by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : September 30, 2016
6 171 42 9 13 1 22 3419 25 56 THE2O16FEDERALLIST This hack received the most No. 1 votes from respondents. The Shadow Brokers leaked a payload of zero-day exploits allegedly lifted from a National Security Agency server. Opinion is divided over whether it was a true hack or an insider operation. Questions also persist about whether NSA shared information about the vulnerabilities it had collected with entities such as the Defense Department and the FBI so they could protect their systems. Regardless, the incident set off a number of alarm bells when the Shadow Brokers went public. Experts say the hack will deepen the conversation about the government’s obligation to share information on vulnerabilities so that industry can patch them. “Engineers and analysts 8 September 30, 2016 FCW.COM are so far unable to determine whether the hack originated from Russian intelligence services or a disgruntled insider posing as Russian intelligence,” said Jonathan Barrett, a security services engineer at Vectra Networks. “Regardless, the penetration of such a highly regarded organization demonstrates what serious security professionals already know: Everyone is vulnerable.” Immunity CEO Dave Aitel added, “State-sponsored cyber espionage certainly isn’t new or surprising. What is, however, is Russia’s willingness to aggressively engage U.S. Shadow Brokers’ hack of NSAaffiliated Equation Group cyber assets and escalate the confrontation as the U.S. responds.” 2 3 Democratic National in the Philippines and Vietnam. Michael Angelo, chief security Committee hack This hack received multiple votes because it was most directly attributed to a nation-state (Russia) seeking to influence a U.S. election. Experts also said the leak of nearly 20,000 email messages raised concerns about the poor level of security used by Democratic Party entities and warned that there could be more of this kind of criminal activity in the works. “This attack exceeded the bounds of typical state cyber espionage activity,” Aitel said. “It also creates an intellectual problem: At what point does a foreign government’s attempt to influence an election cross the line? This Russian operation points out the murkiness and uncertainty of U.S. policy when it comes to offensive cyber operations against it.” SWIFT hack of Bangladesh’s central bank In February, hackers allegedly connected to North Korea stole $81 million from Bangladesh’s central bank by manipulating Society for Worldwide Interbank Financial Telecommunication (SWIFT) protocols. It’s possible they also made similar attempts on banks architect at Micro Focus, said it was the most significant hack of the year. “SWIFT is, for all purposes, the intra-banking communications system,” he said. ”It has not been updated (significantly) in almost 25 years. Yet the usage models of the banks have — think Internet and telebanking.” “In multiple attacks disclosed this year, criminals infiltrated bank networks to obtain access to terminals connected to the SWIFT transfer network,” said Ryan Olson, intelligence director at Palo Alto Networks’ Unit 42. “The criminals learned the banks’ processes and wrote code to cover their tracks and, in at least one case, successfully stole over $80 million.” “Data manipulation and record deletion attacks on financial institutions are two things we should be deeply concerned about, particularly as countries leverage offensive cyber capabilities as extensions of or alternatives to traditional military power,” Aitel said. 4 Ransomware attacks on hospitals Hackers have infiltrated networks at a number of hospitals and locked down files and systems, forcing the hospitals to pay a ransom to regain access. Olson put the attacks at the top of his list. “Most ransomware infections are opportunistic, but there is good
September 15, 2016