(flickr.com/consumerist)

U.S. officials are still convinced that continuing denial of service (DDoS) attacks against American banks by the Izz ad-Din al-Qassam Cyber Fighters are cover for state-sponsored cyber sabotage by Iran, according to a report in today's New York Times.

The Times reports that the U.S. doesn't believe the hacking group's repeated claim they are targeting banks because the anti-Islam video Innocence of Muslims hasn't been taken off the Internet:

But American intelligence officials say the group is actually a cover for Iran. They claim Iran is waging the attacks in retaliation for Western economic sanctions and for a series of cyberattacks on its own systems. In the last three years, three sophisticated computer viruses — called Flame, Duqu and Stuxnet — have hit computers in Iran. The New York Times reported last year that the United States, together with Israel, was responsible for Stuxnet, the virus used to destroy centrifuges in an Iranian nuclear facility in 2010.

The U.S. has good reason to suspect state sponsorship. The al-Qassam cyber attacks have used compromised cloud computing services, which they infect with a malware package called "Itsoknoproblembro."

The malware turns infected servers into what researchers call "bRobots." Funny as the name might be, bRobots are serious business. A hacked data center filled with bRobots gives the attackers enough firepower to take down even the largest websites. As the Times reported, one bank with a substantial 40 gigabit Internet service was easily knocked offline, and others reported DDoS traffic peaks of up to 70 gigabits.

On Tuesday, the Izz ad-Din al-Qassam Cyber Fighters published a new post on Pastebin in which they said the attacks will continue. They offered a complex set of equations related to the current views and likes of Innocence of Muslims and wrote that the reasoning in allowing the video to remain on the web was "the result of direct role of Satan and evil shadow in Zionism spirit and approach of thinking."

As of Wednesday morning, the top four sites on "outage watch" at Site Down were Bank of America, Citibank, Capital One and Fifth Third Bank.

(flickr/mjtmail)

Firms specializing in technology security make it their business to scare potential customers, but that doesn't make an Internet Identity (IID) report predicting cyber doom in 2014, highlighted today by Ray Kurzweil's Accelerating Intelligence, any less spooky.

According to IID, looming cybersecurity threats in 2013--more mobile malware, increasingly aggressive hacktivism, attacks on the cloud--are "well-anticipated and mundane."

Those "mundane" threats are nothing next to the bleak wasteland of death and destruction IID expects in 2014:

[By] 2014 significant new methods of cybercrime will emerge. These new threats include the utilization of Internet connected devices to actually carry out physical crimes, including murders and cybercriminals leveraging mobile device Near Field Communications (NFC) to wreak havoc with banking and e-commerce. IID also expects the industry to combat such threats with new platforms for sharing intelligence across researchers, commercial enterprises and government agencies.

IID elaborated on "Murder By Internet Connected Devices" with scenarios that sound pretty plausible. They predicted that criminals could use pacemakers with remote connections, control systems on Internet-connected vehicles or even connected machines that control IV drips to potentially carry out long-distance, untraceable crimes.

It sounds like hyperbole, but pacemakers (for example) are already hackable, and as Forbes noted in this early December post about the reality of compromised medical equipment, Homeland has already used a hacked pacemaker as a plot device.

IID also warned about the dangers of NFC-enabled smart phones. NFC, or near-field communication, allows information exchange between compatible devices. It's pretty common on phones now but may one day even permit cars to talk to each other. Paul Ferguson, the company's vice president of Threat Intelligence, says NFC could be "a gold mine for cybercriminals and we have already seen evidence that they are working to leverage these apps to siphon money."

Additional threats IID believes may manifest in 2014 include an increase in state-sponsored malware, like Stuxnet, Flame and Duqu, a successful cyberattack on a power grid and an "exploit of a significant military assault system like drones."

Not directly mentioned but already in the wild: hackers already taking advantage of poorly-secured supervisory control and data acquisition (SCADA) systems which have easily cracked web administration pages. At the moment SCADA vulnerabilities might just cause discomfort and disruption, but in 2014's creepy killer web scenario, compromising a large-scale heating and cooling system might just be round one in an all-out infrastructure attack on a regional, even a national scale.

