Rhode Island Sets up a CyberSecurity Team.

Rhode Island has set up a cybersecurity team that it hopes will be a model for other states trying to address cybersecurity problems in an era of tight state government budgets.

The Rhode Island Cyber Disruption Team (RICDT) includes members of government agencies, law enforcement, academia, and private business who will work to protect critical infrastructure in the state.
“This team’s leaders recognize the sectors of our society most vulnerable in cyberspace and the damages that would most severely affect Rhode Islanders”, said Rep. Jim Langevin (D-RI) while unveiling the new cybersecurity team on July 11 at Dell SecureWorks in Providence, RI. IT security firm Dell SecureWorks will provide technology support to the team.

RICDT will provide analysis and support prior to and during catastrophic events affecting critical infrastructure in Rhode Island and ensure continuity and restoration of operations. The team will serve as a communications conduit between federal, state, military, and private entities.
Working under the Rhode Island Emergency Management Agency, RICDT will identify areas in which critical state assets are vulnerable to cyberattack and propose and implement solutions by studying existing cybersecurity practices and commissioning original research and development.

The core RICDT members are Nick Tella (team commander), Ken Bell, and Christine Crocker from the Rhode State Police; Robert Fitzpatrick from the City of Providence Police; Jacob Fonseca with the University of Rhode Island Digital Forensics Center, Anthony Heywood with the IT department of the City of Providence; Doug White, director of the Forensics Applied Networking and Security Center at Roger Williams University; and Theresa Murray with the Emergency Management Agency.
“The Cyber Disruption Team has a multipart role in ensuring critical cyber assets in Rhode Island: to proactively evaluate and advise on the State's cyber infrastructure, to support the State against cyber threats whether physical or virtual, and to act as a cornerstone of cybersecurity in the state”, explained White.

90,000 Military Email Accounts Leaked!

In the AntiSec Movement (Anti Security) going on Anonymous has taken and leaked 90,000 military email accounts from Booz Allen Hamilton which is a security firm. Anonymous classified this as 

"Military Meltdown Monday: Mangling Booz Allen Hamilton". 

  A anouncement posted on Twitter by @AnonymousIRC


The leak itself include 90,000 login accounts for military personnel; including personnel from US CENTCOM, SOCOM, Marine Corps, Air Force, Homeland Security, State Department staff, and what looks like private sector contractors. This does in fact compromise some members of these departments but I do understand why this would happen; to be a security contractor and work in the IT department and have only the basic security on your network should show that people shouldn't put trust into these companies and if your working for the military this shows how easy it really is. Just because people have badges and high egos they think they can secure the internet, there network, and try and charge people for actually battling for their rights this is why I agree with the movement, but to stay professional I would also like to state that if the government personnel don't to be compromised or there information then it's best to actual secure the data and not leave it to some contractor actually put a group to test these sites and your own data.
 
The release by anonymous was via Torrent of 130.5 MB archive file.

Tips, Tricks, and Fun!

Alright most of the time DISecurity brings you the latest news in the IT industry, I will also be adding to the blog is something new; tips, tricks, and fun things to do and learn using the power of the internet and your own mind.
Most people know about Google but what they don't know is Google has more power than anyone really knows, I love Google myself but power can also be bad and good. But this article is not about anything bad for mopey like most news we hear this article and many other like this will be to help you out, maybe improve your own online security, learn something new, or even give you a new insight on what it like to be a little more than a novice using the internet.

So today were going to do something 'simple, easy, and fun to do' but before we start I just want to let everyone to know if you read my blog and you enjoy it send it to others to read. Knowledge is the true power!

1. Alright so what I would like everyone to do is open up their web browser via: Internet explorer, Mozilla Firefox, Safari, Opera, or Chrome.
2. Go to www.google.com
3.  Type this in search: inurl:/ view index.shtml

Alright now you should see a bunch of different numbers, names, or other identifiers, what your about to view is a network of Security Cameras around the world, you can even take full control over them and change what everyone is looking at.

This is an old trick, but it's always fun to play security... But this should also give you an Idea of what anyone and everyone is really doing, I can monitor action of others and this is truly how easy it really is. So what would stop a person finding a good camera getting into them and stalking you? Maybe track your movements?
These are all things you should consider about everyday life, who is watching me? Am I really protected? do I have my privacy? the Answer is simple Everyone, No, and No.  But there are ways to get back what is now lost in the new area of SECURITY > FREEDOM! we have.

Next week: I will teach you how to get back as much privacy as you can.

DISec News

As most people would know there is a trend going on called the "ANTI-Sec Movement" which I am neither against or for simply for the reason some companies do deserve to get slammed with security breaches and show the customers how easy it truly is to get there lives taken from them simply by... you guest it "Trusting a Corporation."

Does anyone remember the days people wanted the 'Mom and Pop Shops' and no one trusted the corporations? I don't know what happen but I do miss those days, But with people actually "trusting" these big corporations all the independent 'Mom & Pop Shops' lose out and are forced to either sell or shutdown.

