Security News This Week: The DNC Hack Was Worse Than We Thought
As the annual mega-week of hacking conferences wound down in Las Vegas, more news surfaced about the DNC hack, and the usual trickle of vulnerabilities and breaches continued. A researcher showed methods for unlocking “high security” consumer electronic safes without leaving any evidence of the attack, Oracle’s payment system Micros (which is used at roughly 330,000 cash registers around the world) was hacked, and a Windows vulnerability served as a reminder of why putting backdoors in secure processes doesn’t make sense.
WIRED reported on vulnerabilities in the keyless entry systems of roughly 100 million Volkswagens, open Internet advocates are petitioning to keep web access unfettered in Brazil, and hacking newswires to get embargoed press releases is actually a decent way to do insider trading. Oh, and a hardware vulnerability exposed 900 million Android devices. Casual.
But there’s more: Each Saturday we round up the news stories that we didn’t break or cover in depth at WIRED, but which deserve your attention nonetheless. As always, click on the headlines to read the full story in each link posted. And stay safe out there.
On top of breaching the Democratic National Committee and Democratic Congressional Campaign Committee, investigators say that Russian hackers targeted and compromised personal email accounts and the accounts of other organizations related to Hillary Clinton’s presidential campaign. The evidence is strong enough that officials have been notifying people associated with the Clinton campaign that their email data may have been compromised. Information about who was actually hacked is trickling out slowly. For example, Democrats feared that the Democratic Governors’ Association had been breached, but so far the group says it doesn’t see evidence that its networks were affected. Law enforcement officials say they’re confident Russia was behind the attacks, but it’s still unclear whether Moscow was doing routine surveillance or actively looking to impact the US presidential election.
White House officials are considering using economic sanctions against Russia as retaliation for the DNC hack. That action would require the US to definitively accuse Russia of orchestrating the attacks. So far investigators and lawmakers say they are very confident about the attribution, but the White House hasn’t made any such allegations.
The move has some recent precedents: In January of last year, President Obama issued economic sanctions against North Korea in response to the Sony Pictures hack. Then in April of the same year, he signed an executive order expanding the government’s ability to impose sanctions against international hackers.
The U.S. government tends to tolerate a certain amount of foreign espionage, given that the US itself participates in digital surveillance and information-gathering. In this case, however, White House may decide that it needs to respond, since the DNC breach involved a trove of information that was released publicly. On the other hand, the US already has sanctions in place against some Russian groups because of the country’s invasion of Ukraine and annexation of Crimea, and officials could decide it’s too problematic to strain the relationship further.
If that wasn’t enough state-sponsored hacking news for your week, researchers at Kaspersky Lab and Symantec reported that they’d discovered a previously unknown type of malware that’s so sophisticated it was most likely developed by state-sponsored hackers. Dubbed “Project Sauron” by Kaspersky Lab and “Remsec” by Symantec, the malware has been around since 2011 (if not earlier) and has now been identified on dozens of systems. And the program’s stealthy enough that it seems likely to have infected many more.
Both groups of researchers say that the malware targets sensitive data on computers used by international government and military groups, financial organizations, and infrastructure companies like airlines and telecoms. Project Sauron has shown up in Russia, China, Sweden, Belgium, Iran, and Rwanda so far. It can even infect computers that aren’t and have never been connected to the Internet through USB drives. The malware hides on flash drives, undetectable by Windows and virus scanners, and then probably exploits a zero day vulnerability to infiltrate its targets.
Project Sauron is aimed at collecting IP addresses, passwords, encryption keys and network details. It’s sophisticated enough that it was likely built by a group of specialists with millions of dollars in backing, which points to a nation state (or states) as the likely sponsor. Given Sauron’s targets, plenty of experts are pointing fingers at the NSA and American allies.
Forum Data Breach Compromises 3,000 Login Credentials Including Those of Apple, Google, Samsung, Intel Employees
Hackers accessed the login credentials of a popular developer forum, exposing 2,955 accounts, many of which are used by programmers from tech companies like Apple and Google. The data came from the Khronos Group, which runs a popular application programming interface for rendering graphics called OpenGL. The breach revealed usernames and passwords, but also email addresses and the IP address users were on when they signed up for their accounts. It could be a potentially problematic data trove in the hands of bad actors since so many of the accounts are for tech company employees who could have valuable access and privileges inside their companies’ networks.
View the original here: