• EDUCATE
    EDUCATE

    ...our citizens to be cyber smart, and develop pathways for the future cyber workforce.

  • ENGAGE
    ENGAGE

    ...and convene partners to address emerging cyber and cryptologic issues.

  • COMMEMORATE
    COMMEMORATE

    ...our cryptologic history & those who served within the cryptologic community.

THE NCF VISION

Advance the nation’s interest in cyber and cryptology through leadership, education, and partnerships.

UPCOMING EVENTS

*** Remember to check out our "On This Date in History" calendar. See link below.

Saturday, May 4, 2024
8:30 am2:00 pm
TAC's TheLink, 7000 Columbia Gateway
Suite 150
Columbia, MD 21046
US

Thursday, October 3, 2024
Waverly Woods Golf Course
2100 Warwick Way
Mariottsville, MD 21104
US

Cybersecurity News Bytes for Mid-July 2018

The Return of Spectre

New attack vectors against CPU microprocessors have been identified by security researchers. These techniques can affect AMD, ARM, and Intel processors. Spectre 1.1 takes advantage of vulnerabilities in chips that use speculative data stores, using these stores to cause buffer overflows. Spectre 1.2 attacks CPUs that don’t enforce read/write protections, allowing overwriting of read-only data and enabling the redirection of pointers to breach sandboxes so that an attacker can own the machine. Mitigation approaches include adding software to reduce the amount of processor speculation, although this will impact performance negatively. ZDNet 11 July 2018

Air Force Drone Specs, Other Sensitive Documents For Sale on Dark Web

The cyber hygiene of U.S. military organizations has been brought into question by the discovery on the Dark Web of documents about the MQ-9 Reaper drone, tank platoon tactics, and manuals about defeating roadside bombs. Sale prices ranged from $150-200. Researchers at Recorded Future discovered these items for sale while looking at websites used by cyber criminals. The hacker leveraged a previously known FTP vulnerability in Netgear routers using default passwords. While sensitive, much of the information was apparently unclassified. Fifth Domain

China Hacks Cambodian Candidates and Government Organizations

Chinese hackers have intruded into Cambodian systems to gather information in the run-up to elections scheduled for 29 July. This activity is similar to Chinese hacks into Taiwan’s 2015 presidential election, although in the Cambodian election there is no opposition to pro-Chinese Prime Minister Hun Sen. The goal seemed to be to gather as much information as possible. The breach was discovered by FireEye, who noted that the hackers blundered in leaving their servers “open indexed,” allowing researchers to retrieve loads of information on their tactics, techniques, and procedures. Bloomberg, 11 July 2018

Cybercriminals Phish for Cryptocurrency

Kaspersky Labs reported that cybercriminals used social media scams and spearphishing email attacks to gain access to cryptocurrency accounts of unsuspecting users. Techniques included setting up false initial coin offerings and asking potential customers to send a small amount of bitcoin to get started and cryptocurrency give-away scams. These and other techniques resulted in the theft of GBP 7.5 million (about $9.9 million) in the first six months of 2018. Informationsecuritybuzz.com

Ransomware Reaches New Heights

Sonic Wall reports record volumes of malware, including ransomware which surged from January – June 2018, a 229% increase over the same period last year. After a decrease in these attacks from 2016-17, 181.5 million ransomware attacks were noted in the first six months of this year. Cybercriminals are also using encryption more frequently, taking advantage of available technology to prevent losing the spoils of their crimes. Help Net Security, 11 July 2018

Large Volume of Security Patches Issued

July’s Patch Tuesday saw 53 security patches including 18 critical ones. Key fixes affected Microsoft browsers and Adobe software. A total of 107 patches were issued by Adobe, for products such as Flash, Reader, Acrobat, and Adobe Experience. Trend Micro, 10 July 2018

Return to our HOME PAGE

THIS MONTH on the

On This Day In History

Calendar

  • The first hire at SIS was Annie Louise Newkirk, hired as a cryptographic clerk. Interesting note, when a phone call came in for someone working in the vault room, Ms. Newkirk would buzz the back room using a Morse code equivalent for the first initial of the individual's name. In honor of Women's History Month - click to learn about more female cryptologic pioneers!

About Us

The NCF's Vision is to strengthen trust in the digital ecosystem.

The NCF Mission: Advance the nation’s interest in cyber and cryptology as we:

Educate citizens to be cyber smart individuals, 

Develop pathways for the future cyber and cryptologic workforce, 

Engage and convene partners to address emerging cyber and cryptologic issues and, 

Commemorate our cryptologic history and those who served. 

The Foundation provides exceptional cryptologic programs, encourages young minds to learn about cryptology and to explore cyber-related career opportunities, hosts educational, cryptology-related exhibits at various community events, and honors the people— past and present—whose contributions to our national security protect and make possible our way of life.

The NCF also provides needed support to the National Cryptologic Museum (NCM), the first public museum in the U.S. Intelligence Community. Located adjacent to the National Security Agency (NSA) in Maryland, the NCM houses a unique and priceless collection of artifacts that represent our Nation's history in code making and code breaking, as well as a world class library of cryptologic media. The NCF has acquired rare and invaluable artifacts for the Museum and helps to support new educational and interactive exhibits.

The NCF is a 501(c)(3) organization.

Learn more about our MISSION, VISION, and VALUES.