Michael Riley

New Evidence of Hacked Supermicro Hardware Found in US Telecom

A major US telecommunications company discovered manipulated hardware from Super Micro Computer Inc. in its network and removed it in Aug, fresh evidence of tampering in China of critical technology components bound for the US, according to Yossi Appleboum, a security expert working for the telecom company.

Russian Hackers Said to Seek Hush Money From Liberal Groups

Russian hackers are targeting US progressive groups in a new wave of attacks, scouring the organizations’ e-mails for embarrassing details and attempting to extract hush money, according to two people familiar with probes being conducted by the FBI and private security firms. At least a dozen groups have faced extortion attempts since the US presidential election, apparently.

The ransom demands are accompanied by samples of sensitive data in the hackers’ possession. In one case, a non-profit group and a prominent liberal donor discussed how to use grant money to cover some costs for anti-Trump protesters. The identities were not disclosed, and it’s unclear if the protesters were paid. At least some groups have paid the ransoms even though there is little guarantee the documents won’t be made public anyway. Demands have ranged from about $30,000 to $150,000, payable in untraceable bitcoins, apparently.

Destructive Hacks Strike Saudi Arabia, Posing Challenge to Trump

State-sponsored hackers have conducted a series of destructive attacks on Saudi Arabia over the last two weeks, erasing data and wreaking havoc in the computer banks of the agency running the country’s airports and hitting five additional targets, according to two people familiar with an investigation into the breach. Saudi Arabia said that “several” government agencies were targeted in attacks that came from outside the kingdom, according to state media. No further details were provided.

Although a probe by Saudi authorities is still in its early stages, the people said digital evidence suggests the attacks emanated from Iran. That could present President-elect Donald Trump with a major national security challenge as he steps into the Oval Office. The use of offensive cyber weapons by a nation is relatively rare and the scale of the latest attacks could trigger a tit-for-tat cyber war in a region where capabilities have mushroomed ever since an attack on Saudi Aramco in 2012.

Democrats Ignored Cybersecurity Warnings Before Theft

The Democratic National Committee was warned in the fall of 2015 that its computer network was susceptible to attacks but didn’t follow the security advice it was given, apparently. The missed opportunity is another blow to party officials already embarrassed by the theft and public disclosure of e-mails that have disrupted their presidential nominating convention in Philadelphia (PA) and led their chairwoman to resign.

Computer security consultants hired by the DNC made dozens of recommendations after a two-month review, apparently. Following the advice, which would typically include having specialists hunt for intruders on the network, might have alerted party officials that hackers had been lurking in their network for weeks -- hackers who would stay for nearly a year. Instead, officials didn’t discover the breach until April. The theft ultimately led to the release of almost 20,000 internal e-mails through WikiLeaks on the eve of the convention.

FBI Keeps Internet Flaws Secret to Defend Against Hackers

The Obama Administration is letting law enforcement keep computer-security flaws secret in order to further US investigations of cyberspies and hackers.

The White House has carved out an exception for the Federal Bureau of Investigation and other agencies to keep information about software vulnerabilities from manufacturers and the public.

Until now, most debate has focused on how the National Security Agency stockpiles and uses new-found Internet weaknesses, known as zero-day exploits, for offensive purposes, such as attacking the networks of adversaries.

The law enforcement operations expose a delicate and complicated balancing act when it comes to agencies using serious security flaws in investigations versus disclosing them to protect all Internet users, according to former government officials and privacy advocates.

Trove of Software Flaws Used by US Spies at Risk

The White House’s directive to limit the use of software flaws by US intelligence agencies could require the disclosure of thousands of precious exploits now in the hands of elite spying units, intelligence professionals say.

The stockpile of exploits is derived from vulnerabilities not just in ordinary computer software, but also in industrial controllers, heating and cooling systems, printers, anti-virus software, video conferencing systems and encryption protocols.

The exploits, typically based on simple oversights and flaws in computer code that hackers can use to take control of most anything that runs with the help of a computer chip, are considered essential to gathering some of the most valuable US intelligence.

NSA Said to Have Used Heartbleed Bug, Exposing Consumers

The US National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar with the matter said.

The NSA’s decision to keep the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government’s top computer experts. Putting the Heartbleed bug in its arsenal, the NSA was able to obtain passwords and other basic data that are the building blocks of the sophisticated hacking operations at the core of its mission, but at a cost.

Millions of ordinary users were left vulnerable to attack from other nations’ intelligence arms and criminal hackers. The NSA and other elite intelligence agencies devote millions of dollars to hunt for common software flaws that are critical to stealing data from secure computers. Open-source protocols like OpenSSL, where the flaw was found, are primary targets.