Welcome to the National Cryptologic Museum Foundation. The NCMF directly supports the National Cryptologic Museum (NCM), the first public museum in the U.S. Intelligence Community.

Did you know?

Polish mathematicians & code breakers made the first breakthroughs against Nazi Germany's Enigma code.......

UPCOMING EVENTS

Friday, March 8, 2019
Worldwide

Monday, March 25, 2019

Wednesday, March 27, 2019
10:00 am1:00 pm
CACI Inc., Maryland Conference Center | 2720 Technology Drive | Annapolis Junction, MD 20755

Sunday, April 28, 2019Wednesday, May 1, 2019
IP Casino Resort Spa, Biloxi, MS

Cybersecurity News Bytes for Week Ending 9 February 2018

Cybersecurity News Bytes for the Week Ending 9 February 2018

Winter Olympics Faces Hacking Threats

Fear of phishing attacks, hacks, and other malicious activity are increasing as the opening of the Pyeongchang Olympics approaches. Cybersecurity experts are observing an increase in criminal activity including using phishing emails to attract people to engage in illegal activities. The threat is severe enough to prompt the Department of Homeland Security to issue a warning about the cybersecurity risks associated with attending the Games. (DHS warning: https://www.us-cert.gov/ncas/current-activity/2018/02/01/Pyeongchang-2018-Staying-Cyber-Safe-during-Olympics). Some experts have detected signs of nation-state involvement in malicious activity. Russian-based hacking group Fancy Bear has ramped up its activity in response to the doping charges levied against Russia in the last Olympics, targeting the U.S. anti-doping agency and several Olympic organizations. The International Olympics Committee is aware of the increased threat level and claims to be prepared to fend off any cyber attacks on the Games. The Hill, 3 February 2018

Google Chrome Extensions Used to Create Large Botnet

Trend Micro researchers have discovered a botnet affecting hundreds of thousands of users. The botnet, dubbed “Droidclub, is based on malicious extensions to Google Chrome which deploy malware to every website a user may visit. The Chrome extensions can record every action a user takes on a website. They can also inject adware and cryptocurrency mining malware into websites. Trend Micro published a detailed report on the tactics, techniques and procedures used to install the extensions and create the botnet as well as a list of the malicious extensions. Trend Micro Blog, 1 February 2018

Russian Hacker “Peter of the North” Extradited to U.S.

Notorious Russian hacker Peter Yuryevich Levashov, aka “Peter Severa” (“Peter of the North”), was extradited to the United States from Spain to face criminal charges resulting from his creation of the Kelihos botnet that was used to generate spam, steal financial data, and infect computers around the world. While rumored to be involved in the Russian hacking of the 2016 U.S. presidential election, Levashov was sought by law enforcement for his “spam as a service” offerings and targeted phishing attacks. The FBI alleges that Levashov sold services including up to one million spam messages for $200 and, for $300, “job spam” seeking to hire people for illegal services like money laundering. Levashov was in Spain on vacation last April when arrested by Spanish authorities. He arrived in New Haven, Connecticut on Friday, 2 February. (Note: Russian cyber criminals wanted in the U.S. are immune from extradition to the U.S. as long as they remain in Russia. They place themselves in jeopardy when they go on vacation to countries that have extradition treaties with the United States. Levashov is not the first Russian hacker to be arrested while on vacation outside Russia and then extradited to the U.S.) Full Story

Adobe Fixes Flash Vulnerability

Adobe released update Flash Player 28.0.0.161 on Feb. 6 to fix the zero-day vulnerability identified as the vector used by North Korean hackers to infiltrate South Korean government websites. Users of the Flash plug-in that is packaged with Google Chrome, Microsoft Edge, and Internet Explorer 11 will be updated automatically via updates to those browsers. Analysts assess this action to be from a North Korean threat actor dubbed Group 123, noting that use of this zero-day was beyond North Korea’s known hacking repertoire. Security Boulevard, 6 Feb 2018

Record Number of Data Breaches in 2017

Richmond, Virginia based firm Risk Based Security released its 2017 Data Breach Quick-View Report on 6 February. More than 5,200 breaches were reported worldwide in 2017, an increase of 20% from the previous record set in 2015. A total of 7.8 billion records were compromised, also a record number. The most common form of breach in 2017 was the accidental exposure of sensitive information on the Internet or other means, with 5.4 billion records exposed. An egregious example of corporate mishandling of sensitive data involved Aetna. The insurance company agreed to pay over $18 million to more than 11,000 members who are also HIV patients. In August, the company sent updates on the process for filling prescriptions. But the mailings were sent in envelopes with large glassine windows that exposed sensitive medical information. Risk Based Security, 6 Feb 2018

Return to our HOME PAGE.

THIS MONTH on the

On This Day In History

Calendar

  • Government seizure of cryptologist Herbert Yardley's never-published book, "Japanese Diplomatic Secrets."

About Us

The NCMF directly supports the National Cryptologic Museum (NCM), the first public museum in the U.S. Intelligence Community. We think you will agree it is truly a "museum like no other."

Located adjacent to the National Security Agency (NSA) in Maryland, the NCM houses a priceless collection of artifacts that represent our Nation's history in code making and code breaking, as well as a world class library of cryptologic media. The NCMF acquires the best artifacts for the NCM and supports new educational and interactive exhibits.

The NCMF provides exceptional cryptologic programs throughout the year, encourages young minds to explore cryptology and innovation through valued awards, and hosts educational, cryptology-related exhibits at various community events.

As part of the Foundation's partnership with NSA to build the Cyber Center for Education and Innovation - Home of the National Cryptologic Museum (CCEI-NCM), the NCMF also serves as a leader in the field of cybersecurity - striving to provide the best in educational resources and programs.

The NCMF and NCM share a joint three-fold mission to Educate, Stimulate, and Commemorate. Learn more about our MISSION.