In posting a link to the Kurzweil write-up about IID's dire warnings, Quartz's Christopher Mims sounded the necessary note of caution needed after reading hints of a looming cyber-pocalypse:

Cybercriminals will straight-up kill you, says firm that profits massively by hyping threat. kurzweilai.net/murder-by-inte…

— Christopher Mims (@mims) January 4, 2013

Duly noted. However, if IID is correct, we've only got a year.

Cower and whimper accordingly.

Information freedom view of piracy explained. (Memerial.net)

Portsmouth, Virginia resident Jeramiah Perkins may have just received the longest prison sentence yet for movie piracy. Mr. Perkins, age 40, was sentenced Thursday to five years in prison for leading IMAGiNE, a movie piracy ring with a reputation for often being the first to leak newly-released flicks on the Internet.

A press release from the Department of Justice states that once Mr. Perkins leaves prison he will serve three years on supervised release and pay $15,000 in restitution.

Mr. Perkins and three fellow members of IMAGiNE were indicted in April, 2012. Court documents say that in their efforts to to be first out of the gate with new films, they developed a sophisticated system of recording movies in the theater and editing the illegal video to properly synchronize audio tracks. Mr. Perkins took on the job of renting European server space, registering domain names and operating a PayPal account that received payments from "customers" who downloaded movies.

Mr. Perkins's stiff sentence comes after he pleaded guilty on August 29, 2012 for his part in committing criminal copyright infringement.

Three of his co-defendants, Sean Lovelady, Willie O. Lambert and Gregory Cherwonik, pled guilty as well. They received sentences ranging from 23 months to 40 months in prison. Another member of the piracy crew, Javier Ferrer, will be sentenced in March, 2013.

The Daily Dot points out that those who believe in total freedom of information may not consider IMAGiNE's actions true "theft"--physically taking someone's property away. As far as the authorities prosecuting IMAGiNE are concerned, movie piracy is apparently worth locking the geeks in with bank robbers and killers for up to five years.

Wells Fargo's logo. (flickr/Neubie)

Earlier this week the Izz ad-Din al-Qassam Cyber Fighters announced new distributed denial of service (DDos) attacks on U.S. banks, part of what they've referred to as Phase 2 of their "Operation Ababil." It appears that they have been true to their word.

As of 1:30 p.m. on Friday afternoon, virtually all of the most recent site outage reports on SiteDown.co, one of the largest website outage notification services, were for either Wells Fargo or Bank of America. Comments from Wells Fargo customers ranged from the questioning--"What idiots do you hire to manage to your website?" to the timely: "Did the mayans shut down wells fargo as well no world no monies (sic)."

The al-Qassam Cyber Fighters have repeatedly denied they are working for Iran, even though many security experts say the size of their attacks indicates state sponsorship. In various posts, usually published on Pastebin, the cyber attackers insist their efforts against American banks continue because Google will not remove the anti-Islam video Innocence of Muslims from the Internet in any country where they are not legally required to do so.

The actual impact on banks by the continued denial of service (four days of outages for Wells Fargo this week) is still unclear. A report by Bank Info Security about the first wave of attacks from the al-Qassam Cyber Fighters in October indicated that in addition to inconvenience and customer loss, there is a danger that DDoS outages could be distractions for real hack attacks, in which customer funds are covertly transferred away, possibly to support future cyber espionage.

Whatever is really going on with the Cyber Fighters, it is clear that some banks are still unprepared for their onslaught, and customers are angry. An anonymous user on SiteDown.com likely spoke for many, writing, "Unable to log on to Bill Pay; 4th day and counting; Wells: you need significant help here; do something quick!"

Let us praise the lowly tater. (flickr/graibeard)

The list of things that go well with potatoes is almost endless. We can prove that by noting that now that list even includes wifi. Boeing engineers, in an effort to improve wifi transmission during flight, have been using tons of potatoes to test connectivity and signal distribution.

Boeing uses truckloads of Idaho's finest because humans apparently have a lot more in common with potatoes than just a tendency to sit there on the couch:

The tubers mimic the way the human body responds to electronic signals, so engineers at Boeing's Test & Evaluation Laboratory used the spud-filled plane to try out the new methods without requiring hundreds of people to sit in the aircraft.

CNN reports that once engineers were satisfied with their tater-based testing, they checked their test results with slightly less starchy actual human beings.

The tests all relate back to operational safety. A Boeing spokesman told CNN that "an engineer who is concerned with getting every passenger a really good network signal can see if the weak signals are propagating through the airplane with enough power to provide" passengers with usable wifi.

