Connect with us

Cybersecurity

U.S. Officials: ISIS Seeking Means to Engage in Cyberwarfare

Published

on

ISIS hackers are now making strides to seek out the means to launch cyberattacks against critical government and civilian targets, according to U.S. officials.

// -- Discuss and ask questions in our community on Workplace.

Extremist group ISIS has reportedly amassed malicious hacker-sympathizers and other extremists to engage in open discourse about waging cyberattacks against several U.S. target, by communing in various online forums. Politico reports that media posted by ISIS sympathizers such as pictures and videos of airplane cockpits are rife among the forums, stirring up discussion to ponder hacking of onboard electronics.

A Lack of Sophistication

New York-based threat intelligence firm Flashpoint, whose analysts routinely monitor such conversations on online extremist forums confirm that the expertise and the necessary means to wage cyber-warfare still elude ISIS. This is the common consensus despite ISIS hackers routinely attempting to infiltrate the computers that keep the nation’s electricity grid going.

So far, the extent of ISIS’ cyberattacks has seen the infiltrating of U.S. military Twitter accounts and websites. Despite their limited reach, ISIS has repeatedly sought to improve their sophistication in cyberwarfare, according to Flashpoint terrorism analyst Alex Kassirer.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

Speaking to Politico, he notes:

The capability’s not there and that’s why we’re seeing these low-level attacks of opportunity. But that’s not to say it’s going to be that way going forward. They’re undoubtedly working on cultivating those skills.

Having the Technical Know-How

The means to ‘cultivating those skills’ is primarily achieved by a concentrated marketing campaign to appeal to a young, impressionable and tech savvy crowd by turning them into sympathizers. It is through a new generation of young minds who understand technology that ISIS has demonstrated the means to shield its communications and even escape surveillance measures against it.

In early December, Flashpoint reported on a detailed manual passed around by an ISIS supporter that encouraged the use of encryption-based messaging platform – Signal. The manual even detailed the means to acquire and use a fake phone number necessary to set up a Signal account, to completely do away with sharing any information.

Although such concealment measures can be argued as meager, they’re already a significant leap from techniques used by Al Qaeda, who employed couriers in order to communicate.

Kassirer added:

ISIS has really revolutionized how they use the tech sector, and their recruits tend to be younger individuals who grew up in the tech age.

Being proficient with the internet also enables ISIS to reach out and pay for hacking talent that isn’t available within the group’s ranks, typically from the Dark Web.

Vulnerabilities and Reinforcements

The U.S. has already felt the impact of a significant cyberattack this year with the OPM breach. The personal data and records of over 20 million federal employees were stolen in what is believed to be a state-sponsored cyberespionage attack. In what is certain to be an increasing spend, the U.S. government currently spends over $5 billion on its cyberdefense structure. The onus to ensure its cyber-defense readiness and structure is split between several federal departments including the Department of Defense and Homeland Security, the National Security Agency and the Federal Bureau of Investigation.

Meanwhile, the private cybersecurity industry is also seeing an increasing spend among private enterprise and companies. In a year that saw the infamous Ashley Madison breach and the OPM data breach, information security spending is poised to reach $75.4 billion.

Meanwhile ISIS has predominantly concentrated its efforts on physical destruction and violence such as the recent Paris attacks. It is speculated that cyberwarfare is the next front where a significant proportion of the war is waged.

In May, FBI Director James Comey warned:

Destructive malware is a bomb. Terrorists wants bombs.

I see them already starting to explore things that are concerning, critical infrastructure, things like that. The logic of it tells me it’s coming, and so of course, I’m worried about it.

The concern is shared by other U.S. allies, as top British officials warn of ISIS’ goal to striking critical infrastructure like the power grid and the financial system.

George Osborne, the U.K. chancellor of the exchequer said: “We know they want it and are doing their best to build it.”

Recently, the U.S. assistant secretary of homeland security for infrastructure protection, Caitlin Durkovich openly spoke about ISIS launching cyberattacks on the grid, at an electricity industry conference.

Despite the threats, critical infrastructure networks and systems are notoriously hard to compromise. There have been a handful of cyberattacks scattered over decades that have targeted critical infrastructure such as nuclear power plants, despite a recent report that claimed nuclear facilities are in denial to the risk of a serious cyber attack.

