Safety on the WEB

spiderman Not every threat on the web will be obvious to you. Very few will look like this evil looking ‘Spidey’ knock-off. Most will be very much more like your sweet old uncle or a really amazing looking young, beautiful co-ed that for some reason thinks you are her only reason for living! A look at some recent data will be helpgrandfather-and-granddaughter-family-lifestyleful in understanding the nature of stalkers and other criminal ‘entrepreneurs.’ Beside the typical identity theft issues, persons like this young female may be attempting to use what is called legally as ‘undue influence’ where they step into a typically elderly person’s life who is lonely, less capable of decision making and they guide the decisions to their own benefit, often taking all the life savings and having the Last Will and Testament rewritten to their own advantage. SCI is going to review just a few one the issues currently hitting internet users which is called a new type of downloader.

The following report by Dr. Brett Stone-Gross and Russell Dickerson of the Dell Secure Works Threat Unit outlines a downloader threat that is currently loose within the cyber-world:

The Gameover ZeuS trojan, also known as Peer-to-Peer (P2P) ZeuS, is one of the largest and most sophisticated botnets involved in online banking fraud. The botnet operators are very well connected in the underground community, and they rely upon a variety of tools and services provided by other cybercriminals to run their operation. In particular, the group regularly uses the Cutwail spam botnet to lure new victims and the Pony Loader malware to steal credentials and download additional malware, including Gameover ZeuS. In August 2013, the Dell SecureWorks Counter Threat Unit™ (CTU) research team discovered that in addition to the Pony Loader, the group is using a new downloader known as Upatre to distribute its malware. The downloader has a small file size and is extremely simple, implementing its functionality entirely in a single function. It downloads and executes a file from a hard-coded URL over an encrypted Secure Sockets Layer (SSL) connection from a compromised web server and then exits. Figure 1 diagrams the malware distribution process.

The Gameover ZeuS botnet operators distribute both Pony Loader and the Upatre downloader through spam emails sent by the Cutwail botnet. Many lures have used social engineering techniques by impersonating financial institutions and government agencies to trick a victim into executing the malware. The spam emails have an embedded malware executable in a ZIP attachment, so user interaction is required to infect the system. Figure 2 shows an example spam email containing the Upatre downloader as an attachment.

Technical information can be found at: URL: http://www.secureworks.com/cyber-threat-intelligence/threats/analyzing-upatre-downloader/

SCI and the CTU research team advises organizations to remain vigilant and to deploy a defense-in-depth strategy that includes the following components:

  • Educate employees about the dangers of clicking on links and attachments in emails.
  • Filter email / scan email file attachment contents and consider blocking executable file types (including those found in ZIP attachments).
  • Deploy advanced malware protection devices in-line with incoming email streams containing malicious file attachments as well as subsequent file downloads.
  • Implement end-point controls on users’ computers to help limit opening of malicious file attachments and to catch malware installation / execution.
  • Apply post-infection controls such as firewall policies, web proxies, file downloads over HTTPS, and associated log monitoring to identify anomalies.
  • Keep antivirus, operating system, and browser software up to date.

This cyber-report is courtesy of Dell Secure Works at www.secureworks.com and is simply one of the threats that are currently out in the cyber-world preying on those who are browsing the web without the appropriate protecting software and without using some common sense in not opening emails with attachments that are suspicious.

Security Consulting Investigations, LLC is pleased to introduce SecCom 360 –  a video/audio communications system that is web based yet 100 per cent safe, not only protected by what we have dubbed ‘above military grade’ secure encryption but also with Cyber Agents that guard each com-meeting to prevent hackers and other cyber interlopers.

 

Watch for further information from SCI as Sec Com 360 is launched for 2014!

SCI – Building for Tomorrow – Today!

Follow SCI at www.security-consulting.us under NEWS for recent cyber-world updates and current threats. InSCIghts also on www.security-consulting.us provides current issues in law enforcement, security concerns, and cyber-world threats as well as comment on international terrorism.

