weeks-Security-News-803474/)
While vendors still battle each other on features, many have resorted to taking the fight to the courtroom by claiming patent infringement. Juniper Networks has joined the long line of companies in court by suing startup Palo Alto Networks for "willful" infringement of six firewall patents. However, this lawsuit has a twist. The founders of Palo Alto Networks actually invented the technology the patents cover when they were at a different startup before being acquired by Juniper.
The Wall Street Journal broke the news that the United States Chamber of Commerce, a lobbying organization, was hacked by an unknown person or group last year and stole six week's worth of emails belonging to four employees focusing on Asian policy. The Chamber confirmed the breach, but said the incident was limited in scope and the organization had already dealt with the issue.
“I wish I could delight in the schadenfreude some must feel knowing that a lobbying group who openly opposed tightening cyber-security laws themselves became a poster child for one of the most high-profile intrusions in the news in 2011," Andrew Brandt, director of threat research at Solera Networks Research Labs, told eWEEK. He added that he could "take no joy" in the knowledge that the attackers had succeeded.
The Iowa Republican Party said it was beefing up its infrastructure and improving its monitoring capabilities against potential cyber-attacks that may try to disrupt the Jan. 3 Iowa caucus for the 2012 presidential campaign. Cyber-threats, such as distributed-denial-of-service attacks (DDoS), will increasingly target high-profile individuals, such as politicians, and controversial Websites, said Carl Herberger, vice president of security solutions at Radware. Researchers have demonstrated ways attackers can remotely compromise electronic voting systems and the recent Russian election was marred with reports of DDoS attacks against media organizations reporting on charges of election fraud.
Microsoft unveiled yet another feature, the picture password protection, in the upcoming Windows 8 operating system this week. The new system would allow users to select a personal image and assign a series of gestures to the image. When the user wants to log on to the system, the user would have to select the correct image and then use the proper sequence of images before it would unlock the machine, Microsoft claimed.
While Congress goes on holiday and House Judiciary Chairman Lamar Smith agreed to delay work on the controversial Stop Online Piracy Act till January, SOPA still was in the news this week. Customers were outraged that domain registrar GoDaddy supported SOPA called for a boycott and started moving their domains to competitors. The protest spread over Twitter, and competing registrars took advantage of the outrage by posting various discount codes to entice GoDaddy customers away. While the domain giant reaffirmed its support in a statement issued late Dec. 22, it backed down less than a day later and said it would withdraw its support of the bill. While asserting that "fighting online piracy is of the utmost importance," GoDaddy admitted in a statement on Dec. 23: "We can clearly do better."
(http://www.eweek.com/c/a/Security/Wikileaks-Patents-CyberAttacks-Lead-Weeks-Security-News-803474/)
Latest Apple iOS Jailbreak Tool Exploits Two Security Flaws
A researcher has released a new jailbreak tool that would allow iPhone users to run code from sources other than Apple's iTunes App Store.
The new jailbreak, dubbed Corona, takes advantage of two different bugs in iOS 5 to untether iPhones and other devices running iOS 5.01, a researcher, pod2g, wrote on his iOS Research blog Jan. 2. One flaw exists in the iOS binary and the other was a heap overflow in the kernel, according to the post.
Apple has in the past moved quickly to patch security flaws as soon as a jailbreak is publicized. With the code for Corona public, the company is expected to close these holes in the next security update.
"Apple has fixed all previous known ways of executing unsigned binaries in iOS 5.0," pod2g wrote, noting that Corona accomplishes its task "another way."
The jailbreak tool relies on vulnerabilities in existing Apple binaries that are loaded using standard functions, pod2g said. Researchers used to create data pages that could be loaded on to the device to launch the jailbreak code prior to iOS 5, according to pod2g. Apple modified data pages to require that they also be digitally signed by Apple to verify its authenticity in iOS 5, so pod2g piggybacked the exploit code onto existing binaries.
The "raccoon" binary is used for setting up IPSec connections from the iOS devices and is started automatically whenever the user sets up a network connection, according to pod2g. The tool uses the vulnerability to copy a bootstrap payload to the device's memory and runs the actual exploit code. The code also uses a previously discovered heap overflow flaw in the iOS kernel but pod2g said he wasn't clear what was actually happening in the kernel.
"I never figured it out exactly," pod2g wrote, adding that he found the issue using a "fuzzing" tool.
The fact that Coronoa took advantage of a format string bug raised a few eyebrows amongst security experts. Chris Wysopal, CTO of Veracode, wondered on Twitter if Apple was not using static analysis tools to hunt for security holes in its code. "These bugs [format string bug] are easy to find with it," Wysopal wrote on Twitter.
