Is the Chinese conspiring against the United States?

 

Former U.S. National Security Agency contractor Edward Snowden was able to provide documents to the German weekly magazine, Der Spiegel revealing a stunning secret. These documents were confirmation that Chinese hackers were able to seize top secret data concerning the F-35 Lightning II, a joint strike fighter jet. Additional information states that the breach had taken place all the way back in 2007. However, as of right now, a government official belonging to the United States has said that all information belonging to F-35 remains secure.

According to sources, F-35 Lightning II happens to be the most advanced fighter that is currently in production. Experts who are close to the subject of aerial warfare have stated that China’s latest stealth fighter, the J-31, and J-20 fighter jet are variants that were inspired by F-35. This could mean that the Chinese took intricate details from the fighter jet and implemented them on their own fighter jets. According to AVIC Chairman, Lin Zuomin, he had this to say about J-31 if it ever met F-35 in an open air fight:

“The J-31 will finish it off in the sky.”

According to the Snowden files, there are several details that outline the scope of Chinese F-35 espionage efforts. These ranged from acquiring the radar design of the fighter jet, as well as detailed engine schematics. These schematics would most likely enable the Chinese to build a fighter whose speed matched that of F-35 and they could also replicate the cooling system of the engine, to prevent it from overheating even when it was stressed to its limits.

The leaked documents from Snowden also reveal that several terabytes of data related to F-35 joint strike fighter program were stolen, meaning that if the Chinese were actually responsible for the hack, they had sufficient information on their hands to build a fighter jet of their own in order to match the prowess of F-35.

The Chinese government has denied any involvement in these attacks as Chinese Foreign Ministry spokesman, Hong Lei stated the following:

“The allegations are totally groundless and unproven. We, on the other hand, do have documents that show a certain country has a dishonorable record on cyber security.”

If the Chinese are actually responsible for the hack, what is their ulterior motive? To conspire against the United States? Looks like when more Snowden documents are revealed, we will get to know sooner or later.

First Step to Effective Security – How to Know if You’ve Been Hacked

The online world is becoming scarier each day and the possibility of getting hacked gets increased each time you sign into your online accounts. It’s possible that you haven’t been hacked yet, but you must ensure to follow secure practices to remain safe in the future.

News of new data breaches and password thefts are as common as any other development around you. These attacks occur via various means- either through a malicious email, or a flaw in your computer’s operating system. Even the White House and Pentagon aren’t immune to hackers.

There have been about 5,593 data breaches since the year 2005 and this number is rising exponentially. These breaches have exposed about 800.3 million individual records alone in the United States.

These data breaches are a big risk that ask you to be prepared and follow secure practices.

The Identity Theft Resource Center defines data breach as an “incident in which an individual name plus a Social Security number, driver’s license number, medical record or financial record (credit/debit cards included) is potentially put at risk because of exposure.”

So, what do I lose in a data breach?

Usually, it’s just your basic information like name and email addresses. By collecting this basic information and connecting the dots, an expert hacker can gain tons of other sensitive information to hurt you in various ways.

As written in the Forrester report, Planning for Failure, “even enterprises with the most mature security organizations and advanced security controls can’t prevent every single breach — especially if your opponent has the time and financial backing to target you.”

The situation is getting worse with time and keeping your data safe from the reach of the prying eyes must be your top priority.

But, how to know if you’ve been hacked?

With the increase in hacking attacks, a number of sites have opened up that give you alerts when data breaches take place. One of the best places to get these announcements is the mailing hosted at the Identity Theft Resource Center. It sends regular emails with the weekly data breach information in your inbox.

Haveibeenpwned.com is another website that allows you to check if hackers have compromised your personal information. The website also tells you the reason and incident when your email address was breached.

Hackers Are Using This Malware to Make ATMs Vomit Cash

Security firm Proofpoint has noticed some instances of a new ATM malware called GreenDispenser. Hackers can empty the whole ATM machine without leaving any trace as the malware uses a deep delete process to erase itself.