You can also reach SCI at 330-956-9561 or at inquiry@security-consulting.us

Of Trains, Radios, Fishing Lures and Time…

Dad's pocket watch    As of this moment, my third daughter is in with her OB checking on her health and the health of a granddaughter I have not met yet. Her husband, my son-in-law went to jail today. I’m glad he did. It was his first day in his career as a Deputy Sheriff/Corrections Officer! Earlier today, I had a conversation with a fellow who, following in his grandfathers, fathers and uncle’s footsteps, he collects toy trains. He pays top dollar for toy train sets that used to circle every Christmas tree or glimmer in the hopes of little boys as they decided what Lionel train they wanted for themselves. Yet, he worries because as collectable as the old trains are, there is a growing fear among collectors that if the interest does not re-emerge for the small gauge track with the real looking train cars, they will be stuck with thousands of miles of track that lead nowhere.

Then there was a conversation I had over the weekend with a man who buys up old “Ham” radio equipment, not so much for re-furbishing because with the new digital markets the newer radios are smaller, lighter, cheaper, better sound, overall quality and focus on replacement not repair. So why buy up the old stuff? A sense of nostalgia for when times were, in B.C. terminology (before computers) slower, calmer, and even quieter brings those who remember those times looking for a connection to the past. There were times when people on “Ham” radio would Ragchew – in fact, yours truly has a certificate to show that I am a bona-fide ‘Ragchewer’. To prevent questions of my oral hygiene, I’ll explain that to ragchew means to spend time on the radio talking for fairly lengthy periods to someone they do not know, who they will probably never meet and may never talk to again. So taken were they with their long conversations about practically anything and most often nothing at all, that they would exchange post cards, called QSL cards – QSL being the abbreviated Morse Code for ‘confirm contact.’ They usually include the date and time of the conversation, which is recorded for posterity!    The card to the right is an example, showing the author hard at work. QSL

What has become of those who build a small city with mountains and tunnels, with curves and bends that bring the roaring train across the plywood over top of the billiard table which was used for at least two weeks after the Christmas it was dragged into the house, but now proudly holds the Lionel set including the water tower and depot? Where are the all-night ragchewers that are also running phone-patch traffic for maritime mobiles (ships at sea) or missionaries in the heart of the Amazon, even for scientific expeditions at South America?

The phone patch traffic has gone the way of the local telephone operator with the advent of cellular phones, sat-phones, internet and SKYPE. Most “Hams” these days are techies that work only 2 meters or 440 MHz on repeater systems. Thankfully many are volunteering on Tornado Spotter teams and rescue and emergency communications back-up. Now the all-nighter is spent on FACEBOOK or IM-ing someone with texts about the steak they had for dinner. Sure, I know that ragchewing conversations were never going to be the upcoming agenda for MENSA discussions but, come-on… rather than go to some recent FACEBOOK or texting sites; I can get a more intelligent conversation on a Saturday night at Wal-Mart with the unarmed manikin that doubles as a security camera!

The leisure time activities of old have been replaced by twenty-four hour news, text alerts for whatever style of news you desire, computer games that will allow you to land on Mars in virtual reality or draw down on Zombies that are dragging their way across your 87 inch plasma screen with surround-sound so realistic the neighbors have called the cops twice thinking there was a real gun battle at your house and your closest neighbor is two farms down the road about three-quarters of a mile! This is quite different than the good ol’ days of uncle and nephew leaning into the crackling noise of the speaker to try to make out the call sign of that maritime mobile that was looking for a phone patch into Ohio. Gone are the days when, just before the ‘test pattern’ came on to the black and white TV screen there was the footage of a fluttering American flag and background music playing the Star Spangled Banner as the station signed-off for the night. It was night, time for rest to not be haunted by the cable news network talking heads going over the same discussion they have continued nightly for more than a week!test pattern

Oh, yes; I love to be able to pull out my Droid phone and check email as I wait for the plane to take-off or jump on to FACEBOOK and see my grandchildren’s most recent pictures. And at home… the Night Before Christmas might end up re-written “And mother on FACEBOOK and me with my Kindle, had just checked out a NETFLIX film about reindeer…” As much as the nostalgia side of my brain yearns for the simpler, quieter times; I love the electronic toys, the ease of communicating and the instant everything that the Internet brings. So what is the answer to the conundrum?

