Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label DOD. Show all posts

Massive Data Breach Exposes Social Security Numbers of 2.9 Billion People

 


A significant data breach has reportedly compromised the personal information of 2.9 billion people, potentially affecting the majority of Americans. A hacking group known as USDoD claims to have stolen this data, which includes highly sensitive information such as Social Security numbers, full names, addresses, dates of birth, and phone numbers. This development has raised alarm due to the vast scope of the breach and the critical nature of the information involved. The breach was first reported by the Los Angeles Times, which revealed that the hacker group is offering the stolen data for sale. 

The breach allegedly stems from National Public Data, a company that collects and stores personal information to facilitate background checks. The company has not formally confirmed the breach but did acknowledge purging its entire database. According to National Public Data, they have deleted all non-public information, although they stopped short of admitting that the data had been compromised. In April, the hacking group USDoD claimed responsibility for the breach, stating that it had obtained the personal information of billions of people. This led to a class-action lawsuit against National Public Data, as victims sought redress for the potential misuse of their sensitive information. 

The lawsuit has intensified scrutiny on the company’s data security practices, particularly given the critical nature of the information it manages. The potential consequences of this breach are severe. The stolen data, which includes Social Security numbers, could be used for a variety of malicious activities, including identity theft, fraud, and other forms of cybercrime. The scale of the breach also highlights the ongoing challenges in safeguarding personal information, particularly when it is collected and stored by third-party companies. As investigations continue, the breach underscores the urgent need for stronger data protection measures. 

Companies that handle sensitive information must ensure that they have robust security protocols in place to prevent such incidents. The breach also raises questions about the transparency and responsibility of organizations when dealing with personal data. In the meantime, consumers and businesses are on high alert, awaiting further developments and the potential fallout from one of the largest data breaches in history. The incident serves as a stark reminder of the risks associated with data storage and the critical importance of cybersecurity.

DOD Officially Launches New Cyber Policy Office

 

The Office of the Assistant Secretary of Defence for Cyber Policy has been formally constituted, the Pentagon announced in a statement last week. Congress directed the Pentagon to set up the office, elevating cyber policy within the office of the Secretary of Defence, as mandated by the fiscal 2023 National Defence Authorization Act. 

There was some backlash when the department chose to take extra time to consider what would fall within the purview of that agency, including the potential inclusion of electronic warfare and information warfare, rather than establishing it in the timescale lawmakers had initially asked for. 

The release states that it was finally created on March 20. 

“In standing up this office, the Department is giving cyber the focus and attention that Congress intended,” Sasha Baker, acting undersecretary of defense for policy, noted in a statement.

According to the Pentagon, the assistant secretary will report to the undersecretary of defence for policy and serve as the principal senior officer responsible for overseeing Department of Defence cyber strategy and operations. The official will be the DOD's top cyber advisor as well.

As to the press statement, the newly appointed assistant secretary will be the point of contact for the current deputy assistant secretary of defence for cyber policy.

The Pentagon stated that the new office's tasks include, among others: 

  • Creating, organising, assessing, and managing the implementation of DOD cyber policy and strategy. 
  • Overseeing and certifying the Department of Defense's cyberspace operations budget, as well as providing fiscal and budgetary oversight to the $3 billion annual execution of US Cyber Command's enhanced budget authority. 
  • Monitoring the programmes and actions related to cyber workforce development, recruiting, and retention. 
  • Managing the integration of cyberspace activities and capabilities into operational and contingency plans.
  • Developing DOD cyber policy advice for private sector outreach, engagement, and agreements. 
  • Leading the DOD's execution of national cyberspace policies. Leading the development, execution, and supervision of cybersecurity-related activities for security cooperation. 

Last month, President Biden revealed his intention to nominate Michael Sulmeyer to take on the new post. Sulmeyer is currently the Army's top cyber adviser and has previously held positions in the Pentagon, Cybercom, and the National Security Council relating to cyber policy and operations. 

Ashley Manning is acting as the assistant secretary until Sulmeyer is confirmed by the Senate.

DoD Claims: China’s ICS Cyber Onslaught Aims at Gaining Strategic Warfare Advantages


According to the US Department of Defense (DoD), China's relentless cyberattacks on vital infrastructure are likely a precautionary measure intended to obtain a strategic advantage in the event of violent warfare.