A new type of ATM malware has been detected by security researchers in Mexico. The malware enabled the cybercriminals to take the complete control of the cash dispensing machines.

The security firm Proofpoint has reported that it has noticed some instances of a malware called GreenDispenser that gives a fake error message that reads, “we regret this ATM is temporary of service”. So far the attacks have been centred on Mexico, but the researchers think that it could be easily implemented anywhere in the world.

This ATM malware leaves no trace of its activities as it uses a deep delete process that helps hackers to erase all the tracks of crime.

As the ATMs show the error message, only the hacker can bypass this error and empty all the cash. This malware uses two-factor authentication that could be bypassed using a pin code that has been earlier hard-coded into the system. After this, the hacker uses the smartphone to scan the OR code that is seen on the ATM screen.

This malware is suspected to be an insider’s job as it required physical access to the ATM.

Kevin Epstein, vice president of threat operations for Proofpoint, said, “ATM malware such as GreenDispenser is particularly alarming because it allows cyber criminals to attack financial institutions directly, without the extra steps required to capture credit and debit card information from consumers – and with correspondingly less traceability.”

The GreenDispense ATM malware has a self-destruct mechanism. So, it only works till a certain date and then disappears.

In recent years, ATM malware instances are on the rise. To keep themselves safe from such attacks, financial institutions must re-examine their security layers and consider modern security methods to counter these threats.

Have something to add? Tell us in the comments below.

 

What Is the Difference: Viruses, Worms, Ransomware, Trojans, Bots, Malware, Spyware etc?

If you’re a regular or even an occasional computer user, then you might’ve heard the terms like Viruses, Worms, Trojans, Bots, Malware, Spyware, etc. But honestly speaking, we consider all these to be a Virus, no matter, whatever be their type. But have you ever tried to acknowledge, what is the difference between these terms, although they are meant to harm your device, steal your data or spy on you, have you ever thought why they are named so differently. Basically, terms like Viruses, Trojans are all types of malicious software or simply ‘Malware’.

Now, the first and foremost question arises, where did these terms came from?

Clearly, they are not some out of the world aliens, in fact the real truth is that they were not even created with an intention to harm someone.

The history of malware attacks goes back to 1949, when John von Neumann, first developed the theoretical base for self-duplicating automation programs, but the technical implementation was not feasible at that time. The term ‘Computer Virus’ was first used by Professor Leonard M. Adleman in 1981, while in conversation with Fred Cohen.

The first computer virus named ‘Brain’ was coded by two brothers Basit Farooq Alvi and Amjad Farooq Alvi, who were from Lahore, Pakistan. Brain was meant to infect storage media based on MS-DOS FAT file systems. It was originally designed to infect the IBM PC, it replaced the boot sector of its floppy disk with the virus. The virus program changed the disk label to ©Brain and the defected boot sectors displayed this message:

Welcome to the Dungeon (c) 1986 Basit & Amjads (pvt) Ltd VIRUS_SHOE RECORD V9.0 Dedicated to the dynamic memories of millions of viruses who are no longer with us today – Thanks GOODNESS!! BEWARE OF THE er..VIRUS : this program is catching program follows after these messages….$#@%$@!!

However, as you may presume, there was no evil intention behind this. Alvi brothers said in their interview with TIME magazine, they created the virus only to protect their medical software from piracy, aimed at copyright infringement acts.

Coming back to Malware, these are malicious software designed to harm a computer which may or may not be connected to a network. Malware only get in to action when there is a computer involved in the game otherwise the term Malware is of no use.

Malware are of the following types:

Worms: These programs have the ability to replicate themselves. Their sole objective is to increase their population and transfer themselves to another computers via the internet or through storage media, all the work is done like a top secret mission hiding their movement from the user. They don’t cause any harm to the computer, their replicating nature consumes hard drive space, thus slow down the machine. Some of the notable worms are, SQL Blaster which slowed the internet for a small period of time, Code Red took down almost 359,000 websites.

