Thursday 7 November 2013

No Effort Spared to Find Hackers: PM Lee

By Kok Xing Hui, TODAY, 7 Nov 2013

The authorities will “spare no effort to try and track down” the person or group who had threatened — behind the veil of anonymity — to launch a cyber-attack on the Government’s IT infrastructure, Prime Minister Lee Hsien Loong said yesterday.

And if the culprits are successfully hunted down, they will be brought to justice and “dealt with severely”, Mr Lee said, adding that such a threat “is not a laughing matter”.

“It’s not just anything goes and you’re anonymous, therefore, there’s no responsibility. You may think you’re anonymous — we will make the extra effort to find out who you are,” he said.

Speaking to reporters on the sidelines of a counter-terrorism exercise involving 20 agencies, Mr Lee — making the first comments by a minister on the threat — added that the authorities have begun tracking down the perpetrators and that the Government has taken steps to “harden our system so it is not so vulnerable”.

The Government takes the threat “very seriously because our IT network, the Internet (and) our communications have become an essential part of our business and our lives now”. Mr Lee said: “If your network is down, you can’t connect, you can’t work, you can’t keep in touch with what’s happening in the world, with what’s happening whether it’s in your business, your family or in Singapore.”

Last Tuesday, a video was posted on YouTube that purportedly showed an anonymous hacker group threatening to attack infrastructure in Singapore because of discontent over the new licensing scheme for online news sites. The group claimed to be part of international hacker collective Anonymous. The person behind the hacking of several websites in Singapore, The Messiah, is also said to be part of Anonymous.

The police are investigating the YouTube video, as well as the hacking of The Straits Times website last Friday, for which The Messiah had claimed responsibility.

Information security expert Anthony Lim said the culprits can be tracked down, although it would require time and resources. Mr Lim, a member of the Application Security Advisory Board, explained that the authorities can flush out hackers by following digital trails, which “must come from a particular source”. He added that the Government has ample resources to do so and could tap the cooperation of foreign agencies if necessary.

The Republic’s robust response to national security threats was underlined yesterday at the culmination of a two-week counter-terrorism exercise, which was witnessed by Mr Lee and several other ministers, as well as senior officials from various ministries.

Exercise Highcrest was conducted to validate the full operational capability of the National Maritime Security System and involved 1,600 personnel from national agencies, including the Singapore Armed Forces, the Singapore Police Force, the Singapore Civil Defence Force and the Immigration & Checkpoints Authority. The exercise involved a hijacked ferry and hostage rescue, among several other scenarios.

It was the first simulated exercise where land and sea security agencies shared information and coordinated operational responses to a terrorist attack, beginning from when a threat is first identified.

Mr Lee said: “What we’ve been working on is the whole security system — that means the command and control, getting the intelligence, tracking the ships which are coming through the Straits of Singapore ... finding out which ones are suspicious, investigating them, making sure that nothing is amiss ... that is something which goes on day after day, 24 hours a day, quietly — without Singaporeans realising it.”

Hackers tried to bring down govt websites: IDA
Tuesday's attempt disclosed after PMO and Istana webpages are hit
By Irene Tham, The Straits Times, 9 Nov 2013

HACKERS had attempted to bring down government websites on Tuesday - the day they urged Singaporeans to mount a protest against the Government's new website licensing rules.

The Infocomm Development Authority (IDA) disclosed this yesterday, after a page on the Istana website was hacked at 12.20am yesterday, an hour after a similar attack on a webpage of the Prime Minister's Office (PMO) site.

Yesterday's intrusions - the first since hackers threatened to hit out at Singapore's infrastructure last week - did not compromise the integrity of the sites in any way, said IDA assistant chief executive James Kang at a media conference.

But in the Tuesday attempt, many government websites - including transactional ones - encountered unusual "spikes" in traffic throughout the day as hackers sought to bring them down through "distributed denial of service attacks (DDoS)", said Mr Kang.

DDoS is a technique used to take down a site by overwhelming it with huge amounts of Internet traffic. But they were unsuccessful and the only mischief they managed was with the affected pages yesterday.

"Data was not compromised, the site was not down and users were not affected," said Mr Kang.

The hacker, or hackers, used a technique called "cross site scripting (XSS)" and exploited a vulnerability in the embedded Google search bar which helps users to search for items within the site.

The attacks were designed to make the webpages look like the hackers had gained access into the sites when they had merely overlaid images over the webpages.

