Technical Adversary

Please contribute your own postings and comments on advanced persistant threats and related topics.
About Me


My Other Sites
TwitterTwittermetaweblogmetaweblog
Contributors
Tags
Archive
2010 (4)
2009 (12)
Archive for

February 2010

 

Car thieves making clean getaway with GPS jammers

Car thief gangs have begun using imported GPS jammers to allow them to escape tracking technology.

Illicit kit imported into Europe from China operates on the same frequency as GPS satellites to drown out timing signals and confound in-car devices. Because of this in-vehicle systems are unable to either determine their position or report in to vehicle tracking centres in cases where cars or lorries registered with GPS-based tracking technology are stolen.

Vehicles "disappear from the radar" when the GPS jamming technology is deployed, Professor David Last of the University of Wales at Bangor told The Guardian. Professor Last has acted as an expert witness for prosecutors in recent prosecutions involving the seizure of illegal GPS jamming kit.

GPS jammers also have the potential to drown out mobile signals locally, a factor that has reportedly been applied to stop truckers contacting the police in lorry heists in Germany, as well as other applications. Experts reckons some German motorists have used the devices in attempts to avoid GPS-based road charging, introduced for trucks in 2005.

Ownership of the technology is a legal grey area even though it is against the law in both the UK and Germany to either sell or use jamming devices. GPS satellite signals are low power, so jamming devices need not be powerful.

via theregister.co.uk

We'll be seeing more and more of these low skill operators using provided technology mechanisms as time goes on.

Detecting and shutting down jammers in a timely fashion in anything other than a high security area is not going to be a realistic goal. This is a contest that the adversaries will always win.

Filed under  //  gps   jamming  
Posted by gorrie 
 

Dozens Of Defense Contractors, Agencies Hacked

For anyone who has a security clearance and doesn't believe the U.S. faces a cyber-espionage crisis, Colonel Steven Shirley has 102 stories to share with you.

That's the number of cases in which Shirley's team of Pentagon researchers discovered cyberspies breaching the networks of government agencies, defense contractors and other organizations with ties to the U.S. Department of Defense, gaining administrator-level access with the aim of stealing military secrets.

The Pentagon's forensics-focused Cyber Crime Center, where Shirley is executive director, found that between August 2007 and August 2009, 71 government agencies, contractors, universities and think tanks with connections to the U.S. military had been penetrated by foreign hackers, in some cases multiple times. In total, Shirley told Forbes, the center performed 116 investigations following spying breaches and found that in all but 14 of those cases the intruders had gained complete administrator-level access to the victim's network.

via forbes.com

Foreign APTs running wild seems to be the norm.

The over-use of the term APT in the last few months is testimony to their success in the number of incidents of data theft that has been openly disclosed from sensitive agencies.

Filed under  //  APT   data leakage   government  
Posted by gorrie 
 

Cisco's Backdoor For Hackers

ARLINGTON, Va. -- Activists have long grumbled about the privacy implications of the legal "backdoors" that networking companies like Cisco build into their equipment--functions that let law enforcement quietly track the Internet activities of criminal suspects. Now an IBM researcher has revealed a more serious problem with those backdoors: They don't have particularly strong locks, and consumers are at risk.

In a presentation at the Black Hat security conference Wednesday, IOS operating system can be exploited by cybercriminals or cyberspies to pull data out of the routers belonging to an Internet service provider (ISP) and watch innocent victims' online behavior.

"We need to balance privacy interests with the state's interest in monitoring suspected criminals," says Cross. "There's long been a political debate about where that balance should be. But there are also these serious underlying technical problems."

via forbes.com

This seems to be another sticky lesson. Access to technology is difficult to manage when granted in a covert channel.

I realize that many people would object to my term in the context of agency or law enforcement access, but let us be honest with ourselves. Isn't that what this is?

Centralized authorization and role management is difficult enough to manage and monitor without vendors backdooring customer or carrier equipment.

Clearly access methodology needs to improve, controls become stronger, and utilize strong authentication.

Recent events food for thought:
Surveillance Can't Make Us Secure
Google attack part of widespread spying effort

Filed under  //  backdoors   covert channel  
Posted by gorrie