Headline April 12, 2018/ ''' *CYBER'S -BREED- CANARYS* '''

''' *CYBER'S -BREED- CANARYS* '''

WHEN THE BRITISH HOUSE OF PARLIAMENT discovered unauthorized attempts to access parliamentary user accounts...........

''To protect members and staff accounts and *secure our networks*, the statement added. ''we have temporarily restricted remote access to the network.

As a result, some members of the Parliament and staff cannot access their email accounts outside of Westminister.'' 

*TIME IS BURNING*, Mr. Ben-Oni said. ''Understand, this is really a war - with offense on one side, and institutions, organizations - and schools on the other defending against an unknown adversary. ''

Since the Shadow Brokers leaked dozens of coveted attack tools in April. hospitals, schools, cities,  police departments and -

Companies around the world have largely been left to fend for themselves against weapons developed by the world's most sophisticated attacker : N.S.A.

But in this case, modern-day detection systems created by Cylance, McAfee and Microsoft and patching systems by Tanium did not catch the attack on IDT.

Nor did any of the 128 publicly available threat intelligence feeds that IDT subscribes to.

Even the 10 threat intelligence feeds that his organization spends a half-million dollars on annually for urgent information failed to report it.
He has since threatened to return their products. 

Our industry likes to work on known problems,'' Mr.Ben-Oni said. ''This is an unknown problem. We're not ready for this.''

No one he has spoken to knows whether they have been hit, but just that month last year, restaurants across the United States reported being hit with similar attacks that were undetected by antivirus systems.

There are now YouTube videos showing criminals how to attack systems using the very same N.S,A tools used against IDT, and Metasploit, an automated hacking tool-

Now allowing anyone to carry out these attacks with the click of just a button.

Worse still, Mr. Ben-Oni said, ''No one is running point on this.''

The same very month, Mr. Ben-Oni personally briefed the F.B.I. analyst in charge of investigating the WannaCry attack.

He was told that the agency had been specifically tasked with WannaCry, and that even though  the attack on his company was more invasive and sophisticated it was still technically something else, and therefore the F.B.I could not take on his case.

The F.B.I, did not respond to requests for comment.

So Mr. Ben-Oni has largely pursued the case himself. His team at IDT was able to trace part of the attack to a personal Android phone in Russia and has been feeding its findings  to :

*Europol, the European Law Enforcement Agency in The Hague*.

The chances that IDT was the only victim of the attack are slim.

Sean Dillon, a senior analyst at RiskSense, a New Mexico security company, was among the first security researchers to scan the Internet for the N.S.A's DoublePulsar tool.

He found tens of thousands of host computers are infected with the tool, which attackers can use at will.

''Once DoublePulsar is on the machine, there's nothing stopping anyone else from coming along and using the back door,'' Mr. Dillion said.

More distressing, Mr. Dillion tested all major antivirus products against the DoublePulsar infection and a demoralizing 99 percent, Yes, 99% failed to detect it.

''We've seen the same computers infected with DoublePulsar for two months and there is no telling how much malware is on these systems,'' Mr. Dillion said.

''Right now we have no idea what's gotten into these organizations.''

In the worst case, Mr. Dillion said, attackers could use those back doors to unleash destructive malware into critical infrastructure, tying up rail systems, shutting down hospitals or even paralyzing electric utilities.

Could that attack be coming?

The Shadow Brokers resurfaced some time later, promising a fresh load of N.S.A. attack tools, even offering to supply them for monthly paying subscribers-

Like a wine-of-the-month club for cyber-weapon enthusiasts.

In a hint that the industry is taking the group's threats seriously, Microsoft issued a new set of patches to defend against such attacks.

Mr. Ben-Oni is convinced that IDT is not the only victim, and that these tools can and will be used to do far worse.

''I look at this as a life-or-death situation,'' he said. ''Today it's us, but tomorrow it might be someone else.

With respectful dedication to the Leaders, Students, Professors and Teachers of the world. See Ya all on !WOW! - the World Students Society and Twitter - !E-WOW! - the Ecosystem 2011:


''' Sweltering Time '''

Good Night and God Bless

SAM Daily Times - the Voice of the Voiceless