Russian cyber group seen preparing to attack banks

A security firm is warning that a group of Russian hackers known for targeting military, government and media organizations is now preparing to attack banks in the U.S. and elsewhere.

The group’s preparations, which have included writing new malware, registering domain names similar to those of intended targets, and setting up command-and-control servers, were discovered by analysts from security firm Root9B.

The group has been active since at least 2007 and is known by various names including APT28 and Pawn Storm. Several security vendors believe it operates out of Russia and has possible ties to that country’s intelligence agencies.

The group’s primary malware tool is a backdoor program called Sednit or Sofacy that it delivers to victims through spear-phishing emails or drive-by downloads launched from compromised websites.

The Root9B analysts came across a phishing domain at the end of April that was similar to that of a Middle Eastern financial institution, according to a report published Tuesday. When they dug deeper they uncovered new Sofacy malware samples and servers and domains that were being set up by the group for an upcoming operation.

Based on the information gathered so far, Root9B believes the group’s planned targets include Commercial Bank International in the UAE, Bank of America, TD Canada Trust, the United Nations Children’s Fund (UNICEF), United Bank for Africa, Regions Bank, and possibly Commerzbank.

The company has alerted the financial institutions, as well as international and U.S. authorities. It’s not clear if the attacks have started yet, but the Root9B analysts believe that when they do, they will likely include spear-phishing.

The company released hashes for the new malware samples it has identified and the IP address of a command-and-control server set up by the attackers, so that companies can block them on their networks.

Based on the evidence they’ve seen, the Root9B analysts believe that there might be two subgroups within APT28: One that targets military and government organizations and one that targets financial institutions and banks.

Of course, the attackers might now decide to delay the operation in order to change their infrastructure and targets. So, financial institutions should remain vigilant and should examine all email messages for possible spear-phishing attempts.

 

 

 

By Lucian Constantin

 

 

Skynet actually exists!!! Skynet is a top secret program of NSA

National Security Agency (NSA) actually has a real program named Skynet

Skynet, which was an evil military computer system that launches war on human race in the Terminator movies franchise, it is learnt that NSA has a program with the same name.

As per The Intercept reports, the NSA does have a program called Skynet. However, it has a less lethal but legally dubious aims. This one is a surveillance program that makes use of phone metadata to record the call activities and location of doubtful terrorists. An Al Jazeera journalist reportedly became one of its victims after he was kept on a terrorist watch list.

Chief bureau of Al Jazeera’s Islamabad office, Ahmad Muaffaq Zaidan got traced by Skynet after he was recognized by US intelligence as a possible Al Qaeda member and given a watch list number. Zaidan, a Syrian national has taken a number of exclusive interviews with senior Al Qaeda leaders, including Osama bin Laden himself.

According to a 2012 government presentation The Intercept obtained from Edward Snowden says that Skynet makes use of phone location and call metadata from bulk phone call records to identify fishy patterns in their communication habits and physical movements of the suspects.

Says Wired:

The presentation indicates that SKYNET looks for terrorist connections based on questions such as “who has traveled from Peshawar to Faisalabad or Lahore (and back) in the past month? Who does the traveler call when he arrives?” It also looks for suspicious behaviors such as someone who engages in “excessive SIM or handset swapping” or receives “incoming calls only.” The goal is to identify people who move around in a pattern similar to Al Qaeda couriers who are used to pass communication and intelligence between the group’s senior leaders.

In addition to its misleading name, SKYNET has a few problems though. It happened to misidentify an Al-Jazeera reporter as a member of al-Qaida based on the criteria mentioned above. (It seems that the journalists meeting with sources and terrorists meeting with terrorist group leaders move in patterns that look same to the computer.) This misidentification would be disturbing even if the government did not make use of such metadata to make life-and-death decisions about who to kill with drone strikes. However, it does.

The NSA one should note has a second program too that is very similar to the Terminator‘s Skynet. As revealed by Edward Snowden in an interview with WIRED and James Bamford last year, this one is called MonsterMind. Like the film version of Skynet, MonsterMind is a defense surveillance system that would immediately and independently disarm foreign cyberattacks against the US, and could be used to launch retaliatory strikes as well. Algorithms under this program would remove massive repositories of metadata and examine it to recognize normal network traffic from anomalous or malicious traffic. Equipped with this knowledge, the NSA could immediately and autonomously find, and block, a foreign threat.

Snowden also stated that MonsterMind could one day be designed to automatically return fire without human interference against an attacker. Because an attacker could twist malicious code to keep away from detection, a counterstrike would be more successful in neutralizing future attacks. Sounds a lot like Skynet. However, there is no news from the NSA on why the iconic film name was not used for its real-world Skynet.

