Cyber wrap
10 Jun 2015|

Cyber thief

In what’s believed to be potentially the largest compromise of US government employee information ever, the US Office of Personnel Management (OPM) was recently breached by hackers. The Department of Homeland Security announced that malicious software was detected on OPM’s system in April, and by May they had established the scale of the data compromise, with roughly 4 million workers ‘likely affected’.  The attack targeted both the OPM’s IT network and its offsite data at the Department of the Interior’s shared facility for government agencies, though there’s been no word as of yet if any other departments were compromised.

The motives behind the attack are numerous. Names, dates of birth and social security numbers, can be used in identity theft and financial crime, but officials are concerned this information will also ‘help hackers test potential passwords to other sites’ that government workers have access to.

Speaking at a G7 press conference about the breach, President Obama wouldn’t confirm which country the attacks originated from and called on Congress to pass stalled cyber legislation to help address ‘significant vulnerabilities’. Jim Langevin, the ranking Democratic member of the House Subcommittee on Emerging Threats and Capabilities was somewhat more explicit when laying blame:

We know that the attack occurred from somewhere in China, but we don’t know whether it was an individual or a group or a nation-state attack.

Turning now to Asia, the Indian government has put its money where its mouth is, freeing up funds to set up its National Cyber Coordination Centre. Indian Communications and IT Minister Ravi Shankar Prasad made the announcement that Rs 770 crore (about AU$157 million) will be allocated to set up the new centre. The government has also approved the establishment of a Botnet Cleaning and Malware Analysis Centre to the tune of Rs 90.5 crore (over AU$18 million). The new centre will co-ordinate cyber activities among India’s intelligence agencies and spearhead responses to major events. The body is also set to work with Indian ISPs to access metadata, creating concerns that the body will become an ‘Indian cyber snooping agency.’

Indonesia has made public its own plans for a national cyber body, with Coordinating Political, Legal and Security Affairs Minister Tedjo Edhy Purdijatno telling a recent symposium that the government was hoping to put aside funds for the body in next year’s budget. Tedjo explained that each of the country’s defence and law enforcement bodies had a cybercrime unit, ‘but they lacked coordination and were slow to pick up on new technologies’. The new body would bring together representatives ‘from the National Police, the military (TNI), the National Intelligence Agency (BIN) and the Communications and Information Ministry among others’. Indonesian cyber expert, and advisor to Mr. Purdijanto, Yono Reksoprodjo, carried out a short Q&A with the Wall Street Journal about the Centre which you can find here.

Regular readers may recall the Bundestag hacking attempt mentioned previously in Cyber wrap. Officials within the German government have reportedly managed to read parts of source-code used in the hack, which has led them to believe that it was a state-backed Russian infiltration attempt. The Trojan Malware was very similar in nature to one used in an earlier attack on a German data network, helping investigators to make the link.