Featured image from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.




Feedback or Requests?

2 Comments

2 Comments

  1. David Johnson

    January 1, 2016 at 2:31 am

    Shouldn’t ‘Despite the threats, critical infrastructure networks and systems are notoriously hard to compromise’ read notoriously easy to compromise? If they were hard then it’s not really a problem, if they are relatively easy then it is a problem.. air gap these items.

  2. koconor100

    January 13, 2016 at 9:25 pm

    Well , first off , ISIS , you need an actual infrastructure of a computer network in your Caliphate. Then you need people willing to connect to that infrastructure … wait … you’re threatenning to kill every one on the planet , right ? Hmmm…getting people to willingly connect to your network is going to be an extra challenge …

You must be logged in to post a comment Login

Leave a Reply

Breaches

Skepticism Grows Over BitGrail’s Supposed $167 Million Hack

Published

on

A relatively unknown cryptocurrency exchange by the name of BitGrail has informed its users of a coordinated cyber attack targeting Nano (XRB) tokens. However, the incident does not appear to be holding up to scrutiny after the founder of the exchange made an odd request to the developers of Nano shortly after discovering the alleged theft.

// -- Discuss and ask questions in our community on Workplace.

BitGrail Exchange Allegedly Compromised

The Italian exchange issued a notice to its clients last week informing them that 17 million XRB tokens were compromised in a cyber attack. The XRB token, formerly known known as Raiblocks, is valued at $9.80 at the time of writing for a total market cap of $1.3 billion. That puts the total monetary loss of the supposed heist at nearly $167 million.

Parts of the notice have been translated into English from the original Italian by Tech Crunch, a media company dedicated to startups and technology news. According to the agency,  BitGrail has stated the following:

“… Internal checks revealed unauthorized transactions which led to a 17 million Nano shortfall, an amount forming part of the wallet managed by BitGrail… Today a charge about those fraudulent activities has been submitted to the competent authorities and now is under police investigation.”

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

The notice indicated that all transactions have been put on hold until authorities complete their investigation.

Very little is known about BitGrail, as it is not listed among the 183 exchanges whose volume is ranked by CoinMarketCap.

Suspicion Grows

Unlike other crypto heists, the circumstances surrounding the alleged BitGrail attack have been met with widespread suspicion. As David Z. Morris of Fortune rightly notes, this isn’t the first time BitGrail has suspended Nano withdrawals. The same thing happened in early January when the exchange halted not only Nano, but Lisk and CryptoForecast transactions as well.

The suspension was followed by an announcement that the exchange was taking measured steps to verify users and enforce anti-money laundering requirements. It was around this time that users became suspicious that BitGrail was going to cut and run with their tokens.

BitGrail founder Francesco Firano made an unusual request to the developers of Nano following the alleged attack: he asked them to fork their record, a move that would essentially restore the stolen funds.

Nano officially rejected the request on Friday, the day after Firano supposedly discovered the stolen coins. In a post that appeared on the Nano Medium page, the team said:

“We now have sufficient reason to believe that Firano has been misleading the Nano Core Team and the community regarding the solvency of the BitGrail exchange for a significant period of time.”

Last month, hackers made off with more than $400 million worth of NEM tokens stolen from Coincheck, a Japan-based cryptocurrency exchange. The coins have yet to be recovered and the perpetrators remain at large. In 2014, a cyber heist brought down Mt Gox, which was the world’s largest exchange.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
1 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 5 (1 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 164 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Continue Reading

ICO

ICO Analysis: Serenity

Published

on

During the past few decades, internet connectivity and technological advancement evolved rapidly to satisfy a large spectrum of the digital consumer crowd up to and including finance. The demand for online stock exchange, currency trading and investing has led to the development of thousands of online brokerage platforms and systems all over the globe. However, the lack of regulations when it comes to security and protection exposes the current online market with almost 90% of the platforms being unregulated. This environment attracts ‘scammers’ and creates unhealthy manipulative situations in the sphere, impacting both traders and companies that are involved in the digital markets. Here comes Serenity with an attempt to change that for good.

// -- Discuss and ask questions in our community on Workplace.