Viruses: They also have the ability to replicate themselves, but they do damage files on the computer they attack. Their main weakness lies in the fact, they can get into action only if they have the support of a host program, otherwise they’re just like a defeated warrior. They stick themselves to songs, videos, and executable files and travel all over the internet. W32.Sfc!mod, ABAP.Rivpas.A, Accept.3773 are some of the examples of Virus programs.

The Virus Gang:

File Viruses
Macro Viruses
Master Boot Record Viruses
Boot sector Viruses
Multi-Partite Viruses
Polymorphic Viruses
Stealth Viruses

Feel free to Google anyone of them if you like.

Trojans: Basically, Trojans are no Viruses, and are not meant to damage or delete files on your system. Their sole task is to provide to a backdoor gateway for malicious programs or malevolent users to enter your system and steal your valuable data without your knowledge and permission. JS.Debeski.Trojan is an example of Trojan.

They are named after the ‘Trojan Horse’ tale, in which Greeks entered the city of Troy with the help of a wooden horse which was meant to be a gift, but turned out to be a sweet poison, as depicted in the movie Troy.

The Trojan Gang:

Remote Access Trojans
Data Sending Trojans
Destructive Trojans
Proxy Trojans
FTP Trojans
Security Software Disabler Trojans
Denial-Of-Service Attack Trojans

Feel free to Google anyone of them if you like.

Adware: Adware are used to display advertisements in the programs. They generally come attached with software programs that are free to use as they are the only source of revenue for the developers of those software programs. Adware can’t be completely called as Malware as they have no intention to harm your machine, they only track what advertisements you’re more interested in, so as to display the relevant advertisements on your screens.

Spyware: These programs also come attached with other freeware software, track your browsing and other personal details and send it to a remote user. They can also facilitate installation of unwanted software from the internet. Unlike Adware, they work as a standalone program and do their operations silently.

Spam: You get very irritated when you receive unwanted emails from unknown senders, these are called Spams or junk mails. And the process of flooding the internet with the same message is called Spamming, is done for the purpose of commercial advertising. These junk mails may sometimes contain Viruses or Trojans that enter your system as soon as you open the mail.

Bots: Bots or Robots are automated processes that are designed to interact over the internet without the need of human interaction. They can be used for good and bad intentions. An evil minded person can create a malicious Bot that is capable of infecting the host on its own. After transmitting itself to the host device, a Bot creates a connection with central servers which act as the command centers for the infected hosts attached to that network, called Botnet.

Their skills include stealing passwords, logging keystrokes, analyzing network traffic, relay spam, launch DoS (Denial of Service) attacks and open back doors on infected hosts. These Bots can be seen as the advanced form of Worms, their infection rate and tactic is more effective than those of Worms. These malicious Bots are created after a lot of hard work done by their malignant creators.

Ransomware: These type of malware alter the normal operation of your machine, thus barring you to use it properly. Thereafter, these programs display warning messages asking for money to get your device back to normal working condition.

After reading all this, you might be thinking why people create Malware. Here are some reasons which may compel a coder to write malware codes:

  • Take control of a person’s computer for personal or professional reasons.
  • To get financial benefits.
  • To steel confidential data.
  • To prove their point regarding a security breach can be done on a system.
  • To take down an individual computer or a complete network.

and many more….

How can you protect your Computer :

  • Keep your system up to date.
  • Use genuine software.
  • Install an antivirus software and update it regularly.
  • Set-up a firewall, may it be custom as provided by antivirus software. Windows has an in-built firewall option in case you don’t want to use a custom firewall.
  • Never open unknown emails that generally reside in your Spam folder.
  • Never open unknown links, use online website safety checker tools if you’re not sure to open a website.

By taking these simple measures, you can effectively keep your machine free from Malware and other potential threats.