Obama's Email Hacked?

Earlier in the month, US officials confirmed that there was a cyber-event last year but would not confirm that Russia was involved in the attack. But now a senior American official is stating that the hackers may be working for Moscow. They have stated that the hackers infiltrated the State Department’s unclassified system, and from there got into the email archives of White House personnel whom Obama had emailed regularly. Officials don’t believe that the hackers got into the server that holds messages from Obama’s BlackBerry nor have the hackers penetrated any classified networks. However, officials said that the unclassified system often holds highly sensitive material such as schedules, emails with ambassadors and diplomats, personnel moves, and debates about policy. The email account of Obama’s had not been breach itself, but it is unclear how many emails were read that Obama had sent. Even so, the fact that it came from Russia is scary enough. It is unclear what their exact motives were as of yet. 

http://www.securityweek.com/russian-hackers-read-obama-emails-report

Amnesty Blog for week 3

Compensation for the Target Breach?

Everyone remembers the Target breach that happened in 2013. It was all over the news and millions of people had to go through quite a bit of trouble to get new credit cards or hurry up and freeze their accounts before anything was taken from them. Well apparently, Target has come to an agreement with MasterCard to help pay for some of those expenses. Target has agreed to pay MasterCard $19 million to cover the cost of replacement cards, new account numbers, and cancellation of old the affected accounts. So far, the agreement is only with MasterCard but Target is currently trying to work something out with Visa as well. The breach affected 110 million customers and 40 million credit cards. No one has been charged with the crime as of late. 

http://www.cnet.com/news/target-settles-with-mastercard-for-19m-over-data-breach/ 

This is an Amnesty Post for Week 2

Boeing Vulnerabilities Shown

Remember last week when I told you that the FAA said that Boeing was vulnerable? Well that happened. A security expert named Chris Roberts was on a United Airlines flight when he tweeted “Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM. ? Shall we start playing with EICAS messages? “PASS OXYGEN ON” Anyone? :)”  This message essentially translates to the fact that Roberts could get the passenger oxygen masks to deploy. After Roberts tweeted, he was removed from the plane by the FBI and questioned but was later released and allowed to take another flight.  Apparently, the company Roberts works for has been telling Airbus and Boeing for quite some time that their aircrafts were more than vulnerable to attack. Roberts said that he has tried to connect to flight systems 15 to 20 times and has seen all sorts of things, including the flight management system. At the time, he has not been deemed a security risk as is still allowed to fly. This just goes to show that if you even remotely know what you are doing, you can hack all sorts of things. That is a scary thought.

http://www.cnet.com/news/fbi-pulls-computer-security-expert-off-flight-after-he-tweets-about-hacking-its-systems/

Hacking a Plane via their Wi-Fi

Boeing had been warned by the FAA seven years ago that its Dreamliner plane’s Wi-Fi was susceptible to hacking. Now, that threat is still very possible. Boeing’s 787 Dreamliner, Airbus A350 and A380 all have Wi-Fi that is available to passengers. This Wi-Fi is also the same network that the avionics system uses. This raises concerns that a flight could be hijacked by a hacker who could be able to take over the navigation system. The system could also be hacked remotely due to a passenger going to a malicious website. In 2008 the FAA told Boeing that the issue had to be fixed before rolling out their new line of planes. Boeing is saying that they are taking steps to fix the problem, possibly with physically air-gapping the networks. Boeing however, refused to release that information. Overall, this could turn into a very serious situation very, very quickly. All it takes is someone who can breach the network and this could turn into another aircraft tragedy.

http://www.wired.com/2015/04/hackers-commandeer-new-planes-passenger-wi-fi/

On Wednesday, President Obama has put an executive order into action that will allow the Secretary of the Treasury, Secretary of State, and the Attorney General to impose sanctions on cyber attackers that hack into US companies or government agencies networks. The White House is attempting to make it more difficult for hackers to profit from stolen information. The new executive order would ban individual hackers from traveling to the US as well as possibly imposing sanctions to prevent US companies from doing business with individuals, companies, or countries that are involved in cyber attacking. This executive order is designed to go after the most dangers attackers and is not meant to be used against the lower level hackers. President Obama has recently made a push to make cybersecurity more of a priority, in the wake of 50% increase in data breaches since 2013. Obama has also proposed adding $14 billion to the budget in hopes of improving corporate and government cyber security. I think this is the start of making the cyber world more secure and I’m personally glad to see these things happen.

http://www.cnet.com/news/obama-issues-executive-order-to-sanction-malicious-cyber-actors/