Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label U.S. military. Show all posts

U.S. Nuclear Facilities Witnesses Hacking and Espionage Threats


A cybersecurity company has discovered a North Korean hacking group that illicitly obtained nearly 100 gigabytes of data over the course of a months-long intrusion. Regulators started to look into Tuesday’s cyberattack on the financial trading group ION. 

Reportedly, the hackers targeted U.S. nuclear facilities, considered one of the most strictly regulated facilities in the U.S. Despite these protections, hackers are however driven to them due to the potential for espionage and other criminal activities. 

A Chinese spy balloon over Montana, which is a site of multiple nuclear missile silos, is the most recent alleged spying threat. President Biden has been advised by military advisors to not shoot the balloon down. NBC News was the first to report on the incident. 

Brig. Gen. Patrick Ryder, a Pentagon spokesperson says “the U.S. government acted immediately to prevent against the collection of sensitive information, once it spotted the balloon.” 

According to Ryder, the U.S. government has seen a similar pattern of behavior for "several years." Similar balloons had previously been spotted over Hawaii and Guam, which are home to U.S. military facilities, says a U.S. intelligence official. 

On Thursday, Leaders from two House committees requested the Energy Department to provide them with documents pertaining to cyberattacks by alleged Russian threat actors targeting U.S. national nuclear laboratories. 

According to a Reuters article from last month, James Pearson and Chris Bing, Russian hackers known as Cold River targeted nuclear scientists at Brookhaven, Argonne, and Lawrence Livermore laboratories last summer. 

“Although it is unclear whether the attempted intrusions were successful, it is alarming that a hostile foreign adversary targeted government labs working on scientific research critical to the national security and competitiveness of the United States,” Reps. James Comer (R-Ky.), chair of the Oversight and Accountability panel, and Frank D. Lucas (R-Okla.), chair of the Science, Space, and Technology Committee, wrote in a letter seeking communications between agencies, labs, and contractors[…] "Hackers who got into the U.S. nuclear command and control system could, theoretically, “trigger a false alarm, making us think that Russian nuclear weapons were on their way” 

The report indicated the president to take a decision on whether to launch a strike in counter, says former White House cybersecurity adviser Richard Clarke in a video for the nonprofit Nuclear Threat Initiative last year. 

State of Defense by the U.S. Government 

The Biden administration has been attempting to impose minimal security requirements on other industries, but the nuclear industry is already among the most regulated, along with the financial services sector and defense contractors. In a recent interview, a White House representative who requested anonymity to speak more openly about the subject said that the NRC “has really strict rules.” 

The NRC initially installed cybersecurity protocols in place in the early 2000s. Under the existing regulations, nuclear power plant operators were required to submit security plans to the agency for approval. This summer, more cybersecurity guidelines for fuel cycle facilities are anticipated from the NRC. Less regulation impacts the security of American nuclear weapons than the NSA's ability to safeguard them. 

According to a 2019 study by the agency's inspector general, the NRC is required to change its approaches to cybersecurity inspections at nuclear plants in order to emphasize more on monitoring performance. The report also stated that “the inspection program faces future staffing challenges because demographic and resource constraints work against optimal staffing.” 

The NNSA “and its contractors have not fully implemented six foundational cybersecurity risk practices in its traditional IT environment,” according to a report from the Government Accountability Office from last year. The nuclear weapons IT environments and NNSA's operational technology environments "have not fully implemented these practices,”  it stated.  

Military Device Comprising of Thousands of Peoples' Biometric Data Sold on eBay


The last time the U.S. military used its Secure Electronic Enrollment Kit (SEEK II) devices was more than ten years ago, close to Kandahar, Afghanistan. The bulky black rectangle piece of technology, which was used to scan fingerprints and irises, was switched off and put away.

That is, until Matthias Marx, a German security researcher, purchased the device for $68 off of eBay in August 2022 (a steal, at about half the listed price). Marx had unintentionally acquired sensitive, identifying information on thousands of people for the cheap, low price of less than $70. The biometric fingerprint and iris scans of 2,632 people were accompanied by names, nationalities, photographs, and extensive descriptions, according to a story by The New York Times. 

From the war zone areas to the government equipment sale to the eBay delivery, it seems that not a single Pentagon official had the foresight to remove the memory card out of the specific SEEK II that Marx ended up with. The researcher told the Times, “The irresponsible handling of this high-risk technology is unbelievable […] It is incomprehensible to us that the manufacturer and former military users do not care that used devices with sensitive data are being hawked online.”  

According to the Times, the majority of the data in the SEEK II was gathered on people who the American military has designated as terrorists or wanted people. Others, however, were only ordinary citizens who had been detained at Middle Eastern checkpoints or even people who had aided the American administration. 

Additionally, all of that information might be utilized to locate someone, making the devices and related data exceedingly hazardous, if they ended up in the wrong hands. For instance, the Taliban may have a personal motive for tracking down and punishing anyone who cooperated with U.S. forces in the area. 

Marx and his co-researchers from Chaos Computer Club, which claims to be the largest hacker group in Europe, purchased the SSEK II and five other biometric capture devices- all from eBay. The group then went on with analyzing the devices for potential flaws, following a 2021 report by The Intercept, regarding military tech seize by the Taliban. 

Marx was nonetheless concerned by the extent of what he discovered, despite the fact that he had set out from the start to assess the risks connected with biometric devices. The Times reports that a second SEEK II purchased by CCC and last used in Jordan in 2013 contained data on U.S. troops—likely gathered during training—in addition to the thousands of individuals identified on the single SEEK II device last used in Afghanistan.