It must, and I would underscore must come down to Psalm 46:10, “Be still and know that I am God.” If ever there was a time in our world’s history that people must be admonished to “Be still” it is now. The whirling sounds of computer fans, the clacking of keyboards, the incessant ringing of the cellular phones all bring a cacophony of noise that can drown out the soft sounds of the Holy Spirit directing your heart. So how do we find that delicate balance between the quiet space with the Spirit and thriving in a breakneck paced world that can be exciting and full of great things?

The answer lies in the remainder of verse ten of Psalm forty-six. God states, “I will be exalted above the nations, I will be exalted above the earth.” If we truly allow ourselves to see God as higher than any President or King; if we truly see Him as above anything in nature, we will find a way to give Him the time  due to Him. I dislike using the following example but let us assume for this one analogy that ,whoever is the President of the United States at the time this happens is THE one President in all history, or yet to come, that you would like to talk to… If the President of the United States calls you and says, “It is very important that we meet every morning for the next two weeks for about thirty minutes each morning…” Chances are you or I would move everything else off our schedules to make certain we were free for that time period. Well, the Sovereign God, Creator and Master of the Universe has told you that He desires to have that thirty minutes with you every morning for the next two weeks (as a start). Will you being willing to at least put down your sports section of the newspaper or turn off Fox and Friends for thirty minutes for the Master Ruler of the Universe?

The best part about ‘giving up’ time like that for God is that YOU are the one that will receive the blessing for it. You will come away refreshed, encouraged, and yes, even the rest of your day will change because you took the opportunity to spend quality time with God.

Someone mentioned to me that, they agree with taking the time with God but, they have their devotional material on their computer. Well, if that is where you want to start reading it, Okay; but after you have read it, switch that screen off and let the Holy Spirit talk to your spirit for the rest of the time. You won’t regret it and, believe it or not, the computer switch will allow you to turn it back on again when you need it.

“Be still and know that I am God. I will be exalted above the nations. I will be exalted above earth.” – Not enough ‘time’ to get quiet with God? The One who created Time, will give you all you need. If you cannot find a way to set the time aside yourself, God may do it for you and it may not really be ‘convenient’ if He has to choose what will make you slow down and listen.

 

CYBER WAR: Forward to the Past

Dr. R.L. Riggs, Director           Security Consulting Investigations, LLC  

22 February 2013

 

Thirty years ago, in March, President Ronald Reagan approached the American public and the Congress of the United States and gave them the hard facts about the future. In fact, he was very clear how important he felt the cause, or as he defined it, the duty is, that he was bringing before the American people. He said that it was “the most basic duty that any President and any people share – the duty to protect and strengthen the peace.” Either the United States prepares for a war from outer space or enters the 21st century with the awareness that their failure to prepare could bring annihilation.   President Reagan said that his plan would provide “new hope for our children in the 21st century” and now we stand in need of that hope. The political opponents mocked his ‘Chicken Little’ approach to his Star Wars Defense Initiative. America’s enemies, particularly Russia and China supported the President’s detractors hoping to forestall America enhancing its satellite defense systems. President Reagan saw only too clearly the threat of nuclear attacks from the upper atmosphere. He did not have the context to see, however, the role that electronics and computerization would have in this century both for good and evil. And so went the years, the changing of the guard, new presidents with new initiatives, new challenges to take up the attention of the American people and Congress. Then came the 21st century, right on schedule and America was embroiled in a war of more basic weaponry; until China unveiled their forty year quest for weapons aimed for the stars.

