Home Blog Page 75

Hackers post fake Tupac story on PBS website

Hackers infiltrated PBS’s website to post a fake story that rapper Tupac Shakur is alive and well, apparently as a rather bizarre act of retribution for a news item about Wikileaks.

"Prominent rapper Tupac has been found alive and well in a small resort in New Zealand, locals report," the story (cached) begins. "The small town – unnamed due to security risks – allegedly housed Tupac and BiggieSmalls (another rapper) for several years."

A group called LulzSec – which also claimed responsibility for the recent SonyMusic attack – has said it carried out the hack.

LulzSec took exception to the portrayal of Bradley Manning in PBS’s Frontline news program. "We just finished watching WikiSecrets and were less than impressed," the group says.

As well as injecting pages into the PBS site, the group posted usernames and hashed passwords for the database administrators and users – as well as the logins of all PBS local affiliates, including their plain text passwords.

"There was absolutely no skill involved in this attack, as it used freely available tools to exploit the databases," says Sophos security expert Chester Wisniewski.

"The attackers represent nothing more than what many historically thought of as hackers: people creating chaos with no other purpose than gaining fame, irrespective of the damage caused."

The story remained live on the site for about an hour before it was taken down.


Intern discovers universe’s missing mass

A short-term intern at Australia’s Monash University appears to have cracked a problem that’s been baffling astrophysicists for decades – the so-called missing mass problem.

It’s been known for some time that the universe contains much more mass than is visible in the form of stars, planets and other objects.

"It was thought from a theoretical viewpoint that there should be about double the amount of matter in the local universe compared to what was observed.  It was predicted that the majority of this missing mass should be located in large-scale cosmic structures called filaments – a bit like thick shoelaces," says Dr Kevin Pimbblet of the School of Physics.

And during a three-month internship with the department, aerospace engineering student AmeliaFraser-McKelvie carried out a targeted X-ray search for the matter – and seems to have found some of it.

Astrophysicists had predicted that the mass would be low in density, but high in temperature – around a million degrees Celsius. This meant that, in theory, the matter should have been observable at X-ray wavelengths – just where Fraser-McKelvie saw it.

Until now, astrophysicists had been making deductions based only on numerical models, so the discovery is a huge step forward in determining what amount of mass is actually contained within filaments.

"I cannot underscore enough what a terrific achievement this is," says Pimbblet. "We will use this research as a science driver for future telescopes that are being planned, such as the Australian Square Kilometre Array Pathfinder, which is being built in outback Western Australia."

‘Digital ants’ check networks for viruses

Wake Forest University professor Errin Fulp is training an army of ‘digital ants’ designed to patrol the power grid and protect it from viruses.

If it works, it could be a lifesaver for Supervisory Control and Data Acquisition (SCADA) networks, which nowadays control everything from water and sewer management systems to transport and manufacturing systems.

The power grid is probably more vulnerable to cyber attacks than security experts would like to admit, says Fulp. The problem is such systems’ high level of interconnectedness, which gives hackers more points to enter the system – in a home’s smart grid, for example.

"When that network connects to a power source, which connects to the smart grid, you have a jumping off point," he says. "A cyber attack can have a real physical result of shutting off power to a city or a nuclear power plant."

Fulp’s digital ants wander through computer networks looking for threats such as computer worms. When it finds one, it summons an army of ants to converge at that location, drawing the attention of human operators to investigate.

"The idea is to deploy thousands of different types of digital ants, each looking for evidence of a threat," says Fulp.

"As they move about the network, they leave digital trails modeled after the scent trails ants in nature use to guide other ants. Each time a digital ant identifies some evidence, it is programmed to leave behind a stronger scent. Stronger scent trails attract more ants, producing the swarm that marks a potential computer infection."

The team’s found the system to be successful on a small scale, but now plans to scale it up to test whether it can work with something as large and complex as the nation’s power grid.

Hackers target Lockheed Martin

Lockheed Martin confirmed on Saturday that it’s been the target of a ‘significant and tenacious’ hacking attack.

The company – the US’ biggest military contractor – says it fought the attack off successfully.

"The company’s information security team detected the attack almost immediately, and took aggressive actions to protect all systems and data," it says in a statement.

"As a result of the swift and deliberate actions taken to protect the network and increase IT security, our systems remain secure; no customer, program or employee personal data has been compromised."

The company blocked all remote access to the internal network, and is requiring all its 100,000 users to change their passwords. It’s also replacing all RSA SecureID tokens – interesting, as it indicates that the attack may be linked to the security breach suffered by RSA itself in March.

At the time, RSA gave little information about exactly what data had been stolen, but there were fears that it included the seed codes for clients that would allow attackers to generate the time-based code allowing access to client systems.

"Is it possible that whatever information was stolen from RSA helped the hackers break into Lockheed Martin? If that’s the case, that’s worrying news for businesses around the world," says Graham Cluley of security firm Sophos.

"An unnamed source with direct knowledge of the attacks is said to have confirmed to Reuters that other military contractors have also been compromised."

It’s not known who’s behind the Lockheed Martin attack. Some observers are suggesting that it could be a foreign government – China or Russia perhaps.