• EDUCATE
    EDUCATE

    ...our citizens to be cyber smart, and develop pathways for the future cyber workforce.

  • ENGAGE
    ENGAGE

    ...and convene partners to address emerging cyber and cryptologic issues.

  • COMMEMORATE
    COMMEMORATE

    ...our cryptologic history & those who served within the cryptologic community.

THE NCF VISION

Advance the nation’s interest in cyber and cryptology through leadership, education, and partnerships.

UPCOMING EVENTS

*** Remember to check out our "On This Date in History" calendar. See link below.

Saturday, May 4, 2024
8:30 am2:00 pm
TAC's TheLink, 7000 Columbia Gateway
Suite 150
Columbia, MD 21046
US

Thursday, October 3, 2024
Waverly Woods Golf Course
2100 Warwick Way
Mariottsville, MD 21104
US

Cybersecurity News Bytes for Week Ending 2 Feb 2018

Cybersecurity News Bytes for the Week Ending 2 February 2018

Data Breaches Hit All-Time High in U.S.

The Identity Theft Resource Center (IRTC) and one other company report a total of 1,579 data breaches in the United States in 2017, an increase of more than 44% over 2016. IRTC analysis indicates that 55% of the 2017 breaches were directed at businesses, followed by the medical/health care sector at 23.7% and the financial sector at 8.5%. Most of the breaches (60%) were initiated with phishing or spearphishing attacks. Other causes were unauthorized access, malicious insiders, physical theft, and employee negligence. (Advisen Cyber Front Page News, 1 February 2018)

Fitness Devices Disclose Sensitive Locations

Strava is a mobile app that provides GPS positioning of athletes while it tracks their exercise activities. Strava’s goal is to provide a social networking opportunity for athletes who can use the app to record their exercise routines and share with others. The company recently released a heatmap showing every GPS data point ever uploaded – more than 3 trillion points in all. While nicely demonstrating Strava’s technology, the heatmap also revealed sensitive U.S. military locations in the United States and overseas based on active duty personnel using the app wherever they are stationed or deployed. Some of the locations are so sensitive that they are not accessible by traditional mapping or satellite imaging. Strava recommends that users opt out of the automatic heatmapping feature for users who want to protect the locations where they exercise. U.S. Central Command is reviewing its privacy policies in the wake of the revelation about Strava’s heatmap. The Guardian, 28 Jan 2018, PC Magazine, 28 Jan 2018, and CNN, 28 Jan 2018.

Tether and FUD (Fear, Uncertainty, Doubt) in Digital Currencies

Tether Limited is a cryptocurrency company that claims every unit it has in circulation is backed by U.S. dollars, a unique feature in the world of digital currency. Tether tokens are used by other cryptocurrency exchanges because a “tether” is easier to convert to U.S. dollars than other cryptocurrencies. This feature also makes them attractive to investors. Recent developments, however, have increased the FUD factor about Tether. The main problem is that no one can verify the amount of Tether’s cash reserves. The company has not published any audit results and recently severed the relationship with its accounting firm. On 30 January, the U.S. Commodity Futures Trading Commission issued subpoenas to Tether to get to the bottom of the story. The uncertainty about Tether caused the price of Bitcoin to plunge to below $9,000 this week. Business Insider, 31 Jan 2018

Hezbollah Cyber Capabilities Improving, May Have Tools for Cyber War

Hezbollah hackers have demonstrated cyber espionage capabilities for at least the past two years, focused on Israel, Lebanon, and Saudi Arabia. Now, probably with the help of Iran, Hezbollah has begun to demonstrate Distributed Denial of Service (DDoS) attacks against Israeli military and foreign ministry websites. Reports of collaboration between Hezbollah and Iranian cyber forces have led to speculation that Hezbollah may have developed more sophisticated cyber warfare capabilities and may also use Iranian infrastructure for at least some of their cyber operations. The Cipher Brief, 30 Jan 2018

Jackpotting in U.S. At Last :-{

Jackpotting has arrived in the US. Hitherto seen most often in Eastern Europe and East Asia, the hacking of ATMs to get them to spill cash to a waiting mule has now appeared in the US. The Secret Service is working with banks and ATM vendors to contain the problem. Krebs on Security, 30 Jan 2018

Flash Zero-Day Being Exploited in the Wild

Adobe announced on 1 February 2018 that attackers are using a previously unknown vulnerability in Flash to exploit Microsoft Windows. The zero-day attack can be used against Flash Player 27 and higher to gain access to Internet Explorer on Windows 7 and below. North Korea has been exploiting this vulnerability for the past several months in hacks against South Korea. Adobe promises a patch by 5 February. Krebs on Security, 2 Feb 2018

Iranian Hacking Tradecraft Exposed

According to an Israeli venture capitalist who served in the Knesset (Israeli parliament) subcommittee on cybersecurity, Iran conducts hacking operations through 11 different companies deployed in several countries to mask their cyber operations. Calcalistech.com (Israel), 1 Feb 2018

Return to our HOME PAGE

THIS MONTH on the

On This Day In History

Calendar

  • The first hire at SIS was Annie Louise Newkirk, hired as a cryptographic clerk. Interesting note, when a phone call came in for someone working in the vault room, Ms. Newkirk would buzz the back room using a Morse code equivalent for the first initial of the individual's name. In honor of Women's History Month - click to learn about more female cryptologic pioneers!

About Us

The NCF's Vision is to strengthen trust in the digital ecosystem.

The NCF Mission: Advance the nation’s interest in cyber and cryptology as we:

Educate citizens to be cyber smart individuals, 

Develop pathways for the future cyber and cryptologic workforce, 

Engage and convene partners to address emerging cyber and cryptologic issues and, 

Commemorate our cryptologic history and those who served. 

The Foundation provides exceptional cryptologic programs, encourages young minds to learn about cryptology and to explore cyber-related career opportunities, hosts educational, cryptology-related exhibits at various community events, and honors the people— past and present—whose contributions to our national security protect and make possible our way of life.

The NCF also provides needed support to the National Cryptologic Museum (NCM), the first public museum in the U.S. Intelligence Community. Located adjacent to the National Security Agency (NSA) in Maryland, the NCM houses a unique and priceless collection of artifacts that represent our Nation's history in code making and code breaking, as well as a world class library of cryptologic media. The NCF has acquired rare and invaluable artifacts for the Museum and helps to support new educational and interactive exhibits.

The NCF is a 501(c)(3) organization.

Learn more about our MISSION, VISION, and VALUES.