Massive Chinese hack job on IOT items in Finland during US-Russia summit

https://www.govexec.com/technology/2018/07/chinese-hackers-targeted-internet-things-during-trump-putin-summit/149889/?oref=relatedstories

Chinese Hackers Targeted Internet-of-Things During Trump-Putin Summit

By Patrick Tucker

Defense One

July 19, 2018

Four days before U.S. and Russian leaders met in Helsinki, hackers from China launched a wave of brute-force attacks on internet-connected devices in Finland, seeking to gain control of gear that could collect audio or visual intelligence, a new report says.

Traffic aimed at remote command-and-control features for Finnish internet-connected devices begain to spike July 12, according to a July 19 report by Seattle-based cybersecurity company F5.

“Finland is not typically a top attacked country; it receives a small number of attacks on a regular basis,” the report says.

China generally originates the largest chunk of such attacks; in May, Chinese attacks accounted for 29 percent of the total. But as attacks began to spike on July 12, China’s share rose to 34 percent, the report said. Attacks jumped 2,800 percent.

The China-based hackers’ primary target was SSH (or Secure Shell) Port 22 — not a physical destination but a specific set of instructions for routing a message to the right destination when the message hits the server. “SSH brute force attacks are commonly used to exploit systems and [internet of things, or IOT] devices online,” the report says. “SSH is often used by IoT devices for ‘secure’ remote administration.”

Internet-of-things devices are particularly attractive targets for state-based hackers because many network administrators never change the password or login credentials for IOT devices on their networks from the factory default. That leaves those devices more vulnerable to brute-force attacks, in which hackers hit the devices with lots of random password combinations or combinations informed by some knowledge of how those manufacturers set default passwords and credentials. It’s the sort of attack that’s easier for actors with lots of human and computer power to throw at the problem, but hardly exclusive to them.

“The rise of poorly secured Internet of Things (IoT) devices has made it possible for attackers to gain access to targets of interest. Nation-states, spies, mercenaries, and others don’t need to dress up as repairmen to plant bugs in rooms anymore; they can just hack into a room that has vulnerable IoT devices,” the report says.

The attackers also heavily targeted Session Initiation Protocol, or SIP, Port 5060, used by teleconferencing software and internet-based phone apps.

China wasn’t alone in trying to gain access to Helsinki’s internet-connected devices in the lead-up to the July 16 summit. Attack traffic came from the U.S., France, and Italy as well, in that order. But the U.S. and French traffic was in keeping with averages. Russian attack traffic dropped considerably from third, its usual spot, to fifth. German attack traffic jumped.

Speaking at the Aspen Security Forum on Wednesday evening, FBI director Christopher Wray commented that “China from a counterintelligence perspective represents the broadest, most pervasive, most threatening challenge we face as a country.”

Administration and national security officials have also been sounding the alarm about the state of Chinese industrial espionage. It was a concern experts brought up before the House Committee on Intelligence on Thursday morning. Michael Pillsbury, Director of the Center on Chinese Strategy at the Hudson Institute, noted “We have made a good start toward a new strategy toward China, but we may still be underestimating the problem and China’s resistance to change.”

Elsa Kania, an adjunct fellow at the Center for a New American Security, said, “It is clear that, despite the 2015 Xi-Obama agreement, Chinese cyber espionage, including that undertaken for purposes of IP theft, has continued, as in the recent troubling compromise of a Navy contractor by hackers from the Ministry of State Security.”

Michael Brown, a former CEO of Symantec corporation and one of the co-authors of the so-called DIUx Paper for the Pentagon — a paper that outlines the national security threat posed by the transfer of technology capital to China — testified that “Chinese companies already own significant parts of the military supply chain.”

A recent report from the Office of the Counterintelligence Executive describes China as “the world’s most active and persistent perpetrator of economic espionage.”

Good Night Vietnam: The Legendary DJ Who Inspired Robin Williams Has Died At 79

By Jeff Schogol

on July 19, 2018

Adrian Cronauer, the Air Force DJ loosely portrayed by Robin Williams in Good Morning Vietnam, has died, according to Oakey’s funeral home in Roanoke, Virginia.

•Cronauer, 79, died on July 18, according to an obituary posted on the funeral home’s website. The former sergeant became an outspoken veterans advocate after leaving the Air Force, serving on the board of directors of the National D-Day Memorial and as a trustee for the Virginia War Memorial.

•From 2001 to 2009 Cronauer served as an advisor to the deputy assistant defense secretary for prisoner of war and missing personnel affairs, his obituary says. He worked with veterans groups and international organizations such as the Red Cross on POW/MIA issues and was ultimately awarded the Secretary of Defense Medal for Exceptional Public Service.

More at:

https://taskandpurpose.com/good-morning-vietnam-adrian-cronauer/?utm_source=twitter&utm_medium=social&utm_campaign=share&utm_content=tp-share

Article below:

https://www.nextgov.com/cio-briefing/2018/07/census-bureau-fumbles-foundational-part-2020-trial-run/149852/

GAO report - 2020 CENSUS - Actions Needed to Improve In-Field Address Canvassing Operation:

https://www.gao.gov/assets/700/692493.pdf

Census Bureau Fumbles a 'Foundational' Part of the 2020 Trial Run

By Jack Corrigan

July 18, 2018

The Census Bureau is facing more problems in the lead up to the 2020 Census.

The Census Bureau needs to fix multiple software and IT issues in its address canvassing operation or risks mishandling data in the 2020 count, according to a congressional watchdog.

When testing its process for verifying addresses, the bureau double-counted multiple address blocks and failed to collect or altogether deleted location data, the Government Accountability Office found. The bureau told auditors they were unsure whether the issues arose primarily from faulty laptops and data collection program or employee error, but said it is aware of a notable bug in the software.

GAO also found the bureau is still in the process of figuring out how many address canvassers, or listers, it needs for the count.

“At a time when plans for in-field address canvassing should be almost finalized, the Bureau is in the process of evaluating workload and productivity assumptions to ensure sufficient staff are hired and that enough laptop computers are procured,” auditors said. “With little time remaining, it will be important to resolve these issues.”

The bureau conducts the address canvassing ahead of every decennial count to update address lists and residence maps, which GAO calls “the foundation of the decennial census.” The process ensures every household is mailed a census questionnaire and helps the bureau pinpoint residences that fail to respond for follow up visits.

Listers often operate in areas without internet connection, meaning they must download their assignments ahead of time, work offline and upload completed address lists once they reconnect to the internet. This system worked during most of the field test, but bureau officials said 11 of the 330 laptops used by listers failed to correctly transmit address and another seven laptops deleted the data entirely.

Officials told GAO they knew about a bug in the transmission software before the test and created an alert system that would inform employees if the data they collected didn’t transmit properly. However, they said they were unsure whether the faulty transmissions resulted from employees not following procedures or the alerts not being triggered.

The bureau also incorrectly estimated the number of addresses listers needed to verify in the field, GAO found. While officials initially thought 30 percent of addresses across the country would need in-field verification, the actual number ranged from 37 percent to 76 percent across the three test locations. Listers also exceeded the productivity estimate at each site, causing GAO to question how the bureau calculated its expected rates.

The address canvassing mishaps come as the most recent dilemma facing the beleaguered bureau in the run-up to the 2020 count. Technology preparations for the decennial are far behind schedule, and over the next two years, officials must address a slew of concerns related to cybersecurity and employee background checks. The 2020 count will also be the first to give people the option to respond online, leading former government cyber experts to call for increased transparency on the bureau’s security and privacy efforts.