Serenity’s financial services promise to create an independent marketplace based on smart contracts, where trading records will be transparent and monitored by a blockchain based platform. Blockchain guarantees transparency and lack of affiliation in order to secure traders from misuse of their funds by centralized exchange markets.

In addition to a secure trading environment, Serenity will allow users to buy, sell and exchange CFDs, futures, cryptocurrencies and even shares for cryptocurrencies all in a decentralized fashion, recorded and monitored by the blockchain in order to avoid the possibility of counterfeiting.

Over the last decade, the online trading process has not changed at all. Forex based exchanges attract popularity due to the lack of regulations while at the same time putting traders’ funds at risk since most of these platforms are not transparent (as we have observed, they can influence their users’ actions, freeze their accounts or deny a withdraw request at any time). Only 10% of the online broker companies have a license to provide intermediary services in the financial sector due to the complicated and expensive procedure that can cost from $200,000 to several millions per company, a sum most are not willing to pay. Serenity plans to radically change that approach by creating a transparent regulatory system powered by the modern blockchain technologies.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

The Token

The SRNT token, the native currency of the Serenity financial platform, will be used to purchase, sell, exchange and withdraw digital assets within the platform that will consist of a pool of brokers. After the token sale, the user is free to transfer their SRNT into external exchanges in order to trade them for possible pairs of digital assets which the platform might not support at the moment.

At the pre-ICO, the SRNT token will have a 50% discount and then a 40% to 10% discount during the public sale that will run until March 7.

According to a spokesman for the company, the total token supply will be 400,000,000 SRNT. Anything that will be left behind after the prementioned deadline will be burned. As for the circulating supply, it is not yet fixed and it will be composed after the token sale.

The spokesman tells us that 3% of the funding will be used for bounty rewards and 12% is reserved for the team. As for the rest, we must wait for further official announcements that will take place after the token sale.

Team

At first glance, we can already see a professional team with years of experience in the field. In  words, Serenity is not just another cryptocurrency platform made by GitHub coders.

Project co-founder Stanislav Vaneev is the CEO and founder of Grand Capital, an international level financial services company that has a monthly turnover of $6 billion USD and serves over 300,000 clients worldwide. Anton Vasin (co-founder & COO), has more than a decade of experience in the forex sphere and is also the head of risk hedging department. Denis Kulagin (CEO) is a marketing expert for multiple forex companies in China, Indonesia, Vietnam, and India. Vasiliy Alexeev (CTO) is the man behind UpTrader, a global provider of software for brokers. His ten years of experience are also focused on marketing and product development for various Forex companies.

The list goes on and from what we can see here, Serenity has a legit team with solid financial background and not just a ‘collage‘ of individuals that want to enter the blockchain game.

Verdict

In general, more than 6,000 brokers provide online exchange services using MetaTrader platforms. According to industry statistics, around 4 million traders use their platforms on a daily basis. As mentioned before, only a small percent of these companies are actually regulated and can guarantee a risk-free relationship.

Serenity is the first cryptocurrency focused exchange market that will be regulated and at the same time provide traders the ability to invest in broader options such as CFDs and futures.

Of course, regulations could mean that anonymity will be gone, which was the main reason people invested in cryptocurrencies in the first place. At the same time, this is important for professional traders who make a living out of official and licensed exchange markets. Don’t forget that regulations are unavoidable and they are necessary to establish a trusted relationship between governmental institutions and the crypto sphere.

Risks

  • Taking a look at the Serenity whitepaper can leave more questions than answers, as we had to personally seek assistance from the team in order to understand their token system and other core features. It is not an easy model to understand. -3
  • We still don’t know what 85% of the total funds will be used for and how the distribution benefits the investor or trader on an immediate scale. -3
  • Many new cryptocurrency-focused markets ‘pop up’ every couple of months, but none of them can actually compete with already established titans like Binance, Bitfinex, Bittrex etc. The Serenity team looks great but they will have to prove their unique approach with actual numbers before the end of the year. -1