The potatoes used in the tests are donated to food banks.

So the next time you eat fries while Instagramming your snack via in-flight wifi, spare a thought for the eminently useful and noble spud.

Wells Fargo, hit by al-Qassam Cyber Fighters DDoS attacks.

Denial of service elves Izz ad-Din al-Qassam Cyber Fighters issued a new statement Tuesday and apparently renewed DDoS attacks on American bank websites.

In a brief Pastebin post the hackers--who claim they are mainly motivated by outrage over the anti-Muslim video, Innocence of Muslims--acknowledged the horrific school shootings that took place in Newtown Connecticut on December 14th, but re-committed to their efforts against U.S. financial institutions:

Originally, we sympathize deeply with families of the schoolchildren victimized by the horrible happening of Sandy Hook Elementary school. It’s very clear that a system which its rulers and capitalists are the owners of weaponry big companies never care about occurrence of these events. The past week’s attacks, showed our ability in doing wideness attacks so efficiently and of course this is not all of the Izz ad-Din al-Qassam’s ability. The attacks will be persistent till eliminating injustice and stopping the insults to the prophet of mercy and removing the offensive film, and we are sure that we will reach to our goals.

Based on reports made to Sitedown.co of website outages, the al-Qassam Cyber Fighters have been true to their word. By 5:45 p.m. ET on Tuesday over 400 users had reported an outage at WellsFargo.com since 9:15 a.m. Other banks reporting outages Tuesday included Bank of America and Chase, but Wells Fargo seemed hardest hit.

The cyber-attackers also promised that this week's attacks "will be as wide as previous week" and that customers of the "5 major US banks" should prepare for more "sorrow" and "inaccessibility."

General Petreaus and his alleged mistress, Paula Broadwell. (Photo: Paulabroadwell.com)

At least one chapter in the Shakespeare-worthy downfall of former general and CIA director David Petraeus is ending with a whimper. Mr. Petraeus's biographer and one-time paramour Paula Broadwell will not be charged with cyberstalking--the very accusation that led to her affair with Mr. Petraeus becoming public knowledge.

Ms. Broadwell's lawyer gave an official letter indicating as much to the media. In the letter, United States Attorney Robert E. O'Neill wrote that "no federal charges will be brought in the Middle District of Florida relating to alleged acts of cyber-stalking."

Mr. Petraeus's and Ms. Broadwell's true relationship came to light after Ms. Broadwell began sending anonymous emails to Florida socialite Jill Kelley, using the ominous screen name, "kelleypatrol." Alarmed, Ms. Kelley told F.B.I. special agent Frederick W. Humphries II about the harassment and Agent Humphries urged the F.B.I. to investigate. After that, as Wired reports, it was probably just a matter of time:

Whatever its origins, the FBI cyberstalking inquiry lit a flame that eventually torched Petraeus. Investigators soon discovered that Broadwell was behind "kelleypatrol"; that Petraeus and Broadwell passed each other information using drafts saved in an email account both had access to; that Broadwell’s hard drives or email accounts contained sensitive information; and, of course, that Broadwell and Petraeus conducted an affair.

This drama, tailor-made for a Lifetime/Military Channel crossover, isn't completely over. The CIA is still trying to determine whether Mr. Petraeus took advantage of the perks for his position while in a relationship with Ms. Broadwell, and the Defense Department is still poring over the voluminous email correspondence between Jill Kelley and Marine General John Allen, who replaced Mr. Petraeus as commander of U.S. forces in Afghanistan.

Paula Broadwell may be the only one who could claim to see a glimmer of light at the end of the tunnel as she likely plots a new memoir about  her own "education."

This guy is everywhere now. (Image Devdsp on Flickr

Sometime last summer, hackers invaded a New Jersey company's web-accessible heating and air-conditioning systems using a gaping security hole in the system's supervisory control and data acquisition (SCADA) software.

Ars Technica reports that an IT contractor who works with the business informed F.B.I. agents investigating the breach that controls for the HVAC system were "directly connected to the Internet" and there was no "interposing firewall."

