U.S. Trade Group Hacked by Chinese Hackers ahead of Trump-Xi Trade Summit

Thursday, April 06, 2017 Swati Khandelwal


Researchers have uncovered a Chinese cyber-espionage against the United States ahead of the trade summit on Thursday between US President Donald Trump and China's President Xi Jinping.

According to a new report published today by Fidelis Cybersecurity firm, the Chinese APT10 hacking group implanted a piece of malware on the "Events" page of the US National Foreign Trade Council (NFTC) website in February.

Dubbed 'Operation TradeSecret,' the attack against the NFTC site is seen as an attempt to conduct surveillance on the main industry players and lobbyists closely associated with U.S trade policy activities.



Researchers say hackers placed a malicious link on the NFTC website, inviting the organization's board of directors to register for a meeting in Washington DC on March 7. But clicking on the link deployed a spying tool called "Scanbox."

Dates back to 2014, Scanbox – previously used by nation-state threat actors associated with the Chinese government – has the ability to record the type and versions of software a victim is running and run keyloggers on compromised computers, said Fidelis researcher John Bambenek.

"This attack was really at its core a reconnaissance attack. Anyone who visited this calendar entry would expose their software versions and use a JavaScript keylogger that could expose their identity," said Bambenek.
"Traditionally these attacks are used to precisely identify targets and help them craft targeted phishing attacks using exploits they know the victim is vulnerable to."The malicious link was active on the NFTC website between February 27 and March 1. The malware was already removed from the site by the time Fidelis contacted NFTC.



The NFTC's staff and board represent many influential people and companies -- from President Rufus Yerxa, the U.S. Ambassador to GATT to executives from major companies including Google, Amazon, eBay, IBM, Coca-Cola, Microsoft, Oracle, Cisco, KPMG, Pfizer, Visa, Ford, Halliburton, and Walmart.

Although Fidelis detected no further attacks on NFTC board members, the security firm believed the hackers were after a full range of entities relevant to the trade negotiations due to take place Thursday between US and China.

This is the second time in a week when APT10 cyber espionage campaign has come to light. A report released this week by BAE Systems, and PwC also claimed that APT10 was targeting managed IT services providers (MSPs) and their customers across the globe to steal sensitive data.

WikiLeaks Vault 7 documents about vulnerable Cisco products exposes US govt’s stance on cyber security

Image Credit: REUTERS

When WikiLeaks founder Julian Assange disclosed earlier this month that his anti-secrecy group had obtained CIA tools for hacking into technology products made by U.S. companies, security engineers at Cisco Systems swung into action.

The Wikileaks documents described how the Central Intelligence Agency had learned more than a year ago how to exploit flaws in Cisco’s widely used Internet switches, which direct electronic traffic, to enable eavesdropping.

Senior Cisco managers immediately reassigned staff from other projects to figure out how the CIA hacking tricks worked, so they could help customers patch their systems and prevent criminal hackers or spies from using the same methods, three employees told Reuters on condition of anonymity.

The Cisco engineers worked around the clock for days to analyze the means of attack, create fixes, and craft a stopgap warning about a security risk affecting more than 300 different products, said the employees, who had direct knowledge of the effort.

That a major U.S. company had to rely on WikiLeaks to learn about security problems well-known to U.S. intelligence agencies underscores concerns expressed by dozens of current and former U.S. intelligence and security officials about the government’s approach to cybersecurity. That policy overwhelmingly emphasizes offensive cyber-security capabilities over defensive measures, these people told Reuters, even as an increasing number of U.S. organizations have been hit by hacks attributed to foreign governments.

Larry Pfeiffer, a former senior director of the White House Situation Room in the Obama administration, said now that others were catching up to the United States in their cyber capabilities, “maybe it is time to take a pause and fully consider the ramifications of what we’re doing.” U.S. intelligence agencies blamed Russia for the hack of the Democratic National Committee during the 2016 election. Nation-states are also believed to be behind the 2014 hack of Sony Pictures Entertainment and the 2015 breach of the U.S. Government’s Office of Personnel Management.

CIA spokeswoman Heather Fritz Horniak declined to comment on the Cisco case, but said it was the agency’s “job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad.” The Office of the Director of National Intelligence, which oversees the CIA and NSA, referred questions to the White House, which declined to comment.

Across the federal government, about 90 percent of all spending on cyber programs is dedicated to offensive efforts, including penetrating the computer systems of adversaries, listening to communications and developing the means to disable or degrade infrastructure, senior intelligence officials told Reuters.

President Donald Trump’s budget proposal would put about $1.5 billion into cyber-security defense at the Department of Homeland Security (DHS). Private industry and the military also spend money to protect themselves.