The Cyber Strategy released earlier this week by DoD has mentioned an increase in the state-sponsored cybercrime from People's Republic of China (PRC), particularly against sensitive targets that could affect military responses. 

According to the agency, this is done in order to "to counter US conventional military power and degrade the combat capability of the Joint Force."

The DoD claims in their report that the PRC "poses a broad and pervasive cyberespionage threat," monitoring movements of individual beyond its borders, and further acquiring technology secrets, and eroding the capabilities of the military-industrial complex. However, the NSA cautioned that the operation goes beyond routine information collecting.

"This malicious cyber activity informs the PRC's preparations for war[…]In the event of conflict, the PRC likely intends to launch destructive cyberattacks against the US Homeland in order to hinder military mobilization, sow chaos, and divert attention and resources. It will also likely seek to disrupt key networks which enable Joint Force power projection in combat," the report stated.

An Increasing Chinese Focus on Military Degradation

The notion that cyber activities can signal impending military action is consistent with predictions made earlier this year in the wake of the Volt Typhoon attacks by Microsoft and others. With a series of compromises that targeted telecom networks, power and water controls, US military bases at home and abroad, and other infrastructure whose disruption would interfere with actual military operations, the Beijing-backed advanced persistent threat (APT) made national headlines in the US in May, June, and July.

However, the operational technology (OT) used by the victims has not yet been impacted by the compromises. But, CISA Director Jen Easterly warned at Black Hat USA in August that if the US gets involved in a potential invasion of Taiwan, the Chinese government may be positioning itself to launch disruptive attacks on American pipelines, railroads, and other critical infrastructure.

"This APT moves laterally into environments, gaining access to areas in which it wouldn't traditionally reside[…]Additionally, this threat actor worked hard to cover their tracks by meticulously dumping all extracted memory and artifacts, making it difficult for security teams to pinpoint the level of infiltration," says Blake Benson, cyber lead at ABS Group Consulting.

Taking into account the military-focused cyber activities that can potentially entail collateral damage to bystander business, there could also be a sort of ‘anti-halo effect’ at work, according to John Gallagher, vice president of Viakoo Labs at Viakoo.

"Virtually all exploits launched by nation-states 'leak' over to non-nation-state threat actors[…]That means organizations who depend on IoT/OT systems will be direct targets at some point to the same threats being launched against national critical infrastructure," warns Gallagher.  

U.S. DOD Weapons Programs Struggles to Add 'Key' Cybersecurity Measures

 

The U.S. Defense Department failed to communicate cybersecurity guidelines to contractors tasked with building systems for its weapon programs, according to a new watchdog report, released on Thursday. While the agency has developed a range of policies aimed at strengthening the security for its weapon programs, the guidance misses out a key point – the contracts for securing various weapons. 

The U.S. government sanctions hundreds of billions of dollars each year for contracting various manufacturers, from military contractors to small businesses. In a new report released on Thursday, the U.S. Government Accountability Office (GAO) said, 60 percent of the contracts meet zero requirements when it comes to cybersecurity measures. 

According to the GAO report, three out of five contracts reviewed by them had no cybersecurity requirements written into the contract language when they were awarded, with only vague requirements added later. The Air Force was the only service with broad guidance to define cybersecurity requirements and incorporate them in contracts.

“Specifically, cybersecurity requirements should be defined in acquisition program contracts, and criteria should be established for accepting or rejecting the work and for how the government will verify that requirements have been met,” according to the GAO’s report.

The Defense Department (DOD) has a huge network of sophisticated weapons systems that need to resist cyberattacks in order to operate when required. But the DOD also has a documented history of discovering mission-critical security flaws within those programs due to what the GAO says is a lack of focus on weapon systems cybersecurity. 

“As we reported in 2018, DOD had not prioritized weapon systems cybersecurity until recently, and was still determining how best to address it during the acquisition process. The department had historically focused its cybersecurity efforts on protecting networks and traditional IT systems, and key acquisition and requirements policies did not focus on cybersecurity. AS a result, DOD likely designed and build many systems without adequate security,” the report read.