Internet phones sold by Cisco Systems ship with a weakness that allows them to be turned into remote bugging devices that intercept confidential communications in a fashion similar to so many Hollywood spy movies, SC Magazine reported.
The publication quoted consultants from Australia-based HackLabs, who said customers had lost $20,000 a day from exploits, which also included attacks that forced the devices to make calls to premium phone numbers. The consultants said the underlying weaknesses were present in the default settings and could be fixed only by making changes to the phones’ configuration settings.
“The book says to shut off web services,” HackLabs’ Peter Wesley was quoted as saying, referring to the manual that shipped with the phones. “Who’s going to read all that.”
SC Magazine said that a Cisco spokesman advised users to “apply the relevant recommendations in manuals to secure their systems. There was no explanation why phones are by default open to the attacks described in the article. A more sensible policy might be to ship the phones with the features disabled and allow customers who have a specific need for them to turn them on.
The magazine didn’t name the specific make of phone, which is also susceptible to denial of service attacks. The article is here. ®
Corporate espionage is a business almost as old as corporations, but thanks to the Internet revolution it has a new business model: cybercrime. A new report from McAfee illustrates how intellectual property and trade secrets are becoming the primary target for hackers, and providing the currency that fuels the cyber underground.
The recent attack against RSA–resulting in the compromise of sensitive data related to the SecurID two-factor authentication that many corporations rely on to guard against unauthorized access and protect data–is an example of how even the very companies that we trust to help guard against corporate espionage are not invulnerable themselves. Hacked SecurID tokens could be used as a stepping stone to more serious corporate espionage.
“Cybercriminals have shifted their focus from physical assets to data driven properties, such as trade secrets or product planning documents,” said Simon Hunt, vice president and chief technology officer, endpoint security at McAfee. “We’ve seen significant attacks targeting this type of information. Sophisticated attacks such as s Operation Aurora, and even unsophisticated attacks like Night Dragon, have infiltrated some of the of the largest, and seemingly most protected corporations in the world. Criminals are targeting corporate intellectual capital and they are often succeeding.”
Personal information–names, addresses, birth dates–are still hot commodities for identity theft, and financial details–credit card numbers, bank account passwords–are big business as well. Don’t hold your breath waiting for botnets and other malware to stop trying to steal those types of data. But, hacking into corporate networks and stealing intellectual capital is generally safer and more lucrative.
For one thing, financial and healthcare organizations which are frequently the target of such data breaches, are also the most vigilant at detecting them. Combine that with the fact that most states have data breach notification laws requiring companies to disclose when data involving personal details or account information of individuals is involved, and it becomes increasingly difficult to fly under the radar and avoid having law enforcement agencies involved.
But, if a hacker instead steals the marketing plans and financial projections from one company, and sells it on the cyber underground to that company’s biggest competitor, there is less risk of alarm bells going off. Organizations don’t like to announce publicly that they have been hacked–so if there are no data breach notification laws compelling them to do so, odds are fair that the theft will be kept on the down low even if it is discovered.
Evolving trends such as the migration to the cloud, and the exodus from the internal network to mobile gadgets make the task of protecting corporate intellectual property that much more difficult. Think of a bank. When all of the money is stored in a steel vault inside the building, it is relatively easy to contain and protect it. Now, give that same money to hundreds of people to carry with them as they wander about, and make it accessible digitally from the Internet as well, and you can see that it is a much more complex issue to secure it.
IT admins need to take proactive steps to assess risk and implement appropriate security controls and defenses, and be vigilant about monitoring for suspicious and malicious behavior. You may not have the secret recipe for Coca Cola on your company file server (you don’t, do you?), but the data you do have is of value to your competitors, and could prove lucrative on the cyber underground.
PARIS (Reuters) – France’s intelligence services have unearthed a case of suspected industrial espionage at an engine subsidiary of French aerospace and defense firm Safran, Le Monde newspaper said in its weekend edition.
A Safran spokeswoman declined to comment on Sunday when contacted by Reuters about the report, which spoke of a Chinese link.
The newspaper said investigators had placed about 10 people in custody as they dig for information about a 2010 attack on the computer networks of Safran subsidiary Turbomeca, which makes helicopter engines.