"We detected the exploits within 15 minutes and disabled the search bars within the hour," added Mr Kang.

Separately, security software firm Trend Micro said its analysis showed the PMO site "remains intact, with visits unaffected".

The image on PMO's page carried the mocking headline: "It's great to be Singaporean today" next to the Anonymous hacker collective's trademark Guy Fawkes mask. Also on the page was the message: "ANONYMOUS SG WAS HERE BIATCH".

The hacked page on the Istana website had a picture of an old woman making an obscene sign.

The IDA confirmed that these were the images seen by users of the affected webpages. Their screengrabs have since been circulating online.

A patch was also being applied across government websites to secure them.

"The Singapore Government will continue to be on heightened vigilance," said Mr Kang, adding that it includes the checking and fixing of vulnerabilities. While this is in progress, access to government websites may experience intermittent problems, he added.

The CPF Board said last night its website and e-services are not available, from 9pm yesterday to 8am on Monday, as it is carrying out preventive maintenance to fortify them. Those who need urgent help can visit the service centres at Bishan, Jurong, Tampines and Woodlands during office hours.

The hackings came after Prime Minister Lee Hsien Loong issued a warning to hackers on Wednesday, saying the authorities will "spare no effort" to track down those who threaten to attack the country's computer networks and bring them to justice.

It was his first comment since a person, claiming to be from Anonymous, threatened in a YouTube video last Tuesday to hit out at Singapore's infrastructure to protest against new licensing rules for news websites.

Cyber criminals 'wielding more powerful malware'
Standard security measures cannot handle IT network threats: US expert
By Grace Chng, The Straits Times, 7 Nov 2013

CYBER criminals have become so adept that standard anti-virus software and firewalls cannot properly protect IT networks, according to an American expert.

Security specialist Tom Kellerman told The Straits Times that hackers now go to underground bazaars to buy purpose-built software that can bypass standard protections.

Developers of malicious software, or malware, have created stealthier and more intelligent strains that can stay undetected for a longer time so they can keep stealing data in the network, he noted.

"To maintain access without discovery, the malware can continuously rewrite its own code so as to evade detection," added Mr Kellerman, vice-president of software security firm Trend Micro.

He had served as Commissioner for Cyber Security during President Barack Obama's first term.

Mr Kellerman estimates cyber crime cost about US$300 billion (S$373 billion) globally last year, including money lost to intellectual property and credit card theft.

This is more than the US$285 billion involved in crimes related to narcotics globally.

The danger is that the cyber criminals will soon expand to other areas like cyber extortion, he warned, noting: "They can extort money from a company... (by threatening to) inject malware to damage its IT networks."

Mr Kellerman was responding to the spate of online attacks that have hit Singapore websites. Recently, a YouTube video posted by a hacker called "Anonymous" threatened to bring down Singapore's infrastructure in a show of protest against licensing regulations on online news sites.

Last week, Ang Mo Kio Town Council's homepage was attacked and last Friday, a section of The Straits Times website was hit.

The threats to cyber security have prompted the Government to inject $130 million into a five-year programme to study areas like digital forensics and threat monitoring and detection. Some of the funds will also be used to train cyber security professionals.

Next year, Interpol will open an office here to examine cyber security.

Mr Chong Rong Hwa, senior security analyst at cyber security firm FireEye, said organisations need to focus on detective work and educating employees if they want to defeat the hackers.

"They need advanced technologies that can detect the intrusions and mitigate the attacks," he added.

IT network activity should be monitored and the data processed to pick out unusual trends that can indicate a targeted attack.

Mr Kellerman added that regular checks should also be made to ensure that the IT network and infrastructure have not been modified without approval.

Educating employees on the risk of sharing too much corporate information on social networks and how they relate to cyber security is also key to mitigating the attacks, he said.

Cyber threats can also be political in nature but they can have economic and financial consequences, said Mr Chong.

He said there are about six botnets that are circulating in IT networks in Singapore. A botnet is a network of PCs that are infected with malicious software and controlled as a group without the owners' knowledge.

Some are targeted against different industries and government agencies while others are aimed at senior executives.

"Some malicious software is embedded in text documents or Web browsers. If you download the documents or surf the Internet, then you will be infected," he said.

Mr Kellerman noted: "All organisations have been compromised by malware in some form or other and the volume and veracity of cyber threats are increasing exponentially.

"It is becoming imperative for companies to have security solutions that protect their networks and the devices that access the networks and which can work across all business groups."


No comments:

Post a Comment