The Corona jailbreak has been added to the redsn0w packages that can be used to untether devices. It can be downloaded from Websites belonging to two Apple hacking groups, greenpois0n and the iPhone Dev Team. It appears that pod2g is also working on a jailbreak update that would work on iOS devices that use the A5 chip, such as the iPhone 4S.
"With some luck we could expect a release in a week," pod2g wrote on Twitter.
Even though Apple claims jalbreaking—or cracking the iOS to be able to run unofficial applications—was illegal, the U.S. Copyright Office said in 2009 it was legal for iPhones and other smartphones. As a result, Apple and jailbreak hackers are in the game of cat-and-mouse as the company tries to quickly patch every vulnerability they discover. The Electronic Frontier Foundation has asked the Copyright Office to extend the exemption to the Digital Millennium Copyright Act to protect users who want to jailbreak tablets, e-readers and video game consoles.
(http://www.eweek.com/c/a/Security/Latest-Apple-iOS-Jailbreak-Tool-Exploits-Two-Security-Flaws-144756/)
The new jailbreak, dubbed Corona, takes advantage of two different bugs in iOS 5 to untether iPhones and other devices running iOS 5.01, a researcher, pod2g, wrote on his iOS Research blog Jan. 2. One flaw exists in the iOS binary and the other was a heap overflow in the kernel, according to the post.
Apple has in the past moved quickly to patch security flaws as soon as a jailbreak is publicized. With the code for Corona public, the company is expected to close these holes in the next security update.
"Apple has fixed all previous known ways of executing unsigned binaries in iOS 5.0," pod2g wrote, noting that Corona accomplishes its task "another way."
The jailbreak tool relies on vulnerabilities in existing Apple binaries that are loaded using standard functions, pod2g said. Researchers used to create data pages that could be loaded on to the device to launch the jailbreak code prior to iOS 5, according to pod2g. Apple modified data pages to require that they also be digitally signed by Apple to verify its authenticity in iOS 5, so pod2g piggybacked the exploit code onto existing binaries.
The "raccoon" binary is used for setting up IPSec connections from the iOS devices and is started automatically whenever the user sets up a network connection, according to pod2g. The tool uses the vulnerability to copy a bootstrap payload to the device's memory and runs the actual exploit code. The code also uses a previously discovered heap overflow flaw in the iOS kernel but pod2g said he wasn't clear what was actually happening in the kernel.
"I never figured it out exactly," pod2g wrote, adding that he found the issue using a "fuzzing" tool.
The fact that Coronoa took advantage of a format string bug raised a few eyebrows amongst security experts. Chris Wysopal, CTO of Veracode, wondered on Twitter if Apple was not using static analysis tools to hunt for security holes in its code. "These bugs [format string bug] are easy to find with it," Wysopal wrote on Twitter.
The Corona jailbreak has been added to the redsn0w packages that can be used to untether devices. It can be downloaded from Websites belonging to two Apple hacking groups, greenpois0n and the iPhone Dev Team. It appears that pod2g is also working on a jailbreak update that would work on iOS devices that use the A5 chip, such as the iPhone 4S.
"With some luck we could expect a release in a week," pod2g wrote on Twitter.
Even though Apple claims jalbreaking—or cracking the iOS to be able to run unofficial applications—was illegal, the U.S. Copyright Office said in 2009 it was legal for iPhones and other smartphones. As a result, Apple and jailbreak hackers are in the game of cat-and-mouse as the company tries to quickly patch every vulnerability they discover. The Electronic Frontier Foundation has asked the Copyright Office to extend the exemption to the Digital Millennium Copyright Act to protect users who want to jailbreak tablets, e-readers and video game consoles.
(http://www.eweek.com/c/a/Security/Latest-Apple-iOS-Jailbreak-Tool-Exploits-Two-Security-Flaws-144756/)
Israel Likens Credit Card Breach to Terrorist Act
Israeli officials are investigating a recent cyber-attack that resulted in the theft and exposure of thousands of credit card numbers belonging to Israeli citizens.
The attack was a "breach of sovereignty comparable to a terrorist operation, and must be treated as such," deputy foreign minister Danny Ayalon told BBC.
An individual using the name 0xOmar leaked details of thousands of credit card numbers online, according to a Jan. 2 statement on PasteBay. 0xOmar claimed to be affiliated with Group-xp, a known hacking group based in Saudi Arabia. Israel's data protection agency is investigating the incident and is considering asking Interpol for assistance, Yoram Hacohen, head of Israel's data protection agency, told the Associated Press Jan. 6.
The stolen information came from multiple Israeli sites and supposedly contained names, addresses, Israeli ID numbers, phone numbers and credit card information, including expiration dates and three-digit security codes. Furthermore, 0xOmar claimed to have collected information on almost 1 million people and said he would publish it all.
