"Cyber Storm III" Tests U.S. Resilience Under Cyber Attack

Discussion in 'Americas' started by Patriot, Sep 29, 2010.

  1. Patriot

    Patriot Senior Member Senior Member

    Joined:
    Apr 11, 2010
    Messages:
    1,760
    Likes Received:
    538
    Location:
    Ahmedabad, Gujarat, India
    ‘Cyber Storm III’ Tests U.S. resilience Under Cyber Attack - Defense-Update

    The U.S. Department of Homeland Security (DHS) launched today the ‘Cyber Storm III’, a drill testing the nations’ resilience under a simulated, deliberate international cyber attack aimed at the hubs of government, infrastructure and business.

    The three day exercise is the third and largest in a series of annual cyber attack drills conducted outside the defense community. The current event involves more participants that past years, form the federal, state, and commercial sectors. Among the ‘defenders’ are players from seven government departments, 11 states, 12 different countries and 60 private sector companies. The exercise is managed by the DHS’s National Cyber Security Division (NCSD).

    The cabinet-level departments participating in Cyber Storm III are from Commerce, Defense, Energy, Homeland Security, Justice, Transportation and Treasury. In addition, the White House and representatives from the intelligence and law enforcement communities will also attend the event. Eleven states are taking part – California, Delaware, Illinois, Iowa, Michigan, Minnesota, North Carolina, New York, Pennsylvania, Texas and Washington. Among the participant countries are Australia, Canada, France, Germany, Hungary, Japan, Italy, the Netherlands, New Zealand, Sweden, Switzerland, and the United Kingdom (only four foreign nations participated in Cyber Storm II last year). DHS selected 60 companies from the private sector, to assess the effect of potential cyber attack on commercial services sectors, such as Banking and Finance, Chemical, Communications, Dams, Defense Industrial Base, Information Technology, Nuclear, Transportation, and Water.

    The scenario developed by NCSD incorporates known, credible technical capabilities of adversaries and the exploitation of real cyber infrastructure vulnerabilities, resulting in a range of potential consequences – including loss of life and the crippling of critical government and private sector functions. By coincidence, such capabilities have surfaced in recent weeks, with the distribution of a new malicious code called Stuxnet, spreading through industrial systems and infrastructure networks. Such code has the potential to penetrate highly protected systems, including networks that are completely isolated from the internet, to conduct espionage, disruption or deliberate attack.

    The ‘defenders’ could face over 1,500 separate events; some will be subtle, with only few hints indicating ongoing penetrations into computerized systems. Other events will be more dramatic, demonstrating the resulting effects to compromised networks. They will have to identify the ongoing attack in real time, mitigate the compromises and vulnerabilities that allowed it to occur, and deal with the possible consequences to compromised systems. “At its core, the exercise is about resiliency – testing the nation’s ability to cope with the loss or damage to basic aspects of modern life.” DHS officials explain, adding “the Cyber Storm III exercise scenario reflects the increased sophistication of our adversaries, who have moved beyond more familiar Web page defacements and Denial of Service (DOS) attacks in favor of advanced, targeted attacks that use the Internet’s fundamental elements against itself – with the goal of compromising trusted transactions and relationships.”

    Cyber Storm III provides the DHS with the first opportunity to assess and strengthen cyber preparedness and resilience of the nation’s critical infrastructure and key resources (CIKR) – evaluating how the collective cyber preparedness and response capabilities perform against realistic cyber attack. It will also provide the first opportunity to assess the newly-developed National Cyber Incident Response Plan (NCIRP) – a blueprint directed by President Barack Obama, for cybersecurity incident response. The exercise will examine the roles, responsibilities, authorities, and other key elements of the nation’s cyber incident response and management capabilities and use those findings to refine the plan. It will also test the new, National Cybersecurity and Communications Integration Center (NCCIC) inaugurated in October of 2009, which serves as the hub of national cybersecurity coordination.
     
