This Week in Cybercrime: Hackers More Dangerous than Al Qaeda?

Plus: U.S. cyberattack monitor hacked and Android apps steal data

3 min read
This Week in Cybercrime: Hackers More Dangerous than Al Qaeda?

U.S.: Hackers More Dangerous than Al Qaeda

It seems that cybercriminals and politically motivated cyberattackers have vaulted to the top of the list of security threats to the United States. On Tuesday, James R. Clapper, the nation’s director of national intelligence told a Senate committee that hackers not affiliated (or at least not directly linked) with another nation-state could very well infiltrate the raft of poorly secured U.S. networks that control critical infrastructure such as power generation facilities. To impress upon the legislators the seriousness of the threat, he ranked cyberattacks ahead of the brand of terrorism practiced by Al Qaeda. Later in the week, Gen. Keith Alexander, the head of the Defense Department's new U.S. Cyber Command told another collection of senators that his group is setting up its own hacker teams equipped to retaliate in the event of a major cyberattack on U.S. networks. Coincidence? Not likely, says a Tech News World article that considers the congressional testimony to be part of a shift in U.S. military strategy “pointing toward a renewed emphasis on the nation's digital defenses.” The coordinated meet and greets, say some observers, simply indicate a rejiggering of the executive branch’s funding wish list.

“The problem is not so much that cyberattacks are suddenly worse than they've been, but rather that [online attacks’] relative standing as a threat continues to rise as Al Qaeda is further dismantled,” Andrew Braunberg, a research director at information security research firm NSS Labs, told Tech News World.

U.S. Cyberattack Sentry Shut Down

Also just in time to make the U.S. government's point about the cyberattacks was the revelation this week that the NIST National Vulnerability Database (NVD), the government’s clearinghouse for information on malware and cyberattacks, was hacked and has been out of commission since last Friday. Security researchers apparently found malware on two NVD servers. But in an ironic twist, the site, which is set up to issue warnings when new viruses are propagating across the Internet, failed to sound the alarm about its own security problem.

According to a Business Insider article, Finnish security researcher Kim Halavakosk wondered why it has taken so long to get the site back up, so he e-mailed NIST to find out. He posted a response from a NIST PR rep to his Google+ account. The reply e-mail summed up the situation but offered few details regarding how the hackers got in. But the PR person was quick to assure the public that:

“Currently there is no evidence that NVD or any other NIST public pages contained or were used to deliver malware to users of these NIST Web sites. NIST continually works to maintain the integrity of its IT infrastructure and acts to limit the impact of malware on its systems. We regret the impact this has had on our services.”

Is Your Android App Spying on You?

On Wednesday, the Data Center of China Internet (DCCI) released a report that should make all Android phone users suspicious of what’s lurking inside their handsets. According to the report, roughly 35 percent of Android apps sold in China secretly steal user data even when the information has not in any way related to the app’s function. Although the 1400 apps the research institute looked at were mostly sold at Chinese app markets that Google doesn’t control, it still illustrates cybercrooks’ focus on Android as well as the operating system’s vulnerability (especially the myriad jury-rigged versions that are steadily taking over China’s mobile device market).

Apparently up-to-the-minute information on where people are is becoming a big quarry for cybercriminals. DCCI found that more than half of the apps tracked users’ locations. More than 20 percent rifled through users’ address books, while others read call records, and text histories. But the most unnerving thing may be the capability of some of the apps DCCI looked at to secretly send texts and make calls right under the user’s nose.

Ovum analyst Shiv Putcha summed it up best when he noted in a blog post that, “Android is fragmenting beyond Google’s control, and Google’s Android strategy is rapidly coming undone in China with no immediate prospects for correction.”

Major Phishing Campaign Targets Australian Banking Customers

Early Thursday morning, hundreds of thousands of Australians woke up to malware-laced e-mails in their inboxes. The message, crafted to seem like it came from Westpac, Australia’s oldest bank, carried the subject line "Westpac Secure Email Notification" and the sender address "". It instructed recipients to open an attachment that would unleash a virus. Security firm MailGuard, which identified the e-mails as fraudulent by 9:30 that morning, told the Sydney Morning Herald that by the middle of that afternoon, it had blocked more than 300 000 of the bogus alerts routed to its clients' inboxes. The first wave of messages went largely undetected, says MailGuard, because they originated from more than a thousand unique source IP addresses—many of them outside Australia.

Photo: Peter Dazeley/Getty Images

The Conversation (0)

The Cellular Industry’s Clash Over the Movement to Remake Networks

The wireless industry is divided on Open RAN’s goal to make network components interoperable

13 min read
Photo: George Frey/AFP/Getty Images

We've all been told that 5G wireless is going to deliver amazing capabilities and services. But it won't come cheap. When all is said and done, 5G will cost almost US $1 trillion to deploy over the next half decade. That enormous expense will be borne mostly by network operators, companies like AT&T, China Mobile, Deutsche Telekom, Vodafone, and dozens more around the world that provide cellular service to their customers. Facing such an immense cost, these operators asked a very reasonable question: How can we make this cheaper and more flexible?

Their answer: Make it possible to mix and match network components from different companies, with the goal of fostering more competition and driving down prices. At the same time, they sparked a schism within the industry over how wireless networks should be built. Their opponents—and sometimes begrudging partners—are the handful of telecom-equipment vendors capable of providing the hardware the network operators have been buying and deploying for years.

Keep Reading ↓ Show less