Welcome to the National Cryptologic Museum Foundation. The NCMF directly supports the National Cryptologic Museum (NCM), the first public museum in the U.S. Intelligence Community.

Did you know?

Polish mathematicians & code breakers made the first breakthroughs against Nazi Germany's Enigma code.......

Recent Cybersecurity News for Week Ending 8 June 2018

Genealogy Firm Suffers Massive Data Breach

Israeli genealogy firm MyHeritage announced on 4 June 2018 that over 90 million user accounts were compromised in a data breach last October. Email addresses and password hashes were found by a researcher on a private server, resulting in the announcement of the compromise. MyHeritage noted that anyone who signed up for their services from 2003 until 26 October 2017 had their email and password hashes compromised in the breach. MyHeritage stores only the hashes, not the actual passwords, but they recommended that users change passwords as a precaution. Meanwhile, the company is implementing two-factor authentication. The MyHeritage breach may be the first one since implementation of the EU’s General Data Protection Regulation (GDPR) in May. GDPR requires notification within 72 hours of any breach affecting EU citizens. CSO Online, 5 June 2018

Congress Working to Thwart ZTE Despite President’s Direction

In response to President Trump’s recent direction to ease up on Chinese telecommunications manufacturer ZTE after the U.S. imposed a seven-year ban on U.S. companies selling parts to ZTE, imposed a $1 billion fine, and other penalties, the U.S. Congress is moving forward with legislation to continue blocking Federal Government purchases or leases of ZTE equipment. Sen. Marco Rubio (R-FL) is leading a bi-partisan effort to reinstate the penalties imposed on ZTE by the Commerce Department for violating sanctions against North Korea and Iran. The measure to include language in the defense spending bill was co-sponsored by Sen. Tim Cotton (R-Ark), Sen. Chris Van Hollen (D-MD), and Senate Minority Leader Chuck Shumer (D-NY). Senators from both parties consider ZTE a security risk because of its closeness to the Chinese government. Source: The Washington Post “The Cybersecurity 202,” 8 June 2018

Russian Threat Actor Changes Tactics

Researchers at Palo Alto Labs have identified a new trend in use by Russian APT-28, also known as the Sofacy threat group, and widely assumed to be associated with Russian Military Intelligence. In contrast to Sofacy’s past tactics, techniques and procedures (TTP) of surgical attacks like spearphishing against targeted organizations, the hacking group recently has used a shotgun approach to target many users in the same organization, with most targets in government foreign affairs organizations of various countries. The new tactics also include parallel attacks, meaning that multiple types of malware are used at the same time, sometimes in different coding languages like AutoIT, C++, and Delphi. The reason for these changes in Sofacy’s TTP are not clear. Researchers noted that the “noisier” approach makes the intrusions more visible to network monitors and contrasts with Sofacy’s typical “quieter” and harder to detect TTP. Bleeping Computer, 7 June 2018

Atlanta Continues to Recover from Cyberattack

The March ransomware attack on the City of Atlanta continues to impede delivery of basic services, according to a recent report. The attack affected more than a third of the city’s 424 software programs. At least 30 of these programs impacted critical services such as the police and court system. The city is allocating an additional $9.5 million to help remediate the damage in addition to $35 million earmarked for technology upgrades in the city’s budget. This amount may increase after completion of the full assessment of the damage caused by the attack. Atlanta did not pay the $51,000 in Bitcoin demanded by the hackers. Reuters, 6 June 2018

Cisco Releases Security Fixes

On 6 June, US-CERT released updates to address vulnerabilities in multiple products. Left unpatched, the vulnerabilities could allow a malicious actor to take control of a system. Click HERE to see main article with links to individual product security fixes - listed below.

* Cisco Prime Collaboration Provisioning Unauthenticated Remote Method Invocation Vulnerability

* Cisco IOS XE Software Authentication, Authorization, and Accounting Login Authentication Remote Code Execution Vulnerability

* Cisco Web Security Appliance Layer 4 Traffic Monitor Security Bypass Vulnerability

* Cisco Prime Collaboration Provisioning SQL Injection Vulnerability

* Cisco Prime Collaboration Provisioning Unauthorized Password Reset Vulnerability

* Cisco Prime Collaboration Provisioning Unauthorized Password Recovery Vulnerability

* Cisco Prime Collaboration Provisioning Access Control Bypass Vulnerability

* Cisco Prime Collaboration Provisioning Access Control Vulnerability

* Cisco Network Services Orchestrator Arbitrary Command Execution Vulnerability

* Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service Vulnerability

* Multiple Cisco Products Disk Utilization Denial of Service Vulnerability

* Cisco Meeting Server Information Disclosure Vulnerability

* Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability

Return to our HOME PAGE

THIS MONTH on the

On This Day In History

Calendar

  • DoD Directive established DEFSMAC (Defense Special Missile and Astronautics Center). It was renamed in 2002 changing “Astronautics” to “Aerospace.” DEFSMAC is a joint NSA-DIA-NGA organization headquartered at NSA. Its mission is to coordinate the collection of intelligence information from foreign missiles and satellites.

About Us

The NCMF directly supports the National Cryptologic Museum (NCM), the first public museum in the U.S. Intelligence Community. We think you will agree it is truly a "museum like no other."

Located adjacent to the National Security Agency (NSA) in Maryland, the NCM houses a priceless collection of artifacts that represent our Nation's history in code making and code breaking, as well as a world class library of cryptologic media. The NCMF acquires the best artifacts for the NCM and supports new educational and interactive exhibits.

The NCMF provides exceptional cryptologic programs throughout the year, encourages young minds to explore cryptology and innovation through valued awards, and hosts educational, cryptology-related exhibits at various community events.

As part of the Foundation's partnership with NSA to build the Cyber Center for Education and Innovation - Home of the National Cryptologic Museum (CCEI-NCM), the NCMF also serves as a leader in the field of cybersecurity - striving to provide the best in educational resources and programs.

The NCMF and NCM share a joint three-fold mission to Educate, Stimulate, and Commemorate. Learn more about our MISSION.