Growth Opportunity

  • After multiple cases, including the recent DDOS attack on Binance and the attack on the Japanese exchange market Coincheck, a transparent and professional market is needed as soon as possible. This gives Serenitt a golden opportunity to make.a big difference. +4
  • Platforms like Bitfinex already set a minimum deposit of $10,000 USD for new accounts and it is most likely that more exchanges will follow with similar internally generated ‘rules’. If cryptocurrency platforms want to stay under the radar and have a nice flow with their respective governments, they will eventually have to be regulated. Serenity solves that issue from the outset. +3
  • Most online cryptocurrency exchange markets give you the option to exchange between several preset pairs of cryptocurrencies and only with other cryptocurrencies supported by each individual platform respectively. Serenity gives users the option to change their cryptocurrencies into fiat, CFDs or even futures all inside one platform. +4

Disposition

The Serenity team might have some good contacts in the forex scene and Mr. Vaneev’s own Grand Capital has already 300,000 active users that would possible join the new venture, but we must not underestimate “traditional” cryptocurrency markets like Binance which managed to raise 6 million active users in a matter of months.

Serenity can really be a revolutionary step in combining cryptocurrencies with traditionally regulated markets but we must not forget that people choose cryptocurrencies in order to avoid regulations and transparency.

A score of 4 out of 10 is reserved for Serenity, based on present facts.

Investment Details

  • Type: Crowdsale
  • Symbol: SRNT
  • Pre-Sale: Concluded
  • Public Sale: January 25th-March 7th, 2018
  • Payments Accepted: ETH (KYC Required)

Disclaimer: The writer has no position in Serenity at the time of writing.

Featured image courtesy of Shutterstock. 

 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
1 vote, average: 1.00 out of 51 vote, average: 1.00 out of 51 vote, average: 1.00 out of 51 vote, average: 1.00 out of 51 vote, average: 1.00 out of 5 (1 votes, average: 1.00 out of 5)
You need to be a registered member to rate this.
Loading...

2.9 stars on average, based on 6 rated posts




Feedback or Requests?

Continue Reading

Cybersecurity

Bee Token ICO Targeted With $1 Million Phishing Scam

Published

on

The Bee Token ICO was derailed Thursday, a mere 25 hours after launch, as criminals made off with nearly $1 million in an apparent phishing scam.

// -- Discuss and ask questions in our community on Workplace.

ICO Heist

The highly anticipated Bee Token crowdsale was the target of a phishing scam on Thursday, with hackers luring hundreds of unsuspecting investors over email and Telegram. The company, which launched its crowdraise on Jan. 31, had repeatedly warned investors to be weary of fake URLs designed to siphon their funds. Bee Token also warned investors to ignore any communications claiming to represent the company.

Those warnings were echoed in a Jan. 31 tweet from the official @thebeetoken handle:

“Please do not fund ETH to addresses that have the following warning: “Warning! There are reports that this address was used in a (BeeToken) Phishing scam.”

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

The company has since issued a second security announcement through its Medium blog, where it said there is only one funding address and one mode of communication with investors. The blog post read:

“The Funding Address can only be found at https://tokensaleinfo.beetoken.com. The Funding Address will not be communicated via any other means. Any other address should be considered fraudulent.”

Bee Token is a home sharing platform that connects hosts and guests over a decentralized network. Its aim is to disrupt the fast-growing sharing economy by offering lower transaction fees and better incentives without the middleman.

Hacked conducted an ICO Analysis of Bee Token last month, with the project receiving a 7.5 out of 10. That puts it among the strongest ICO candidates we’ve ever reviewed.

At the time of writing, the project had raised $4.6 million with more than 26 days left to go.

ICO Theft on the Rise

Funds raised via ICO have become more attractive for cyber criminals wishing to capitalize on the booming cryptocurrency market. According to a recently published report by big-five consulting firm Ernst & Young, 10% of the ICO funds generated in 2017 have been stolen by hackers. That represents a monetary value of nearly $400 million, based on the metric used in the study.

Cryptocurrency exchanges have long been subject to security breaches, with dozens of platforms losing billions since 2014. Tokyo-based Coincheck was recently subject to the biggest crypto heist of all time after attackers diverted 500 million NEM tokens to their accounts. The thieves have since tried to unload the coins on at least six international exchanges. Their identity or whereabouts have not been verified.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
1 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 5 (1 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 164 rated postsSam Bourgi is Chief Editor to Hacked.com, where he specializes in cryptocurrency, economics and the broader financial markets. Sam has nearly eight years of progressive experience as an analyst, writer and financial market commentator where he has contributed to the world's foremost newscasts.




Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending