Some news, some true
Sky apps defaced by Syrian Electronic Army hackers. The hackers posted several messages to one of Sky’s Twitter feeds after defacing its apps. Several of Sky’s Android apps have been removed from the Google Play store after they were targeted by the Syrian Electronic Army hacking collective. It follows an attack which saw the logos of six of the UK broadcaster’s apps replaced by that of the SEA. The hackers also breached one of the firm’s Twitter accounts, allowing them to post messages urging users to view the defaced programmes. Targeting apps in this manner marks a new strategy for the group. Its efforts have previously focused on taking over social media accounts used by the media and western political leaders, and publishing what are claimed to be leaked emails and other files from countries in the Middle East identified as “Syria’s enemies”. Israeli newspapers also reported over the weekend that the SEA had mounted a failed attempt to disrupt the water supply in the port city of Haifa.
US weapon plans compromised by China. Designs for many of the US’s most sensitive advanced weapons systems have been compromised by Chinese hackers, according to a report prepared for the Pentagon and to officials from government and the defence industry. Among more than two dozen major weapons systems whose designs were breached were programs critical to US missile defences and combat aircraft and ships, according to a previously undisclosed section of a confidential report prepared by the Defence Science Board for Pentagon leaders. Experts warn that the electronic intrusions gave China access to advanced technology that could accelerate the development of its weapons systems and weaken the US military advantage in a future conflict. Advertisement The Defence Science Board, a senior advisory group composed of government and civilian experts, did not accuse the Chinese of stealing the designs. But senior military and industry officials with knowledge of the breaches said the vast majority were part of a widening Chinese campaign of espionage against US defence contractors and government agencies. The significance and extent of the targets help explain why the Obama administration has escalated its warnings to the Chinese government to stop what Washington sees as rampant cyber theft
American officials say Iran is behind a new wave of destructive cyber attacks on American corporations and energy firms, according to a report by the New York Times. The May 24 Times article said the targets included American oil, gas and electric companies with a goal of finding ways to seize control of critical processing systems. The Department of Homeland Security warned this month about the cyber attacks, and one government official told the Times, “Most everything we have seen is coming from the Middle East.” Government officials and other experts, according to the report, confirmed a report in the Wall Street Journal that the source of the attacks had been narrowed down to Iran.
New Computer Attacks Traced to Iran. Officials Say. American officials and corporate security experts examining a new wave of potentially destructive computer attacks striking American corporations, especially energy firms, say they have tracked the attacks back to Iran. The targets have included several American oil, gas and electricity companies, which government officials have refused to identify. The goal is not espionage, they say, but sabotage. Government officials describe the attacks as probes looking for ways to seize control of critical processing systems. Investigators began looking at the attacks several months ago, and when the Department of Homeland Security issued a vaguely worded warning this month, a government official told The New York Times that “most everything we have seen is coming from the Middle East.” Government officials and outside experts on Friday confirmed a report in The Wall Street Journal that the source of the attacks had been narrowed to Iran. They said the evidence was not specific enough to conclude with confidence that the attacks were state-sponsored, but control over the Internet is so centralized in Iran that they said it was hard to imagine the attacks being done without government knowledge. While the attackers have been unsuccessful to date, they have made enough progress to prompt the Homeland Security warning, which compared the latest threat to the computer virus that hit Saudi Aramco, the world’s largest oil producer, last year. After investigations, American officials concluded that the Aramco attack, and a subsequent one at RasGas, the Qatari energy company, were the work of Iran
The Report of the Commission on the Theft of American Intellectual Property is published. Speaks about the Chinese threat and recommends some actions. Cached report here
- Designate the national security advisor as the principal policy coordinator for all actions on the protection of American IP
- Provide statutory responsibility and authority to the secretary of commerce to serve as the principal official to manage all aspects of IP protection.
- Strengthen the International Trade Commission’s 337 process to sequester goods containing stolen IP.
- Empower the secretary of the treasury, on the recommendation of the secretary of commerce, to deny the use of the American banking system to foreign companies that repeatedly use or benefit from the theft of American IP.
- Increase Department of Justice and Federal Bureau of Investigation resources to investigate and prosecute cases of trade-secret theft, especially those enabled by cyber means
- Consider the degree of protection afforded to American companies’ IP a criterion for approving major foreign investments in the United States under the Committee on Foreign Investment in the U.S. (CFIUS) process
- Enforce strict supply-chain accountability for the U.S. government
- Require the Securities and Exchange Commission to judge whether companies’ use of stolen IP is a material condition that ought to be publicly reported.
- Greatly expand the number of green cards available to foreign students who earn science, technology, engineering, and mathematics degrees in American universities and who have a job offer in their field upon graduation