The backdoor into the controls is found in some versions of the Niagara AX Framework, software that controls similar systems at the Pentagon and the Federal Bureau of Investigation. An F.B.I. memo issued in July said any hacker who found their way into the nameless New Jersey company's Niagara controls would have been able to learn the same information available to a systems administrator, such as "a floor plan layout of the office, with control fields and feedback for each office and shop area." The web interface wasn't even password-protected.

Information about these flaws in Niagara systems has been public knowledge among hackers for some time. In a blog post published in an Anonymous-associated blog on January 19, 2012, a hacker using the name @ntisec listed vulnerable Niagara web servers all over the world.

The hacker prefaced the list by explaining that he or she had learned of the vulnerability from a Dutch technology site and then found vulnerable pages with simple searches using Google and ShodanHQ, a site that helps "expose online devices."

@ntisec insisted his or her purpose was to make sure these gaps were closed, because "Most scada systems dont (sic) have the need to be webfaced."

Ars Technica notes that in 2009 a security guard in a Texas hospital learned of that facility's weak SCADA security and posted screen captures online that demonstrated he could take control of parts of the system used to control operating room temperatures. The guard ended up federal prison.

Given the large number of Niagara servers listed by @ntisec last January, we'll probably hear about several other intrusions before the holes are filled. Once that happens, maybe they'll just come for our smart TVs.

Screengrab

Samsung's clever merging of a tablet-like operating system with a conventional TV to create "smart TVs" seems pretty cool, but device developers may have forgotten a pretty crucial detail for a major household appliance connected to the web--security.

Malta-based security researchers ReVuln found a creepy vulnerability in Samsung Smart TVs that could lead to a particularly invasive form of hacking. They detailed for The Security Ledger just how spooky things could get if hackers take advantage of the problem:

It could give an attacker the ability to access any file available on the remote device, as well as external devices (such as USB drives) connected to the TV. And, in a Orwellian twist, the hole could be used to access cameras and microphones attached to the Smart TVs, giving remote attacker the ability to spy on those viewing a compromised set.

The Security Ledger mentions Skype cameras sold as accessories for the Smart TV as an example of equipment that could be used to spy on victims as they sit placidly eating popcorn and watching Netflix. They also point out that Smart TVs don't have security at the moment, not even a basic firewall.

Barring access to Skype cameras, a hacker could at the very least use access to a compromised Smart TV to steal data used on social networks, such as login names and more importantly, passwords.

ReVuln has created a video demonstrating the problem, which you can watch below. They didn't hesitated to double down on the unsettling nature of the security hole, titling the video, "The TV is watching you."

Bank of America, one of the victims of Operation Ababil (Screengrab)

The Izz ad-Din al-Qassam Cyber Fighters published a new message on their Pastebin profile late Monday, warning of a new round of cyber attacks against U.S. financial institutions, beginning this week.

In their lengthy post, titled "Phase 2 Operation Ababil," the Qassam Cyber Fighters announced that they plan to attack websites owned by J.P. Morgan Chase, Bank of America, U.S. Bancorp, PNC Financial Services and SunTrust Banks.

Previous cyber attacks for which the ideologically-motivated group claimed credit took some bank sites down for more than 24 hours and affected website functions for days afterwards. The Cyber Fighters say that in Phase 2, "the wideness and the number of attacks will increase explicitly; and offenders and subsequently their governmental supporters will not be able to imagine and forecast the widespread and greatness of these attacks."

U.S. officials have said they believe the attacks are state-sponsored by Iran, but the cyber attackers still insist they are not working for any government. Though they mention events since their previous attacks such as Israel's efforts against Hamas, the al-Qassam Cyber Fighters still say their main reason for renewed cyber attacks is the presence of Innocence of Muslims on the Internet. Google has refused to removed the anti-Islamic video from the Internet in nations where it is not against the law.

Fox Business notes one of the reasons security researchers and U.S. officials have said they believe the al-Qassam Cyber Fighters are more organized and well-funded than an ad-hoc group of cyber terrorists is because they use such a sophisticated botnet of compromised web servers. The Cyber Fighters' zombie army of bots sidesteps bandwidth limits and focuses more power against their targets than attacks from home computers.

Previous banks affected by al-Qassam's efforts included Wells Fargo, Bank of America and the New York Stock Exchange.

Update: It looks like the Cyber Fighters didn't waste any time. As of 1:45 p.m. ET Tuesday, many Bank of America customers were reporting problems accessing the bank's website.