But the reason why I also disagree with the new movement is some of these websites that can't truly afford an IT Staff and is more like a low market will still get plucked and yes I understand that it's to prove a point but people are also at risk of getting there identity taken away from them; most people in this movement are actually not leaking most of the user database, it still will show up though so you always must take the precautions when playing in the digital world.

Massachusetts data breaches touch five million residents

Data breaches have affected five million residents of Massachusetts since October 2007, when the state’s strict data breach law was enacted, according to Barbara Anthony, head of the Office of Consumer Affairs and Business Regulation.

Anthony told the Boston Herald newspaper that the state has received around 2,200 data breach notification letters from companies and agencies reporting lost or stolen personal information since the law was enacted, affecting around five million state residents.
“We get about 50 [letters] a month. Our reporting law is very stringent. Even if it’s one credit card that’s been lost, the company has to report it to us”, Anthony told the newspaper.
Data breaches in the state range from the relatively innocuous to major events, as illustrated by two incidents in May of this year.
Belmont Savings Bank reported that a back-up computer tape containing the personal information of 13,380 customers accidentally fell in the trash, but it was determined that the tape was incinerated “in the ordinary course” of disposal.
The state's Executive Office of Labor and Workforce announced a virus had infected 1,500 computers at the agency’s offices and career centers, putting as many as 210,000 unemployed residents’ data at risk.
The Massachusetts Attorney General’s office investigates serious data breaches, while Anthony’s office compiles data breach reports and educates consumers and businesses about security risks.
“If you’re storing a lot of sensitive information, you need to take very strong steps to secure that information. If you don’t, and you have a breach, there are going to be problems”, Anthony concluded.

Hacker Dumps Details of Florida Voter Database

 Rigged voting might be as old as US election systems themselves, so what happens when a hacker collects the voting database?

The AntiSec movement is definitely rolling along, Anonymous is pointing to a recent hack that could raise some serious questions over the integrity of voting in Florida. It seems that a hacker who uses Twitter obtained parts of the Florida voting database which has been subsequently posted to Paste2. It appears that the hacker in question wanted to show that voting fraud can easily happen today and dumped parts of the Florida database to prove it.

The content was posted to PasteBin (same content) while Abhaxas tweeted, “Who believes voting isn’t tampered with?”
It’s the latest in a long string of hacks since LulzSec was disbanded. Previously, the Arizona Polce Force had details leak about them not not once, not twice, but three times. In another leak, the AntiSec movement leaked details of Viacom and Universal Music along with content from various government servers.
This latest hack clearly demonstrates that Anonymous isn’t the only organization that is doing the hacking these days. One thing is for sure though, it’s hard to imagine that this would not have very big political implications.

This resent security breach is under investigation.

18 years old hacker gets caught!

The Greek Police have apprehended and arrested an 18 year old hacker suspected of breaking into sites such as Interpol, the FBI, and numbers of  US state agencies. The unidentified hacker lives with his mother in a Agios Dimitrios, a district of Athens, had claimed he has broken into the Interpol site once before at the mere age of 15 years old.
The head of Greece's cybercrime squad Manolis Sfakianakis is quoted as saying on NET; "This unnamed hacker has taken many strikes out all over the world from his house" Manolis also states that Interpol is the basic one, next to other US agencies, he carried out these attacks by himself, but has world with others before.
This young hacker went by the handle 'nsplitter' had has put his hands into some serious cyber crime activities such as credit card fraud, and e-banking data through toolbars downloaded by internet users, and generated cloned cards to make unauthorised ATM withdrawals.

Reports indicate the young hacker has been released by Greek Police, pending further investigation.
The AFP newswire, says that, during his arrest on Wednesday, police executed a search warrant on his home and seized almost 8,000 euros, $300, 130 blank cards, laptops, external drives and a router. He used his illegal funds to invest in the stock market.
"If found guilty of all charges, he faces a prison sentence of at least five years".

Hackers attacked IMF with "Sophisticated cyberattack"

The International Monetary Fund also known as the "IMF" has suffered a major blow by hackers.
The organization, made headlines when following the arrest and resignation of it's boss Dominque Strauss-Kahn (He was arrested for sexual assault has been as a trampoline for malware attacks.) there have been attempts to oversee the financial troubles around the world, promote economic development.

According to the New York Times according to sources within the IMF there has in face been a "major breach of security" this attack was serious enough to cut the connection of the computer linking between the IMF and its near neighbor in Washington, World Bank.

Spokesman for the World Bank reported to the New York Times; ""Disconnection was taken out of an abundance of caution,  until the nature of the attack was understood." The link to the world bank has since been restored and there have been no reported attacks on the World Bank.
Bloomberg claimed to have gotten its hands on some internal emails and memos distributed to IMF staff informing them there computer systems had been compromised.