Crossroads Blog | Institute National Security and Counterterrorism

Cyber Attacks, Data Breaches, GCHQ

Cyber Round Up: Target Pays $39M for Data Breach Settlement, GCHQ Accused of ‘Persistent’ Illegal Hacking at Security Tribunal, The Evolution of DDoS Attacks in 2015

  • Target Pays $39M To Settle Card Issuers’ Data Breach Claims (Law360): According to Law360, Target Corp. has agreed to a $39M settlement related to a data breach of over 40M payment cards used at Target in 2013.  Law360 reports that up to $20.25M will be paid to settlement class members while  $19.1M will be paid to MasterCard’s Account Data Compromise program.  The article indicates that this settlement sends a strong message that financial institutions may not always have to bear the costs related to merchant data breaches where the merchant is at fault for the breach.  The full article is available at Law360.
  • GCHQ Accused of ‘persistent’ Illegal Hacking at Security Tribunal (TheGuardian): The Government Communications Headquarters (“GCHQ”) recently admitted to a security tribunal that GCHQ carries out “persistent” illegal hacking of networks, computers, and mobile devices using broad theme-based warrants that allegedly circumvent privacy safeguards, according to the article.  The article indicates that the Investigatory Powers Tribunal (“IPT”) was told that cameras and microphones have been remotely activated without the user’s knowledge, personal documents and photographs have been exfiltrated, and metadata related to location has been mined by GCHQ.  The article indicates that GCHQ activities first came to light following the Snowden revelations which disclosed the GCHQ “smurf” program.  The Smurf malware program includes:

Nosey Smurf: uses malware to remotely activate microphones on mobile devices;
Dreamy Smurf: which can remotely power on smartphones; and
Tracker Smurf: which provides GPS location data of smartphones

According to the article, which can be found here.

  • The Evolution of DDoS Attacks in 2015 (ITProPortal): Andrew Lemke, a Security Strategist, discusses some of the major Distributed Denial of Service (“DDoS”) attacks that occurred in 2015, in an article appearing at ITProPortal.  The article outlines the following attacks:

GitHub Code Sharing: this attack has been traced to China and injected script into browser sessions in order to recruit users to launch the DDoS;

A Similar technique has been used with BitTorrent to create distributive reflective denial-of-service (DRDoS) attacks; in that scenario, a single computer can be used to generate traffic from multiple sources on the BitTorrent network.  Researchers indicate that the “amplification” factor can reach as high as 120;

A new and as yet unused attack is termed “temporal licensing”.  Under this attack multiple packets are sent across different routes but are timed to arrive simultaneously at the destination; thereby overwhelming the target host.

The full article can be found here.

Leave a Reply

Bitnami