NASA laptop stolen, contained control algorithms for the International Space Station

• In 2010 and 2011 NASA reported 5,408 computer security incidents ranging from the installation of malware on a computer, through the theft of devices and cyber attacks suspected to be from foreign intelligence agencies.
• 47 incidents were identified as Advance Persistent Threat attacks, and of these, 13 were successful in compromising the agency’s computer systems
• In an example of such an incident, attackers from Chinese-based IP addresses gained full access to a number of key JPL systems giving them the ability to:
• Modify, copy or delete sensitive files
• Add, modify or delete user accounts for mission critical systems
• Upload hacking tools (keyloggers, rootkits) to steal user credentials and thereby compromise other NASA systems
• Modify or corrupt the system logs to conceal their actions
• Some of the breaches have resulted in the unauthorized release of Personally Identifiable Information, the disclosure of sensitive export-controlled data and 3rd party intellectual property
• Inspector General Testimony before Congress re: IT Security
• Discovery News Coverage

Windows Azure suffers worldwide outage

• The Microsoft Azure Cloud service was down for most of the day on February 29th
• The Service Management system was down for over 9 hours
• Azure Data Sync was down form 2012–02–29 08:00 through 2012–03–01 03:00 UTC
• Microsoft says that the outage appears to have been caused by a leap year bug
• “28 February, 2012 at 5:45 PM PST Windows Azure operations became aware of an issue impacting the compute service in a number of regions,”
• “While final root cause analysis is in progress, this issue appears to be due to a time calculation that was incorrect for the leap year.”
• Microsoft Azure Service Dashboard
• The outage also effected the UK Government’s ‘G-Cloud’ CloudStore
• TechWeek Europe Coverage
• Slashdot Coverage – Outage – Root Cause
• PCWorld – Previous Microsoft problems with Leap Years

Wikileaks releases the data stolen in the StratFor compromise

• The Global Intelligence Files – List of Releases
• US Government has had sealed indictment for Julian Assange for over a year
• Slashdot Coverage
• Details of StratFor read remarkably similar to Tom Clancy’s Teeth of the Tiger

Feedback:

Q: Robert Bishop Writes: Can I Secure my network with multiple NAT routers to isolate a system?

War Story:

This is a war story with a difference, as it didn’t involve some crazy user doing some bat shit crazy thing with their computer. It was simply a call to one of the tech support agents where the user wanted to know the following:

“What is the exact chemical composition of the battery in the Thinkpad 760 XD?”
“What are the recommended disposal procedures for said battery?”
“Can you tell me what would happen to the battery if it ruptured in a vacuum environment?”
“If the battery were to overheat, how volatile would the liquid effluent be?”

I doubt the user could have even gotten the questions out and taken a breath before the agent put them on hold and ran for help. The agent walked over to the second level support area rather than call as per procedure. After a good five minutes of talking, nobody could really answer the questions and worse, we couldn’t figure out what part of the company might actually have those answers.

As with all good tech support strategies we decided a two pronged approach – the agent would get back on with the user and stall for time while the rest of us would frantically hunt down any possible source of information that could help. We told the agent to ask why the user needed such detailed information and if it was a weak answer to push for a callback to buy even more time.

Some twenty minutes later the agent came back over to us with some interesting details on what was going on. It was all a misunderstanding. The user was supposed to call some private support number at IBM and not the public number. Our enterprising young agent did pull a fast one and offer to transfer the user to the number directly. The user provided the number and the agent promptly connected the call, then hit mute and stayed on the line. An American accent answered, the user responded and provided an account code upon request.

The tech on the private number acknowledged that the user was calling from NASA – Blackhawk Technologies Subsidiary. Apparently the shuttle program had 4 of those laptops on each mission – 1 primary and 3 redundant backups just in case. Suddenly the tricky questions all made sense. And eavesdropping can kill curiosity can never be a bad thing, right?

Round Up:

• Black March 2012
• Cyberattack by Anonymous on the Vatican reveals insights
• Anonymous members arrested after Interpol investigation
• EFF releases browser plugin to help detect bogus SSL certificates
• Verisign seizes .com domain registered via foreign Registrar on behalf of US Authorities. » blog2.easydns.org
• Schmidt: UN treaty a ‘disaster’ for the internet
• 50% of Data Center Outages caused by vendors and non-data center staff
• [Hall of Shame] Stratfor – Submitted by manwich2000 for using the password “stratfor” and getting hacked by Anonymous.