It said hackers broke into the computer networks and gained access to sensitive information about propeller systems at Turbomeca, as well as Safran documents containing information about billing and the cost of various company projects.
The computer break-ins took place during the first eight months of 2010 and may have involved help from company insiders, Le Monde reported it was told by an unnamed judicial source.
French magistrates in Nanterre have been following up on the preliminary information unearthed by the domestic intelligence services (DCRI), the newspaper said.
While the Safran spokeswoman contacted by Reuters declined to comment, Le Monde said it had contacted the firm and been told: “All we know of is a minor case in 2009 that concerned Turbomeca.”
Turbomeca says on its website it is the leading helicopter engine supplier in China, with one in two helicopters there equipped with a Turbomeca engine or licensed product.
It also says it co-operates with Chinese firms Harbin Aircraft Industries Group, Changhe Aircraft Industry Group and the helicopter-making divisions of China’s Aviation Industry Corp, the state-owned aircraft maker.
Safran is roughly 30-percent owned by the French state, which is still smarting after another case of supposed espionage at carmaker Renault that turned out to be a case of fraud.
Suspicions of industrial espionage at Renault — which also involved a suspected Chinese link in the early days — were deflated last month when the case turned out to be one of fraud and Renault executives apologized to three executives it had fired.
(Reporting by Brian Love and Cyril Altmeyer; Editing by Sophie Hares)
Quebec is sending its new anti-corruption squad to unearth dirt at Montreal city hall, an investigation that has set off a ping-pong round of finger-pointing between the Charest government and Montreal’s mayor.
The Public Security Minister announced Wednesday that Quebec’s anti-corruption unit will set its sights on Montreal in the wake of startling disclosures of spying and illegal computer hacking against an elected official.
“There is profound concern about what’s going on,” Public Security Minister Robert Dutil said in Quebec City. “The allegations of recent days are not acceptable. We cannot tolerate the weakening of an institution like the city of Montreal.”
The succession of scandals has eroded the mayor’s standing and led to a poisonous atmosphere at city hall. But hours after Quebec’s announcement, a defiant Mr. Tremblay pushed back, saying the tumult was the result of his campaign to clean house.
“I said that I would clean up, and when you clean up, it bothers people,” the mayor told a City Hall press conference. “I’m not worried. Our books are open.”
The mayor, irritated that Mr. Dutil didn’t phone him before announcing the provincial probe, shot back with some house-cleaning advice of his own. He said what’s really needed in Quebec is a provincial inquiry into corruption in the construction industry – an oft-repeated call in Quebec that Premier Jean Charest has refused to heed.
“That’s where the real problem is,” the mayor said. “Not just in Montreal, but in Quebec.”
The tit-for-tat jabs did little to dissipate the less-than-stellar image of the body politic. It’s all the more surprising because Mr. Tremblay is a former provincial Liberal cabinet minister.
The investigation into Montreal’s affairs marks the maiden assignment for the Liberal government’s anti-corruption squad, which was created in February and became a Canadian first. Headed by long-time civil servant Robert Lafrenière, it already includes about 100 of the eventual 189 people on the team, and will make its report public.
FRENCH AUTHORITIES are investigating a suspected case of cyber hacking and espionage at a helicopter engine company.
Turbomeca, a subsidiary of the defence firm Safran, had its computer networks hacked and data about propeller systems stolen, according to a report in Le Monde.
Reportedly about 10 people are being held in custody and the attack took place during the first eight months of 2010. There is some suspicion that the attack had help from company insiders.
The report linked the Chinese because Turbomeca is the country’s leading helicopter engine supplier working with both private and state companies. Safran is also owned 30 per cent by the French state, which means there could have been a political motivation for the attacks.
Also, last year hackers targeted the French Finance ministry, looking for files related to the G20 summit in Cannes. The Chinese state was also suspected to have been involved in that attack, but there was no firm evidence to support that conclusion.
It seems too easy to point the finger at China, because organised crime also has the resources and motivation to pull off these types of attacks. It’s just that China has previously been suspected of state sponsored hacking and espionage, with Google having directly accused the Chinese government of interfering with its technology.