 

If you asked me, it seems quite serious guys who adhesives in the program:

Arnold Schwarzenegger, who later became governor of California.

 

 

 

Credit:  Kavita Iyer

We Finally Know Something About What The Shadowy X-37B Will Do In Orbit

We Finally Know Something About What The Shadowy X-37B Will Do In Orbit

In an unprecedented disclosure from the DoD, we have finally been told at least something in regards to what the USAF’s secretive X-37B spaceplane’s goals are for its upcoming flight. Among other things, it will test an exotic form of thruster propulsion that could have huge implications for future space development.

Spaceflightnow.com describes exactly how this unique form of orbital thruster works and how it compares to more traditional thruster technology:

It is a Hall thruster electric propulsion test to enable in-space characterization of design modifications that are intended to improve performance to the units on-board Advanced Extremely High Frequency military communications spacecraft, officials said Monday.

Produced by Aerojet Rocktdyne, the AEHF satellites’ Hall thrusters are 4.5-kilowatt units that use electricity and xenon to produce thrust for maneuvering satellites in space. The novel electric propulsion system produces a whisper-like thrust by ionizing and accelerating xenon gas.

Unlike conventional chemical engines that deliver substantial boosts with each brief firing, the electric system needs the stamina to operate for exceptionally long periods of time to harness its 0.06-pound-thrust into orbit-changing power.

The divergent systems have their advantages and drawbacks. Although typical engines can maneuver satellites rapidly, they use large amounts of heavy fuel that in turn require a bigger, more expensive rocket to carry the spacecraft. Electric propulsion gives up timeliness for efficiency since its xenon fuel weighs a mere fraction of conventional hydrazine, but you must have patience to reap the rewards.

We Finally Know Something About What The Shadowy X-37B Will Do In Orbit

Clearly, Advanced Extremely High Frequency (AEHF) satellites are not the only satellites this new technology could benefit. The longer you can keep a satellite aloft, and the cheaper you can put it there in the first place, which is a variable tied to weight, enhances its cost-benefit proposition. As a result, Hall thruster technology could have massive implications, not only in the military space development world, but also the commercial satellite market, via greatly reducing the investment schedules needed for maintaining persistent orbital capabilities and also lowering the cost and enhancing the flight duration for ‘one off’ space payloads.

This technology could also help in the development of killer satlets, parasites and other foreign satellite manipulation technologies as it would allow these small satellites to pack more maneuvering capability while also possessing a finer degree of control.

Then there is the unmanned X-37B itself, which is a clear candidate for such a technology as it is basically a long endurance space truck. On its last mission it spent 675 days in orbit. With this new thruster technology, its endurance could be enhanced even longer.

So there you have it, our first hint as to what the X-37B’s mission, or missions as it may be, truly are. Still, refining an already fielded advanced maneuvering thruster is probably just the gray tip of a very large black iceberg when it comes to the rest of this shadowy vehicle’s true mission set.

We Finally Know Something About What The Shadowy X-37B Will Do In Orbit

 

 

 

Credit:  Tyler Rogoway

Hizbullah airstrip revealed

Syrian airstrip

Lebanon’s militant Shia group, Hizbullah, has constructed an airstrip in the northern Bekaa Valley for its unmanned aerial vehicles (UAVs), an analysis of satellite images suggests.

Located in a remote and sparsely populated area 10 km south of the town of Hermel and 18 km west of the Syrian border, the airstrip was built sometime between 27 February 2013 and 19 June 2014, according to imagery that recently became publicly available on Google Earth.

It consists of a single unpaved strip with a length of 670 m and width of 20 m. Material has been excavated from a nearby quarry to build up the northern end of the strip so that it is level. It is built over a shorter strip that had been in existence since at least 2010.

The short length of the runway suggests the facility is not intended to smuggle in weapons shipments from Syria or Iran as it is too short for nearly all the transport aircraft used by the air forces of those countries. One exception could be the Islamic Revolutionary Guards Corps’ (IRGC’s) An-74T-200 short take-off transports, but landing one with a useful load on a 670 m strip in the mountains would be considered dangerous by most operators.

An alternative explanation is that the runway was built for Iranian-made UAVs, including the Ababil-3, which has been employed over Syria by forces allied to the Syrian regime, and possibly the newer and larger Shahed-129.

