Even wondered what countries are under cyberattack right now?
Google may have the answer for you. By teaming up with Arbor Networks, Google Ideas team has created a visualisation of all the distributed denial of service (DDoS) attacks around the world.
DDoS are among the most common, effective and hard to face attacks websites can suffer. They are launched using so-called botnets of hijacked computers that are simultaneously instructed to connect to a particular website thus consuming all the available bandwidth or the web server’s resources, slowing the site down significantly or taking it offline.
DDoS have become the tools used by hacktivists and attackers driven by political reasons to hit websites of organizations they dislike: a way to digitally silence those organizations.
Even though it can’t bring down the enemy’s military forces, or a whole society’s infrastructure, considered the effect it can have on a specific company, agency or service, a DDoS attack is one of the tools in the hands of cyber army teams around the world to wage, if not a full scale cyberwar (that would rely on APTs and multiple kinds of attacks), at least cyberguerrilla operations.
For instance, the Syrian Electronic Army, a collection of pro-government computer hackers aligned with Syrian President Bashar al-Assad, has used DDoS attacks to target media organization websites in their attempt to support the Syrian regime.
Anyway, the new tool, Digital Attack Map, gives a clear idea of what is happening in the cyberspace, and lets you look back through at historic attacks, source and destination ports used in the attacks, and select specific countries.
Aeroflot 150 is a scheduled flight from Moscow, Russia, to Havana, Cuba.
It is flown by an Airbus A330 and, as any scheduled commercial liner, unless something very special happens, it always takes the same route to Cuba.
However, on Jul. 11 it flew a different route, a southern route that completely avoids the U.S. airspace (for the history of such flight in the last weeks take a look here). Furthermore, AFL150 is the same flight believed to be carrying the NSA leaker Edward Snowden a couple of weeks ago, when some journalist boarded the plane to find the accused spy’s seat empty.
Image credit: FlightAware
Even if such a significant change of route is at least unusual, it might be explained by the bad weather affecting U.S. East Coast.
At the time of writing, the aircraft is about to land at Int’l José Martí airport in Havana. If Snowden is on board, we’ll know very soon.
The U.S. Air Force is trying to turn the targeting pods carried by some of its legacy fighters and the B-1 Lancer bomber, into flying wireless routers that would allow ground troops to communicate each other.
Tested by the 40th Flight Test Squadron at Eglin Air Force Base, Florida, on an A-10 Warthog, the flying router is a software upgrade called Net-T (network tactical) for the Litening II and Sniper advanced targeting pods.
Image credit: U.S. Air Force
It allows ground units on patrol to interconnect each other by way of Remote Operations Video Enhanced Receiver (ROVER) 5, a portable terminal similar to a tablet or a mini-iPAD that JTACs (Joint Terminal Attack Controllers) use to receive realtime footage from the aircraft targeting pods.
ROVER systems are used by JTACs to determine whether the pilot on a nearby combat plane is cueing the weapons to the correct ground target.
Until now, ROVERs could only upload and download data from a nearby aircraft. With the new capability, that has begun developmental testing in October 2012 and flown 23 sorties so far, data streams from different terminals will be routed by the pod.
In other words, different units on the ground, in “line of sight” to the fighter plane, will be able to exchange imagery, maps and any file type without relying on satellite or radio communication.
Obviously, such wireless network will need to be protected with proper security measures, in order to prevent enemy from eavesdropping traffic or sending malware to the various peers.
According to Maj. Olivia Elliot, the 40th FLTS A-10 flight commander who undertook the test flight for the Warthog, the Net-T portion of the targeting pod is quite easy to operate and once the proper settings are configured “it’s a single button push” and the pilot’s only concern is to remain within range of the system.
Image credit: U.S. Air Force
During testing activity aimed to discover the operational envelope of the system, five ROVER terminals were set up within the Eglin range and data exchange was tested on a variety of aircraft and pod types, including F-16, F-15E and B-1B.
Such tests by 53rd Wing’s “Team Eglin” will be used to validate the system, that is expected to enter the active service by 2014.
It is not a secret that modern military heavily relies on digital systems.
Just have a look at the cockpit of a fighter jet, bomber or helicopter (even if the same is for warships, tanks, etc.) and you’ll be struck by the lack of traditional old-fashioned analog gauges: they are filled with multi-function LCD screens and other electronic instruments to such an extent they are known as “glass cockpits”.
Actually, digital technologies also equip flight helmets that are interconnected with the airplane to project relevant information, including aircraft’s airspeed, altitude, weapons status and aiming on the visor, enabling the pilot to look out in any direction with all the required data always in his field of vision.
Even if digital equipment has improved safety, reliability, accuracy of all weapons systems, they can still be the cause of some rather dangerous and embarrassing incidents.
Few days ago, USS Guardian, a U.S. Navy minesweeper en route to Indonesia, ran aground on the Tubattaha Reef on Jan. 17, and it looks like a digital chart used for navigation has been a significant contributing factor to the mishap.
Image via PressTV
Noteworthy, according to Navy Times (highlight mine): “as of Jan. 18, Navy ships have been directed to “operate with caution” when using similar electronic charts and compare the map data with paper charts, which are considered accurate.”
While the investigation will determine all the contributing factor to the incident, the preliminary analysis indicates that the reef was misplace as a result “from incorrect geographic rectification of satellite imagery used to built” the type of Digital Nautical Charts (DNC) used by the minesweeper and most USN ships.
The day after its discovery, there are few doubts that the infamous malware dubbed Flame (or sKyWIper) has been developed by a government with significant budget and effort. The complexity of the malware suggests that it has been used for a huge cyber-espionage campaign and, easily predictable, Israel is listed as the main culprit, even if in good company if it is true, as argued by some bloggers, that the malware was created by a strict cooperation coproduction between CIA and Mossad.
Israeli vice Premier Moshe Ya’alon has contributed to fuel the Flame: speaking in an interview with Army Radio, Ya’alon has hinted that Jerusalem could be behind the cyber attack, saying “Israel is blessed to be a nation possessing superior technology. These achievements of ours open up all kinds of possibilities for us.” In light of this statement, it does not appear a simple coincidence the fact that the main victims of the cyber weapon, as reported by Kaspersky Lab, are nations who may not be just considered in good neighborhood relations with Israel.
Consequently it is not that surprise the fact that the same interview has been readily reported by the Iranian News Agency Fars (which has interpreted it as a sign of liability and has hence blamed Israel for waging cyber war in Iran) as well as it is not that surprise the tone of several comments to an article posted on the Haaretz newspaper’s Web site (“Nice One Israel, Proud of You!!!!”).
Of course it is too soon to jump to conclusion,in any case, whether Israel (and U.S.) is behind Flame or not, I could not help but wonder how it is possible that a malware has been able to go undetected for at least 5 years. Are endpoint protection technologies really dead, leaving us at the mercy of a (cyber)world ruled by APTs?
If you want to have an idea of how fragile our data is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated) at hackmageddon.com. And follow the author of this article @paulsparrows on Twitter for the latest updates.