June 14, 2021

US Navy having to protect itself from 110,000 cyber threat per hour

(LiveHacking.Com) – Back in 2010 HP took over the running of the Navy’s Intranet and the company is also working with the Navy to help it transition to a Next Generation Enterprise Network (NGEN). The Navy Marine Corps Intranet (NMCI) is a shore-based enterprise network that provides a single integrated, secure network for the Navy’s use. After the Internet the NMCI is the world’s largest network. Such a big network is prone to cyber attacks and according to V3, Hp is helping the Navy defend itselg against 110,000 cyber attacks per hour.

“For the US Navy we provide the network for 800,000 men and woman in 2,000 locations around the world, protecting them against 110,000 cyber attacks every hour,” said the head of enterprise services at HP, Mike Nefkens, at the firm’s Discover event in Frankfurt. “This means the attacks average out at about 1,833 per minute or 30 every second.”

Large  public and private institutions are always facing this growing cyber threat and governments all over the world are increasing the funding andresources needed to ensure that their networks are protected. Just recently the UK government announced plans to create a British Computer Emergency Response Team (CERT) and a Cyber Reserves force. The UK’s CERT is to be built on the success the UK had in defending itself against online threats during the Olympics.

“Working with the private sector to improve awareness of the need for better cyber security continues to be a priority. We are now focusing our efforts on making sure that the right incentives and structures are in place to change behavior in a sustainable way,” said Cabinet Office Minister, Francis Maude, said in a written statement. “Government departments and agencies are working with professional and representative bodies to ensure the consideration of cyber security becomes an integral part of corporate governance and risk management processes.”

HP also revealed at its Discover event that it manages some 5.5 million mobile devices across 100 countries along with 13 billion credit card transactions every year.

HP asks researcher not to disclose Huawei router vulnerabilities as they are ‘too big’

(LiveHacking.Com) – Security researcher, Kurt Grutzmacher, has been researching security vulnerabilities caused by buffer overflows on Huawei and H3C routers and was planning to present his findings on Saturday at the ToorCon 14 security show in San Diego. However just before the planned disclosure, Kurt was contacted by the HP Software Security Response Team asking him not to make the disclosure as the vulnerabilities are ‘too big’ for HP, H3C or Huawei to be ready. H3C is a wholly owned subsidiary of Hewlett-Packard and is based in Hangzhou, China.

Kurt has been researching the routers since June 2012 and in August he submitted his finding to US-CERT asking them to coordinate with HP/H3C. US-CERT’s standard disclosure policy is 45 days after vendor notification. After 30 days Kurt had not received a reply from US-CERT or from HP. At this point he contacted them again stating his intention to disclose the problems as the ToorCon.

Then just a few days before the conference, Kurt was contacted by email and voicemail by HP kindly asking him to not disclose the vulnerabilities. Kurt decided to agree with HP. However there Kurt is confident that the disclosure will be made within the next few months.

According to Kurt all users of  H3C or Huawei equipment are at risk.

“Can others figure out what I know? Certainly they could. Am I going to tell anyone or give hints? No, I cannot. There is this bag with an angry cat in it that wants to come out. Or it may not be a cat. It’s Schrödinger’s Disclosure! You just won’t know until it’s opened.”

This latest concerns over the vulnerabilities in Huawei routers come after two separate U.S government reports condemned the safety of Huawei equipment. The first report was from the U.S. House of Representatives Intelligence Committee said that U.S. telecommunications operators should not buy equipment from Huawei. The second was a White House-ordered review of the security risks posed by Chinese telecom suppliers, it concluded that Huawei equipment had too many security vulnerabilities.

Cyber-attack of 9/11 Scale Likely in Near Future

Organisations should prepare for the possibility of a global cyber-attack has warned HP chief executive Meg Whitman. Speaking at a HP customer event in London, Whitman said that she believes a “cyber-attack of 9/11 scale” is likely to take place in the near future. With promises to be on hand when such an attack does occur, the CEO’s comments come at a time when HP is trying to position itself as a leader in the security market.

“We will darken the skies with our agenda to help organisations,” she said.

Last year HP established an enterprise security business unit based around its Security Intelligence and Risk Management (SIRM) platform. SIRM is based on tools like ArcSight, Fortify, and TippingPoint.

“To protect organizations against a wide range of attacks, HP has established a global network of security researchers who look for vulnerabilities that were not publicly disclosed,” said Michael Callahan, in a recent security related press release. “The intelligence gained from this research group is built into HP enterprise security solutions in an effort to proactively reduce risk.”

Meg Whitman is not alone in her opinion. “We haven’t had a significant terrorism cyber related attack in this country, but that’s not to say that we are not preparing for that potential,” said Ralph Boelter, Assistant Director of the FBI’s Counterterrorism Division at a recent conference. He was joined by Gordon Snow, Assistant Director of the FBI’s Cyber Division who added that the most likely targets of future cybercrimes will be first responders, public infrastructures, iPads, and smartphones.

TheHSecurity: Back door in HP network storage solution

HP’s P2000 G3 MSA Storage Area Network (SAN) product contains an hidden and undocumented account with more privileges than the normal customisable account (manage:!manage). Apparently included for support purposes, the account (admin:!admin) is not visible in the user manager and can’t be deleted or modified. It allows unauthorised users to access these systems and the data stored there.

Read the full story here.