But the secret part of the U.S. intelligence budget alone totaled about $50 billion annually as of 2013, documents leaked by NSA contractor Edward Snowden show. Just 8 percent of that figure went toward “enhanced cyber security,” while 72 percent was dedicated to collecting strategic intelligence and fighting violent extremism.

Departing NSA Deputy Director Rick Ledgett confirmed in an interview that 90 percent of government cyber spending was on offensive efforts and agreed it was lopsided. “It’s actually something we’re trying to address” with more appropriations in the military budget, Ledgett said. “As the cyber threat rises, the need for more and better cyber defense and information assurance is increasing as well.”

The long-standing emphasis on offense stems in part from the mission of the NSA, which has the most advanced cyber capabilities of any U.S. agency. It is responsible for the collection of intelligence overseas and also for helping defend government systems. It mainly aids U.S. companies indirectly, by assisting other agencies.

“I absolutely think we should be placing significantly more effort on the defense, particularly in light of where we are with exponential growth in threats and capabilities and intentions,” said Debora Plunkett, who headed the NSA’s defensive mission from 2010 to 2014.

Government Role

How big a role the government should play in defending the private sector remains a matter of debate. Former military and intelligence leaders such as ex-NSA Director Keith Alexander and former Secretary of Defense Ashton Carter say that U.S. companies and other institutions cannot be solely responsible for defending themselves against the likes of Russia, China, North Korea and Iran.

For tech companies, the government’s approach is frustrating, executives and engineers say. Sophisticated hacking campaigns typically rely on flaws in computer products. When the NSA or CIA find such flaws, under current policies they often choose to keep them for offensive attacks, rather than tell the companies.

In the case of Cisco, the company said the CIA did not inform the company after the agency learned late last year that information about the hacking tools had been leaked. “Cisco remains steadfast in the position that we should be notified of all vulnerabilities if they are found, so we can fix them and notify customers,” said company spokeswoman Yvonne Malmgren.

Side by Side

A recent reorganization at the NSA, known as NSA21, eliminated the branch that was explicitly responsible for defense, the Information Assurance Directorate (IAD), the largest cyber-defense workforce in the government. Its mission has now been combined with the dominant force in the agency, signals intelligence, in a broad operations division.

Top NSA officials, including director Mike Rogers, argue that it is better to have offensive and defensive specialists working side by side. Other NSA and White House veterans contend that perfect defense is impossible and therefore more resources should be poured into penetrating enemy networks – both to head off attacks and to determine their origin.

Curtis Dukes, the last head of IAD, said in an interview after retiring last month that he feared defense would get even less attention in a structure where it does not have a leader with a direct line to the NSA director. “It’s incumbent on the NSA to say, ‘This is an important mission’,” Dukes said. “That has not occurred.”

Reuters

Publish date: March 30, 2017 7:14 pm| Modified date: March 30, 2017 7:14 pm

×

Cisco announces its first Made in India router

Reaffirming its commitment to investing further in the country, global networking giant Cisco on Thursday unveiled its first ‘Made in India’ router which can be used by small and medium businesses (SMBs) across multiple industries.

Unveiled in the presence of IT and Electronics Minister Ravi Shankar Prasad, the router, which will cost less than $1,500, is one of the most popular products in Cisco’s core switching portfolio worldwide which is fundamental to network connectivity.

“I would like to compliment the Cisco team that I had requested them to take the initiative of Make in India and today is a great product which will help internet in office space and other places which is a clear mark of digitising India,” Prasad told the gathering.

The global networking giant which is now focused on making a big foray into Cloud, Internet of Things (IoT) and cyber security, recently launched its manufacturing operations in Pune and announced it would build Nagpur as Smart City with its Next-Gen solutions.

“I compliment John Chambers (Cisco Executive Chairman) and the entire team present here. They have established a big premises in Pune. Good luck and keep it up,” the minister added.

According to industry analysts, there are nearly 23 billion connected devices and the number is expected to double to over 50 billion by 2020 and Cisco is prepared to help governments and enterprises achieve this goal.

To achieve this, providing a secured ecosystem — from hardware to software — to the customers is the key.

“India is an incredible country for Cisco as it represents 360 degree value – a great growth opportunity, world class talent, and now an integral part of our global supply chain,” said John Kern, Senior Vice President, Supply Chain Operations, and India Executive Sponsor, Cisco.

