• EDUCATE
    EDUCATE

    ...our citizens to be cyber smart, and develop pathways for the future cyber workforce.

  • ENGAGE
    ENGAGE

    ...and convene partners to address emerging cyber and cryptologic issues.

  • COMMEMORATE
    COMMEMORATE

    ...our cryptologic history & those who served within the cryptologic community.

THE NCF VISION

Advance the nation’s interest in cyber and cryptology through leadership, education, and partnerships.

UPCOMING EVENTS

*** Remember to check out our "On This Date in History" calendar. See link below.

Saturday, May 4, 2024
8:30 am2:00 pm
TAC's TheLink, 7000 Columbia Gateway
Suite 150
Columbia, MD 21046
US

Thursday, October 3, 2024
Waverly Woods Golf Course
2100 Warwick Way
Mariottsville, MD 21104
US

Wednesday, October 16, 2024
5:00 pm7:00 pm
The Hotel at Arundel Preserve
7795 Arundel Mills Blvd
Hanover, MD 21076
US

Cybersecurity New Bytes - Early April 2018

Data Breach Hits Major Retailers

A data breach resulting from a common chatbot platform hit Sears, Kmart, Best Buy, and Delta Airlines this week. The compromise of chatbot company [24]7.ai occurred several months earlier but affected companies were not alerted until the first week of April. Retail customers of the affected organizations didn’t need to communicate with the chatbot to have their data compromised. Delta believes that any customer who entered credit card or billing information between 26 September and 12 October, 2017, may have had their information compromised. All four companies cannot verify that information was stolen, only that there is a chance that occurred. Cnet and Naked Security

Energy Grid Cyber Intrusions Probably Enabled by Outdated Cisco Protocol

DHS issued an alert in March citing concerns that Russian actors had infiltrated the U.S. electric grid and other critical infrastructures. The alert stated that, DHS and FBI characterize this activity as a multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities’ networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks. After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS). (See https://www.us-cert.gov/ncas/alerts/TA18-074A).) Information has now emerged that the attacks were directed against the Cisco “Smart Install” (SMI) client, an outdated utility that allowed remote installation of Cisco switches. SMI has been replaced by Cisco’s Network Plug and Play protocol, but many switches still retain the older protocol which remains in background waiting for commands. Attackers have used SMI to modify the TFTP server setting to exfiltrate configuration files, modify the switch general configuration file, replace the IOS operating system image, and establish local accounts used by the attackers to log in and execute IOS commands. Bleeping Computer, 5 April 2018

IoT Botnet Targets Financial Sector

Recent attacks against the global financial sector have been conducted by a botnet based on compromised Internet of Things (IoT) devices such as home routers, TVs, DVRs, and IP cameras. The botnet, possibly related to the IoTroop or Reaper botnet, was first observed in October 2017. It is a variant of the Mirai botnet that took down the Dyn domain name service provider in 2016 causing outages in dozens of U.S. companies. The new botnet may have been launched by a Dutch teenager arrested by police for conducting DDoS attacks against several Dutch organizations. The botnet appears to mostly target MicroTek routers that are widely used in Russia, Brazil, and Ukraine, although the attack affected entities in more than 130 countries. Recorded Future, 5 April 2018

U.S. Pipeline Companies Suffer Cyber Attack

At least four gas pipeline companies across the U.S. experienced outages from 29 March to 4 April due to an apparent cyber attack. While not disrupting the flow of gas through the pipeline system, the outages did affect the network used by customers to communicate their orders to the pipeline operators. No attribution was provided for the attacks, which are under review by the Department of Homeland Security. Bloomberg, 4 April 2018

Google Bug Fixes for April

Google’s security update for April includes 28 fixes. Nine of these are rated “critical” and the remaining 19 are rated “high.” Seven of the critical vulnerabilities are related to the Android Operating System, two tied to Android’s media framework and a Qualcomm Wi-Fi component flaw that allowed an attacker to gain access and execute arbitrary code. Four remote code execution bugs in the Android OS were fixed with the April patches as were additional Qualcom bugs. ThreatPost.com, 3 April 2018

New, Lethal Cyber Weapons on the Horizon

Speakers at a military conference on 9 April painted a dire picture of the future cyber threat horizon, including Internet of Things (IoT) weapons designed to kill people. Author Peter Singer talked about the lack of attention being given to data breaches and power outages in other countries. This presents potential opportunities for adversaries who want to attack the U.S. Dragos CEO Robert Lee discussed a new type of malware called “Trisis” that can attack industrial control systems to cause leaks and explosions rather than simply outages. Singer pointed out additional problems that can be caused by altering video or audio files to confuse military operations at very low cost. Military Times, 9 April 2018

Return to our HOME PAGE

THIS MONTH on the

On This Day In History

Calendar

  • The first hire at SIS was Annie Louise Newkirk, hired as a cryptographic clerk. Interesting note, when a phone call came in for someone working in the vault room, Ms. Newkirk would buzz the back room using a Morse code equivalent for the first initial of the individual's name. In honor of Women's History Month - click to learn about more female cryptologic pioneers!

About Us

The NCF's Vision is to strengthen trust in the digital ecosystem.

The NCF Mission: Advance the nation’s interest in cyber and cryptology as we:

Educate citizens to be cyber smart individuals, 

Develop pathways for the future cyber and cryptologic workforce, 

Engage and convene partners to address emerging cyber and cryptologic issues and, 

Commemorate our cryptologic history and those who served. 

The Foundation provides exceptional cryptologic programs, encourages young minds to learn about cryptology and to explore cyber-related career opportunities, hosts educational, cryptology-related exhibits at various community events, and honors the people— past and present—whose contributions to our national security protect and make possible our way of life.

The NCF also provides needed support to the National Cryptologic Museum (NCM), the first public museum in the U.S. Intelligence Community. Located adjacent to the National Security Agency (NSA) in Maryland, the NCM houses a unique and priceless collection of artifacts that represent our Nation's history in code making and code breaking, as well as a world class library of cryptologic media. The NCF has acquired rare and invaluable artifacts for the Museum and helps to support new educational and interactive exhibits.

The NCF is a 501(c)(3) organization.

Learn more about our MISSION, VISION, and VALUES.