Hizbullah sources have confirmed to IHS Jane’s that the organization is using UAVs to support operations against rebel forces in Syria, particularly over the mountainous Qalamoun region on Lebanon’s eastern border.

An antenna is located on a hill 430 m south of the strip and linked by a track. While this looks like a standard Lebanese mobile telephone tower, it could potentially be used to extend the range of a UAV ground control station.

There are six small utility buildings next to the strip, but none are large enough to accommodate a UAV the size of an Ababil-3, which has a wingspan of around 7 m. However, there is a facility constructed in a valley 2.5 km west of the airstrip that includes two utility buildings large enough to house UAVs.

The site, which is guarded by a checkpoint and swing gate, resembles other Hizbullah facilities scattered around the Bekaa Valley.

Hizbullah has operated UAVs from Lebanese airspace since at least November 2004, when it dispatched one that it identified as a Mirsad-1 for a brief reconnaissance mission over northern Israel. It then flew attempted to fly at least three UAVs into Israel during the July-August 2006 war.

Hizbullah said it was responsible for the UAV that was shot down over southern Israel on 6 October 2012. It said it used an Iranian-made aircraft that it had designated as the Ayoub for the incursion.

Brigadier General Amir Ali Hajizadeh, the commander of the IRGC Aerospace Forces, subsequently said the UAV was of a type that had been in existence for a decade, a possible reference to the Ababil-3.

Iranian UAVs have been spotted on numerous occasions in Syrian airspace, mainly the Ababil-3 variant, but also the smaller Yasir-type.

The Saudi Al-Watan newspaper claimed in March 2014 that Hizbullah had built a “military airport” for its UAVs in the Bekaa Valley. Lebanese media reports erroneously claimed the location was at Iaat in the central Bekaa Valley, apparently mistaking a long-abandoned Second World War-era Royal Air Force airfield for the Hizbullah facility.

 

 

 

Area Description

Google Earth photos reveal an airstrip in the northern Bekaa Valley for Hizbullah UAVs – unmanned aerial vehicles.

The airstrip consists of a single unpaved strip 670 m long and 20 m wide, the short length of the runway suggesting the facility is not intended for weapons smuggling, as it is too short for nearly all transport aircraft used by Syria or Iran. The plausible explanation is that the runway was built for Iranian-made UAVs, including the Ababil-3, employed over Syria by forces allied to the Syrian regime, and possibly the newer and larger Shahed-129.

Hizbullah sources have confirmed to IHS Jane’s that the organization is using UAVs to support operations against rebel forces in Syria, particularly over the mountainous region on Lebanon’s eastern border. Hizbullah has operated UAVs from Lebanese airspace since at least November 2004, when it dispatched one that it identified as a Mirsad-1 for a brief reconnaissance mission over northern Israel. It then attempted to fly at least three UAVs into Israel during the July-August 2006 war.

Hizbullah said it was responsible for the UAV that was shot down over southern Israel on 6 October 2012. It said it used an Iranian-made aircraft for the incursion. The Saudi Al-Watan newspaper claimed in March 2014 that Hizbullah had built a “military airport” for its UAVs in the Bekaa Valley. The site, which is guarded by a checkpoint and swing gate, resembles other Hizbullah facilities scattered around the Bekaa Valley.
Credit: Nicholas Blanford – IHS Jane’s Defence

Russian S-300P Missile system

The S-300 (NATO reporting name SA-10 Grumble) is a series of initially Soviet and later Russian long range surface-to-air missile systems produced by NPO Almaz, based on the initial S-300P version. The S-300 system was developed to defend against aircraft and cruise missiles for the Soviet Air Defence Forces. Subsequent variations were developed to intercept ballistic missiles.

The S-300 system was first deployed by the Soviet Union in 1979, designed for the air defense of large industrial and administrative facilities, military bases, and control of airspace against enemy strike aircraft. The system is fully automated, though manual observation and operation are also possible. Components may be near the central command post, or as distant as 40 km. Each radar provides target designation for the central command post. The command post compares the data received from the targeting radars up to 80 km apart, filtering false targets, a difficult task at such great distances. The central command post features both active and passive target detection modes.

The project-managing developer of the S-300 is Russian Almaz corporation (government owned, aka “KB-1”) which is currently a part of “Almaz-Antei” Air Defense Concern. S-300 uses missiles developed by MKB “Fakel” design bureau (a separate government corporation, aka “OKB-2”).

The S-300 is regarded as one of the most potent anti-aircraft missile systems currently fielded. An evolved version of the S-300 system is the S-400 (NATO reporting name SA-21 Growler), which entered limited service in 2004.