  2.  
  3. Patriot

    Patriot Senior Member Senior Member

    Joined:
    Apr 11, 2010
    Messages:
    1,760
    Likes Received:
    538
    Location:
    Ahmedabad, Gujarat, India
    FBI Clamp Down an International Cyber Network - Defense-Update

    The FBI arrested 20 persons suspected to be members and operators in an international cyber crime network charged with bank fraud scheme. The network compromised dozens of individual and business accounts in the U.S. and transferred more than $3 million under false identities. The FBI is charging more than 60 people from Russia, from Belarus, Kazakhstan and Ukraine, as well as U.S. nationals, some already convicted in money laundering and fraud. Of the 60 charged in this case only 20 were arrested in recent days, 17 are still at large in the U.S. and abroad. The charges followed Tuesday’s arrests of 19 people in Britain on computer crime charges being part of “a sweeping and coordinated effort to combat the 21st century’s variation on traditional bank robbery,” US Attorney Preet Bharara said in New York.

    FBI Assistant Director-in-Charge Janice K. Fedarcyk, attributed the attack to the ‘Zeus Trojan’ malware which allegedly allowed hackers to get into victim accounts from thousands of miles away. “They did it with far less exertion than a safecracker or a bank robber.” Fedarcvk admitted but assured, they, “Like the money mules, many, if not all, will end up behind bars.”

    According to the FBI, the scheme was headed by Artem Tsygankov, a Russian national, age 23, who recruited other young students to operate as mules and managed their activities, directing the money gained by the scheme through fraudulent wire transfers to the mules’ accounts. The network followed ‘multi-level’ scheme, where recruits and recruiters keep around 10% of the amount they transfer. The network recruited ‘mules’ by targeting young students holding U.S. tourist Visas, targeted on Russian social network sites. Tsygankov is still at large, wanted by the FBI. If convicted, he faces more than 30 years imprisonment.

    After the ‘mules’ have opened hundreds of bank accounts, under false identities, at U.S. banks, the cyber attack was launched from Eastern Europe, unleashed by sending millions of emails containing the “Zeus Trojan”, targeting computers at small businesses and municipalities in the United States where security awareness is considered low. According to the FBI, once the email was opened, the malware embedded itself in the victims’ computers, and recorded their keystrokes – including their account numbers, passwords, and other vital security codes – as they logged into their bank accounts online. The hackers responsible for the malware then used the stolen account information to take over the victims’ bank accounts, making unauthorized transfers of thousands of dollars at a time to receiving accounts controlled by the co-conspirators.

    Hundreds of receiving accounts were set up in advance by a “money mule organization” responsible for retrieving the proceeds of the malware attacks and transporting or transferring the stolen money overseas. To carry out the scheme, the money mule organization recruited individuals who had entered the United States on student visas, providing them with fake foreign passports, and instructing them to open false-name accounts at U.S. banks. Once these false-name accounts were successfully opened and received the stolen funds from the accounts compromised by the malware attacks, the “mules” were instructed to transfer the proceeds to other accounts, most of which were overseas, or to withdraw the proceeds and transport them overseas as smuggled bulk cash.

    The investigation began in February 2010 when New York Police Department (NYPD) investigated a suspicious $44,000 withdrawal from Bronx bank, said Commissioner Raymond W. Kelly said: “It soon became evident that it was just the tip of an international iceberg.” said Kelly. The investigation unfolded far beyond New York, involving national and trans-national agencies to reach and decipher the international scheme which represents the profile of typical modern cyber crime. As the incidence of transnational cybercrimes continues to rise, investigations and prevention activities are elevated to include the Diplomatic and Secret Service. “The results of this investigation clearly demonstrate how the Secret Service is forging strong partnerships with other law enforcement agencies, successfully combating cyberfraud, and bringing high-tech perpetrators to justice.” DSS Special Agent-in-Charge Christopher Paul added “The charges announced today send a strong message: Diplomatic Security is committed to collaborating with our law enforcement partners to make sure that those who commit fraud face consequences for their criminal actions. Diplomatic Security’s strong relationship with the U.S. Attorney’s Office and other law agencies around the world continues to be essential in the pursuit of justice.”
     

Share This Page