[Scan-DC] Confirmation - RE: message from the folks in IT

Rick Hansen Rick.Hansen at apsglobal.com
Wed May 8 10:51:59 EDT 2013 

The attack appears to be real and sophisticated.
https://www.novainfosec.com/2013/05/07/wtop-fednewsradio-websites-hacked-pun
ting-fake-av/

For now, get your traffic info from www.sigalert.com.

Your idea about targeting feds has a lot of value - from the list of
websites, it seems to target government employees and contractors. 

FWIW - Federal News Radio broadcasts a lot of information about Federal IT,
and broadcasts live from events with a federal focus (such as those put on
by AFCEA - www.afcea.org).

 May we listen *and* browse well 'n often,

R.

-----Original Message-----
From: scan-dc-bounces at mailman.qth.net
[mailto:scan-dc-bounces at mailman.qth.net] On Behalf Of Bruce Harper
Sent: Wednesday, May 08, 2013 10:41 AM
To: Scan-DC at mailman.qth.net
Subject: Re: [Scan-DC] message from the folks in IT

On Wed, May 8, 2013 at 10:15 AM, Blair wrote:

Has the government ever lied to you?
>

No, never, I have full faith in our elected and appointed officials (but
only as far as I can throw Gov. Christy).

However, this was sent out via various channels by government officials in
Richmond -- it may be coincidence, it may be unrelated, it may be hooey,
but here it is for what it's worth.

Bruce in Blacksburg (small disclaimer -- I am a ward of the state, employed
at one of those liberal places of higher education)

*From:* Commonwealth Security
*Sent:* Monday, May 06, 2013 12:47 PM
*To:* Commonwealth Security
*Subject:* Situational Awareness - May 7th , OpUSA



Good Morning,



Commonwealth Security and Risk Management has been monitoring a threat made
by a group of cyber extremists regarding a scheduled cyber attack against
United States government and financial targets.  The cyber extremists have
designated the effort OpUSA and indicate they plan on using denial of
service tools to disrupt government and financial institution business.
Overall capability of the participating actors will likely be low, however,
"low hanging fruit" and vulnerable websites are likely targets and are at
higher risk for impact.



Federal, state, and local government and law enforcement agencies, as well
as local and regional banks, are expected to be the targets of the attack.
Targets will likely include associated high profile organizations that can
provide the same media "win" for the hackers. The OpUSA actors are expected
to utilize common hacker techniques seen in other cyber attack campaigns,
including SQL injections (SQLi), cross-site scripting attacks (XSS), and
Distributed Denial of Service attacks (DDoS).



Commonwealth Security is currently monitoring systems for signs of these
attacks.  Control mechanisms have been put in place that should mitigate
the effects of additional DDOS attacks.  If additional disruptions occur
due to an increase in denial of service attacks we will update the advisory
as soon as information is available.  If your entity notices any suspicious
cyber activity, please report it to  Commonwealth Security.



References:



http://krebsonsecurity.com/2013/05/dhs-opusa-may-be-more-bark-than-bite/

http://www.bankinfosecurity.com/opusa-threatens-banks-government-a-5726
______________________________________________________________
Scan-DC mailing list
Home: http://mailman.qth.net/mailman/listinfo/scan-dc
Help: http://mailman.qth.net/mmfaq.htm
Post: mailto:Scan-DC at mailman.qth.net

This list hosted by: http://www.qsl.net
Please help support this email list: http://www.qsl.net/donate.html

More information about the Scan-DC mailing list