IANS

Publish date: March 23, 2017 7:48 pm| Modified date: March 23, 2017 7:48 pm

Cisco and Reliance Jio team-up to expand Jio’s existing multi-terabit capacity all-IP services platform

Image Credit: Cisco

By IANS /  28 Feb 2017 , 18:09

Reliance Jio has announced a collaboration with networking giant Cisco to further expand Jios existing multi-terabit capacity with the first All-IP converged network in India. With this network, Jio will offer a combination of high-speed data, mobile video, VoLTE, digital commerce, media, cloud and payment services, Cisco said in a statement.

It is the first network of its kind globally with the fastest growth to 100 million broadband and VoLTE customers, reaching the milestone within six months of launch. “As part of our journey in fulfilling the aspirations of the nation to be a key transformational agent in digital adoption and Leadership, Cisco has been a great partner for in building this highly scalable cloud centric All-IP Digital Services Network Platform meeting unprecedented data growth,” Mathew Oommen, President of Reliance Jio, said in a statement.

A result of co-innovation around product and services between the two companies, the Jio All-IP digital platform is built on Cisco’s Open Network Architecture and Cloud Scale Networking technologies featuring IP/MPLS, spanning areas, including data centre, Wi-Fi, security and contact centre solutions. “We share the vision with Reliance Jio for an open, programmable infrastructure to simplify, automate and virtualise core network functions in order to digitise faster,” Yvette Kanouff, Senior Vice President and General Manager, Service Provider Business at Cisco, added.

Jio has more than 300,000 km of fibre and built India’s largest cloud data centre to build platforms for applications and vertical solutions. Cisco is building the simplified, automated and virtualized network platform of the future on industry-leading software, systems, silicon and services. This enables service providers, media and web companies worldwide to reduce costs, speed time-to-market, secure their networks and sustain profitable growth.

Disclaimer: Reliance Jio is owned by Reliance Industries, who also own Network18, the publisher of Firstpost and tech2.

Ericsson keen to grow partnership with Cisco to combat weaker growth over next two years

Image Credits: REUTERS

  11 Nov 2016 , 09:21

Struggling telecoms equipment maker Ericsson is looking to expand the scope of its partnership with Cisco as it hunts for ways to offset weaker growth for the industry over the next two years. Ericsson shares, which have slumped 44 percent this year, rose 3.7 percent on Thursday after the Swedish firm gave a new outlook that was less bearish than some analysts had expected and said its Cisco partnership was gaining momentum.

Nonetheless, Ericsson’s acting CEO told investors in New York he was not satisfied with the company’s performance. “We have a tough market situation out there,” Jan Frykhammar said, pointing to weakness in emerging markets where its best hopes for more 4G mobile network upgrade contracts are located, as well as slower mobile network demand in Europe.

“We understand that we need to perform better but you also as investors need to give us some time,” Frykhammar said. The company is wrestling with a drop in spending by telecoms firms, with volume demand for next-generation, 5G technology still years away and amid stiff competition from China’s Huawei and Finland’s Nokia.

Ericsson said negative industry trends from the first half of 2016, when demand weakened for mobile broadband equipment across the industry, were expected to prevail for at least the next two or three quarters. It expects average annual growth of 1 percent to 3 percent from 2016 to 2018 for areas of the market where its provides products and services. In its previous market forecast, issued a year ago, Ericsson predicted 2 percent to 4 percent total market growth each year from 2014 to 2018.

“Ericsson is perhaps a bit more optimistic about 2017 and 2018 than the market,” Redeye analyst Greger Johansson said. Ericsson said its Cisco partnership, which was announced a year ago, got off to a slow start but was gaining traction with more than 60 joint customers and scope to collaborate in areas such as data centres, WiFi, security and the Internet of Things.

“The opportunities go beyond where we originally had been focusing, which is the core and IP networks,” said Rima Qureshi, Ericsson’s chief in North America. “As a consequence, we’re looking at expanding the scope.”

Hard Times

Ericsson has had a brutal year. Former CEO Hans Vestberg was ousted in July and the company shocked investors last month when it warned of a 93 percent plunge in operating profit for the third quarter and tumbling sales. The firm has been slashing jobs and last month appointed veteran board member Borje Ekholm to take over as CEO in January and steer the firm through its worst crisis in a decade.

It said on Thursday that its results would be weighed down by a 10 percent to 15 percent fall in the global mobile infrastructure market this year and a 2 percent to 6 percent decline in 2017.

That puts Ericsson roughly in line with Nokia, which warned last month its addressable market for mobile network equipment would likely decline by low single digits in 2017, after it announced a drop third-quarter sales.

Shares in Nokia rose 2 percent on Thursday and network equipment makers were among the top performers on the STOXX European tech index, which was down 0.9 percent overall. Still, Ericsson is more dependent on mobile broadband demand than its main rivals, as the Alcatel-Lucent merger gave Nokia a larger fixed-line networks business while Huawei has a broader telecom offering than Ericsson.