"Israel has active capabilities for striking at those who are trying to harm it, and no agency or hacker will be immune from retaliatory action," Ayalon told BBC.
National governments have been considering ways to retaliate against those who commit cyber-attacks. Early last week, reports emerged that the Japanese government had contracted with Fujitsu to develop what was described as a "good virus" that was capable of seeking out computers behind a cyber-attack and disabling them from conducting further attacks.
In November, the United States Department of Defense explicitly stated that it has the right to retaliate with military force and launch a physical attack in the event of a cyber-attack against defense systems. The threat of military action would deter people who think they can carry out "significant cyber-attacks directed against the U.S. economy, government or military," the Pentagon wrote in a 12-page report to Congress.
The House and Senate agreed, giving the U.S. military the power to conduct “offensive” strikes online, including clandestine attacks, according to a provision in the military’s 2012 funding bill. Both houses have already passed their versions of the funding bill and are expected to approve the "conference" bill, which reconciles the two versions into a single bill.
"Congress affirms that the Department of Defense has the capability, and upon direction by the president may conduct offensive operations in cyber-space to defend our nation, allies and interests," according to the reconciled bill.
The United Kingdom also discussed improving its military's defense capabilities without actually committing to use military force in its Cyber-Security Strategy released in November.
While 0xOmar claimed to have disclosed information belonging to about 400,000 Israelis, the Bank of Israel's banking supervision department said Jan. 3 that only 15,000 active accounts had been exposed. Another 11,000 credit card numbers were dumped online Jan. 5, but credit card companies claimed only about 6,000 of those accounts were active.
"The credit card companies reported that they have identified the cards of the customers whose details were exposed on the Internet, and the cards have been blocked for use in Internet purchases and telephone purchases," according to the Bank of Israel statement.
There are reports that 0xOmar is a 19-year-old person who is currently in Mexico.
(http://www.eweek.com/c/a/Security/Israel-Likens-Credit-Card-Breach-to-Terrorist-Act-707325/)
Source
The attack was a "breach of sovereignty comparable to a terrorist operation, and must be treated as such," deputy foreign minister Danny Ayalon told BBC.
An individual using the name 0xOmar leaked details of thousands of credit card numbers online, according to a Jan. 2 statement on PasteBay. 0xOmar claimed to be affiliated with Group-xp, a known hacking group based in Saudi Arabia. Israel's data protection agency is investigating the incident and is considering asking Interpol for assistance, Yoram Hacohen, head of Israel's data protection agency, told the Associated Press Jan. 6.
The stolen information came from multiple Israeli sites and supposedly contained names, addresses, Israeli ID numbers, phone numbers and credit card information, including expiration dates and three-digit security codes. Furthermore, 0xOmar claimed to have collected information on almost 1 million people and said he would publish it all.
"Israel has active capabilities for striking at those who are trying to harm it, and no agency or hacker will be immune from retaliatory action," Ayalon told BBC.
National governments have been considering ways to retaliate against those who commit cyber-attacks. Early last week, reports emerged that the Japanese government had contracted with Fujitsu to develop what was described as a "good virus" that was capable of seeking out computers behind a cyber-attack and disabling them from conducting further attacks.
In November, the United States Department of Defense explicitly stated that it has the right to retaliate with military force and launch a physical attack in the event of a cyber-attack against defense systems. The threat of military action would deter people who think they can carry out "significant cyber-attacks directed against the U.S. economy, government or military," the Pentagon wrote in a 12-page report to Congress.
The House and Senate agreed, giving the U.S. military the power to conduct “offensive” strikes online, including clandestine attacks, according to a provision in the military’s 2012 funding bill. Both houses have already passed their versions of the funding bill and are expected to approve the "conference" bill, which reconciles the two versions into a single bill.
"Congress affirms that the Department of Defense has the capability, and upon direction by the president may conduct offensive operations in cyber-space to defend our nation, allies and interests," according to the reconciled bill.
The United Kingdom also discussed improving its military's defense capabilities without actually committing to use military force in its Cyber-Security Strategy released in November.
While 0xOmar claimed to have disclosed information belonging to about 400,000 Israelis, the Bank of Israel's banking supervision department said Jan. 3 that only 15,000 active accounts had been exposed. Another 11,000 credit card numbers were dumped online Jan. 5, but credit card companies claimed only about 6,000 of those accounts were active.
"The credit card companies reported that they have identified the cards of the customers whose details were exposed on the Internet, and the cards have been blocked for use in Internet purchases and telephone purchases," according to the Bank of Israel statement.
There are reports that 0xOmar is a 19-year-old person who is currently in Mexico.
(http://www.eweek.com/c/a/Security/Israel-Likens-Credit-Card-Breach-to-Terrorist-Act-707325/)
Source
Subscribe to:
Posts (Atom)