The Homeland Security Department and FBI have warned police, fire departments and security personnel that Android users running out-of-date operating systems on their devices pose a significant security threat to their organizations, NetworkWorld reported.
In the July memo, which was “for official use only” and therefore not widely circulated, DHS said “industry reporting” showed that 44 percent of Android users were “still using versions 2.3.3. through 2.3.7 of the OS – known as “Gingerbread” – which were released in 2011 and carried a number of security flaws that were repaired in subsequent versions.
“The growing use of mobile devices by federal, state and local authorities makes it more important than ever to keep mobile OS[es] patched and up-to-date,” the notice said.
DHS cited three threats to those carrying devices with obsolete Android OSes and outlined a mediation tactic:
Text message Trojans account for about half of the malware on older Android devices, DHS said. A common exploit sends texts to premium rate phone numbers owned by criminals and results in high charges to the user. Security suites are now available to knock out the threat, according to the memo.
This is hidden malware that logs a user’s locations, keystrokes or passwords without the user’s knowledge. DHS recommended installing the Carrier IQ test free app that can find and remove the malware.
Fake Google Play domains
Users should install and update antivirus software to knock out these exploits, which trap users into installing apps that let hackers get at financial data and log-in credentials, DHS warned.
Posted on Nov 06, 2013 at 11:23 AM0 comments
Cyberattacks against college and university networks have been on the rise and, apparently, a fair amount of those attacks are successful.
The Internet security company OpenDNS recently said it found that higher education systems were 300 percent more likely to contain malware than networks in government or industry.
“Our research shows that while higher education institutions face the same cyberattacks as enterprises and government agencies, they tend to be compromised by malware and botnets at a much higher rate,” said Dan Hubbard, chief technology officer of OpenDNS and head of the company’s Umbrella Security Labs, which conducted the research. OpenDNS has 50 million users in 160 countries and monitors that traffic for signs of malicious activity.
The biggest threat to higher education systems, according to Umbrella labs, is the Expiro malware, a family of viruses that can infect files on the Windows platform. It’s often installed when a user visits a malicious website that’s hosting a Java or Adobe PDF exploit, OpenDNS said, and can steal user and system information.
Hubbard acknowledged that colleges and universities run their networks more openly than, say, a government agency does, and they have to allow for access from a variety of mobile and other personal devices owned by students of faculty. But some fundamental security practices can help.
To protect users from visiting malicious sites and block infected devices from being brought into botnet activities, OpenDNS recommends:
• Alerting users when new spear phishing campaigns are detected.
• Using predictive analytics to block "malvertising" and watering hole Web attacks.
• Applying DNS-based enforcement to prevent malware-infected devices from phoning back to botnet operators over non-Web connections.
Posted on Oct 28, 2013 at 9:57 AM0 comments
An outage at the Verizon Terremark data center early Sunday caused the center to lose its connection with the data services hub that links the Affordable Care Act online health insurance marketplaces with federal agencies to verify identity, citizenship, and other facts, according to FCW.
The outage was affecting the exchanges in all 50 states, as well as Terremark customers not connected with the marketplaces, according to the Health and Human Services spokeswoman Joanne Peters said. She explained the data center's network connectivity went down during planned maintenance to replace a failed networking component, Reuters reported.
The data services hub, used by both the federal HealthCare.gov and the state-run exchanges, had been one aspect of the federal operation that was working, allowing many of the state-run exchanges to run effectively while problems plagued HealthCare.gov.
By Monday morning, "Verizon Terremark successfully resolved the issue with the networking component overnight,” HHS spokeswoman Joanne Peters said in a statement. "And as of 7 a.m. ET this morning, the Data Services Hub was fully operational."
Posted on Oct 28, 2013 at 12:50 PM0 comments
Government computer security planners have been laying the groundwork for the next generation of cybersecurity technologies: software tools that can detect and respond automatically to increasingly sophisticated threats.
Now the Defense Advanced Research Projects Agency has set up a project to put some of newer technologies to the test by setting up, “the first-ever tournament for fully automatic network defense systems.”
“The growth trends we’ve seen in cyber attacks and malware point to a future where automation must be developed to assist IT security analysts,” Dan Kaufman, director of DARPA’s Information Innovation Office, said in a statement.
DARPA plans to hold a Cyber Grand Challenge at which unmanned systems would be pitted against each other. In a qualifying round, teams would score based on how well their system scanned a network for weaknesses, generated patches or remediation and maintained the operations of the network.
DARPA will invite a group of top competitors from the qualifying event to the final Cyber Grand Challenge , to be held early to mid-2016.
Posted on Oct 25, 2013 at 11:03 AM0 comments
The U.S. Army Research Laboratory has established a Collaborative Research Alliance to explore the basic foundations of cyber science issues in the context of Army networks. The alliance – made up of ARL, U.S. Army Communications-Electronics Research, Development and Engineering Center, academia and industry researchers – gives the members “an opportunity to jointly advance the theoretical foundations of a science of cybersecurity in the context of Army networks,” said Dr. Ananthram Swami, who was recently announced as the Collaborative Alliance Manager, ARL, for the cybersecurity CRA.
ARL said it will research three interrelated aspects of cybersecurity and will add perspective on the human element of the network – the attackers, the defenders and the end users:
- Risk Research will develop theories and models for dynamic risk assessment and explore risk-related properties of dynamic cyber threats, Army networks and defensive mechanisms.
- Detection Research should shape cyber threat detection and recognition capabilities as new cyber threats emerge on the battlefield, he said.
- Agility Research will support planning and control of cyber maneuvers, which help adjust networks and defenses to defeat or mitigate cyber threats.
Posted on Oct 21, 2013 at 9:39 AM0 comments