For its mainstay networks business which generates 75 percent of group sales, Ericsson cut its growth outlook, forecasting its market would be flat or shrink by as much as 2 percent between 2016 and 2018. Its new IT & Cloud division is expected to grow 5 percent to 7 percent in the same period and generate 20 percent of net sales.

Reuters

India revenue crosses $1 bn for Cisco

The US-based company has recently announced that it will commence manufacturing operations in Pune early next year


Press Trust of India | New Delhi October 16, 2016 Last Updated at 11:58 IST



With over $1 billion in revenue already, India is poised to become one of the top four markets for technology giantCisco in the next few years on the back of strong growth in government and enterprise business.

The $49-billion firm, which has some 11,000 employees in India, counts the South Asian nation as its second headquarter after the US.

"If you look at our business performance over the last couple of years, our business is over a $1 billion in India. Last year, it grew over 20 per cent," Cisco CEO Chuck Robbins told PTI.


He added that the company will continue to invest and launch new projects in India.

"India is already among our top five markets, absolutely. There are different ways to look at it," he said. Cisco's leading markets include the US, Japan and China.

Cisco President India and SAARC Dinesh Malkani added: "In the next few years, we should be top three or four (in terms of revenue)."

Asked if this could be achieved before 2020, Malkani replied in the affirmative.

In March, Cisco had committed $100 million to be spent over 18-24 months, including $40 million to fund early-stage and growth-stage companies in the country, and train around 2.5 lakh students by 2020.

The US-based company has recently announced that it will commence manufacturing operations in Pune early next year, making India the 12th country after the likes of the US, Mexico, China, Brazil and Malaysia to house a production unit.

Cisco, which reported global revenue of $12.6 billion for the quarter ended July 30, 2016, saw its top line in India rising significantly by 20 per cent, even as the overall revenue fell two per cent.

Its India operations have seen nine straight quarters of growth starting from the fourth quarter of 2013-14 (18 per cent) to the just-concluded one.

Talking about its team here, Robbins said India is an "incredible source" of highly-talented engineers.

"They are completely energised around the challenge of new innovation. For me, this is not only a talent pool, but a living laboratory. This is a place where we will continue to see investment and new projects being launched and new businesses being developed. I see nothing but opportunities," he said.

Cisco discovery protocol tutorials "CDP" >>> "Videos"

In English

In Hindi

In Arabic

Cisco finds new Zero-Day Exploit linked to NSA Hackers

Network equipment vendor Cisco is finally warning its customers of another zero-day vulnerability the company discovered in the trove of NSA's hacking exploits and implants leaked by the group calling itself "The Shadow Brokers."

Last month, the Shadow Brokers published firewall exploits, implants, and hacking tools allegedly stolen from the NSA's Equation Group, which was designed to target major vendors including, Cisco, Juniper, and Fortinet.

A hacking exploit, dubbed ExtraBacon, leveraged a zero-day vulnerability (CVE-2016-6366) resided in the Simple Network Management Protocol (SNMP) code of Cisco ASA software that could allow remote attackers to cause a reload of the affected system or execute malicious code.

Now Cisco has found another zero-day exploit, dubbed "Benigncertain," which targets PIX firewalls.

Cisco analyzed the exploit and noted that it had not identified any new flaws related to this exploit in its current products.

But, further analysis of Benigncertain revealed that the exploit also affects Cisco products running IOS, IOS XE and IOS XR software.

Benigncertain leveraged the vulnerability (CVE-2016-6415) that resides in the IKEv1 packet processing code and affects several Cisco devices running IOS operating system and all Cisco PIX firewalls.

IKE (Internet Key Exchange) is a protocol used for firewalls, to provide virtual private networks (VPNs), and even manage industrial control systems.

A remote, unauthorized attacker could use this vulnerability to retrieve memory contents from traffic and disclose critical information such as RSA private keys and configuration information by sending specially crafted IKEv1 packets to affected devices.

"The vulnerability is due to insufficient condition checks in the part of the code that handles IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests," Cisco said in itsadvisory.

Cisco's IOS operating system XR versions 4.3.x, 5.0.x, 5.1.x and 5.2.x, as well as PIX firewalls versions 6.x and earlier, are vulnerable to this flaw, though the company has not supported PIX since 2009.

Neither Cisco has developed a patch for the flaw, nor any workarounds are available.

The company said the vulnerability is currently under exploit, advising its customers to employ intrusion detection system (IDS) and intrusion prevention systems (IPS) to help stop the attacks.

Cisco promised to release software updates to patch CVE-2016-6415 but did not specify a time frame.

CCNA 200-125 recent exams

click here to download