America and the world have flown into the cyber future at nano-speed to where almost every part of our culture is somehow inter-connected with those streams of 1’s and 0’s. Your car’s ignition will not turn over without the electronic signal from its computer chip. The traffic lights at the corner cannot function nor can water get to your home. Your furnace won’t light and your appliances will grind to a halt. For those who are dependent on medical equipment which in turn is dependent on electronics, you will need help; but, don’t try to use your cellphone to call for help… the cellphone signal won’t get through and even if it did, the ambulance drivers won’t be able to start their trucks. Prevention and deterrence are too late then.

President Reagan understood deterrence. He said, Deterrence means simply this: Making sure any adversary who thinks about attacking the United States or our allies or our vital interests concludes that the risks to him outweigh any potential gains. Once he understands that, he won’t attack. We maintain the peace through our strength; weakness only invites aggression.” That is the whole premise behind the much mis-quoted Admiral Yamamoto warning of a ‘rifle behind every blade of grass.’

Cyber-war involves electronic attacks that need not come from a satellite. The international electronic infrastructure of the internet itself is a pathway for attack. Just this week a report by Mandiant, a major cyber-warfare defense entity clearly showed evidence of China’s involvement in the thousands of hacking attempts against the U.S. corporate structures. The connection in China went directly to a specialized unit of the PLA (People’s Liberation Army) known as APT1 (Advanced Persistent Threat) a subdivision of the PLA’s 61398 unit located just outside of Shanghai.

In an almost laughable response to the allegations that his country is behind the cyber-warfare, China’s Defense Ministry told reporters of AFP (Agence France-Presse) this week that “… there was no internationally agreed definition of hacking.”[i] An AFP photographer was detained by Chinese authorities shortly thereafter when found taking photographs of the non-descript warehouse near Gaoqiao, a suburb in the north of Shanghai. The security breaches themselves are an immediate threat that must be dealt with at all possible speed. The possibility that China could use its technology for a laser attack against our power grid is even more disconcerting.

The Defense Science Board released this statement regarding Directed Energy and Electric Weapons Systems (DEEWS) almost six years ago:  

As far back as 1964, Dr. Qian Xuesen issued to China his 640 Directivve with the blessing of Chairman Mao Zedong. Among other things, the 640 Directive called for the development of a laser capable of shooting a missile out of its trajectory. The Shanghai Institute of Optics and Fine Mechanics (SIOM) was created. In 1970, the Anhui Institute of Optics and Fine Mechanics (AIOFM) came into being alongside the already functioning SIOM. Thousands of persons have been working on the systems for decades. In 2006, “China reportedly fired a ground-based high-power laser at and blinded U.S. surveillance satellites in orbit over China.”[ii] Sean O’Conner, an internationally known analyst and author of the IMINT and Analysis blog has identified “the potential sliding hangar locations of space-oriented Free Electron Lasers at the AIOFM center in Hefei, the Chinese Academy of Engineering Physics (CAEP) center in Mianyang, and the laser Anti-Satellite (ASAT) site in Xinjiang province.”[iii]

As of now, we know of three lasers: the banned blinding ZM87, the JD3 (which serves as a ‘range-finder and self-defense device’ and can be mounted on battle tanks) and the laser that blinded the U.S. satellite in 2006. Work continues, according to sources across China, on the newest and best models. Bryan McGrath of the Information Dissemination Net is concerned that the U.S. determination to get the laser weapons into the hands of the ‘warriors’ who find much more intriguing ways to utilize such weapons will not match that of the Chinese. You may want to find that old hand crank ice cream maker your grandfather used on hot summer days. It could be your only cooling thought when the winds of war blow across the barren wasteland after a DEEWS attack. President Reagan said in his ‘Star Wars Speech’ in March of 1983, We start by considering what must be done to maintain peace and review all the possible threats against our security. Then a strategy for strengthening peace and defending against those threats must be agreed upon. And finally our defense establishment must be evaluated to see what is necessary to protect against any or all of the potential threats.” Let’s pray that someone will explain that to President Obama and Chuck Hagel.