By Byron Acohido, ThirdCertainty
Chinese hackers have penetrated some FBI agents’ personnel files in a breach with potentially dangerous national security implications. The FBI, along with the Department of Homeland Security, is not only responsible for investigating the breach of the Office of Personnel Management by suspected Chinese cyber thieves, but is principally responsible for detecting domestic terrorist plots and foreign spies. The extent of the FBI penetration is unknown. An FBI source said he was notified by OPM that his personnel file had been penetrated. “This is the second notification that I’ve been breached,” the agent said on condition of anonymity. “They got me through Anthem Blue Cross, now they have me through OPM.” Source: Newsweek
Guarding those who guard America’s skies
The Air Force wants to improve its cyber defense by going on the offense. The service has put out two contract requests that would allow it to proactively defend itself. Officials hope the improvements will actively delay and deny hackers, or provide them with false information to make them believe they have breached cybersecurity defenses. The military is hoping to force cyber opponents to “spend more, cope with greater levels of complexity and uncertainty, and accept greater risks of exposure and detection due to the significantly increased requirements for reconnaissance and intelligence collection on DoD networks,” a statement said. Source: The Air Force Times
On the upswing
Last year, financial institutions raised by nearly 20 percent the total limits of their cyber coverage with Marsh, a global insurance broker and unit of Marsh & McLennan, to an average of $23.5 million. Premiums for a $10 million policy at financial institutions with less than $1 billion in revenue can run from $150,000 to $175,000 per year, Marsh says. About 50 insurance carriers offer cyber insurance in the United States, including Ridge Insurance Solutions, a global insurance company launched in October by former Department of Homeland Security Secretary Tom Ridge. Source: Reuters
That’s your first response?
Two men accused of finding a woman’s body when they burglarized her home, then hiding the body and assuming her identity, have been arrested, said Ed Troyer, a Pierce County, Wash., sheriff’s spokesman. The two were arrested for investigation of multiple counts of theft and identity theft. Investigators said the 63-year-old woman died of natural causes. The two men were accused of going to the home to burglarize it sometime after the woman died and finding her body. “They took the body away and … hid it … under a bale of hay,” Troyer said. Source: KOMO-TV, Seattle
Breaking the record
A New York City man has been charged with running an identity-theft scheme in which he pretended to be a record company executive to use job applicants’ personal information. New York Attorney General Eric Schneiderman says Sharif King was arrested on charges of identity theft, forgery, grand larceny and insurance fraud. Schneiderman says King posted jobs online for his purported record label, requesting personal information from applicants, including their date of birth, address and Social Security number. King allegedly used the information to open credit cards in the names of the victims. King pleaded not guilty. Source: The Associated Press via The Washington Times
He shoots, he scores a drone
If you’re flying a drone, keep an eye out for shotgun-wielding neighbors. Californian Eric Joe has turned to the courts to seek damages after his drone was shot down. Joe says his drone was on his own property at the time and wasn’t fitted with recording equipment. Brett McBay, the neighbor accused of firing the shot, said he thought the drone was a CIA surveillance device and has refused to pay the $850 awarded to Joe in small claims court. “Next time, let us know you’re testing surveillance equipment in our area,” McBay wrote in an email. “I also ask you the courtesy of not shooting live ammunition in our direction,” Joe countered. Source: Digital Trends
Bad boys, bad boys, what you gonna do?
Twin brothers pleaded guilty in federal court to computer hacking schemes that involved stealing credit card information, breaking into State Department computers and getting data from a private company. Muneeb and Sohaib Akhter admitted that they used their positions as government contractors to carry out intrusions and tried to thwart the investigation, according to the U.S. Attorney’s Office for the Eastern District of Virginia. The brothers were recognized in 2011 for being the youngest graduates from George Mason University that year. Later, they got a $200,000 research grant from the Defense Advanced Research Project Agency. Source: The Washington Post
Key to my heart, and everything else
Cisco has a vulnerability in several network security virtual appliances that could give someone unlimited access to them — default, pre-authorized keys intended for customer support. Cisco has released software patches, but there’s no temporary workaround for systems that can’t immediately be patched. There are two vulnerabilities. The first is that virtual machines share a default authorized SSH key for remote log-in, meaning that if an attacker has the key from one Cisco virtual appliance, he could use it to connect to any other virtual appliance reachable over the Internet. The second is “a preinstalled set of SSH host keys that allow access to communication secured by those keys,” Cisco’s security team warned. Source: Ars Technica