Hackers attempt to penetrate German Parliament Network

The largest German subscription daily newspaper Sueddeutsche Zeitung reports that "unidentified hackers have attempted to penetrate the German Parliament network".

Both the Federal Office for Information Technology (BSI) and the Federal Office for the Protection of the Constitution (BfV) have confirmed the attack.

The Bundestag's IT division was able to thwart this latest attack. Lawmakers have criticized the communication policy of the authorities responsible for this incident.

The attack was discovered "after a tipoff from the BfV". The infected computers had attempted to establish contact with a "potentially hazardous website." The connection was blocked for security reasons.

On March 28, The BSI said that it had now completed its analysis, but refused to comment on the results.

The targets included Marieluise Beck of the Green Party. Beck's disk image is also with the BSI. Beck said to Sueddeutsce Zeitung that "a BSI manager told me that they had discovered server connections with an Israeli news website".

Until now it is unclear whether the staff member had visited the real website or a fake version through which malware had been downloaded on to her computer.

Russian hackers looking software systems at Shell, Philips and the Dutch Ministry of Defense

"Russian hackers are looking software systems at Shell, Philips and the Dutch Ministry of Defense for a way in. The systems are being probed. Without results for now", according well-known daily published in the Netherlands NRC Handelsblad.

According to the Handelsblad "there are tens of young men and women testing the software of businesses and government institutions. They call themselves white-hat hackers. The accountants wear slim fit suits; the Cyber Risk Services technical staff just wear jeans. In one of these flexible working spaces, there stands a Golden Cup, awarded for the Global CyberLympics Security Challenge. Here sit the wizards of our time, as director Jelle Niemantsverdriet calls his colleagues".

Jelle Niemantsverdriet said that "there are grandiose examples of state attacks. The American and Israeli Governments spread malicious software in 2010 to shut down the Iranian nuclear program's Siemens centrifuges. You can use a method like that once, but then you have revealed yourself quickly".

The number of potential cyber attacks rises steeply as soon as states start using the simple tricks of criminals. "Phishing," for example, the retrieval of a user's password by making him retype it. That is what Hillary Clinton's campaign manager John Podesta did and, according to the US intelligence services, Russia was behind it.

Niemantsverdriet lists several examples, such as software which is used in a different way than intended: "what happens if you upload a file containing a virus instead of a photo? What happens if you change a URL with user-id=2 to user-id=3? Do you possess someone else's data? Suppose that you put 3,000 characters in a user name field that only allows 30 characters? Then you get an error message".

"And that error message tells you something about the programming code".

Kaliningrad Bans Officials Using Foreign Comapnies Internet Products and Services

Kaliningrad.ru news portal reported that the administration of Kaliningrad, the capital city of Russia's Baltic exclave Kaliningrad Region, has banned officials from using "foreign companies internet products and services".

The order, signed by city deputy head Anna Appolonova, refers to a directive from the Kaliningrad administration of 17 August on the use of domestic products by the mayor's office on the grounds of "ensuring information security of agencies in the social sphere".

The order includes a list of "enemy" software and recommends a list of Russian alternatives to use.

Among those listed are Skype, Facebook Messenger, Viber, WhatsApp, GMail, Dropbox, Yahoo, Hotmail and even Yandex-Post (which is registered in the Netherlands as part of the Yandex NV joint-stock company), among others.

It recommends officials communicate using services such as ICQ and QIP.

The Russian government has been taking increasing measures recently to ensure its cyber security.

In November, Kremlin spokesman Dmitry Peskov denied Russia would introduce a blanket ban on foreign software

Cyber Crime Heaven in Ukraine

Russian-language newspaper Vesti wrote that in Ukraine there are hundreds of online adverts offering to hack any websites for money. "They can help you to eliminate competition or punish the offender, they say. Prices start at 50 dollars per day and there are discounts on long-term orders, for example, week-long ones. We contacted one of the hackers living into that cyber crime market, who gladly agreed to take down any government website".

He said that "the price depends on the level of security and number of proxies". This will be around 2,000-7,000 rubles per day.

Vesti asked the hacker whether he could arrange for an attack on the websites of public offices, for example, the Ukraine National Bank or the ProZorro procurement system.

"These projects have almost no security and filters, this will cost 2,500 rubles per day. Plus a bonus of three hours before the New Year at any time," the hacker said.

Another Hacker whom Vesti inquired about the price of hacking the website of Ministry of Information Policy of Ukraine said it would cost 10,000 dollars. "This is really dangerous. We would need to buy new servers and set up everything for such an attack. We do not really want to be caught, especially since the Security Sevice of Ukraine (SBU) has been active recently. Google who was caught for a DDoS attack in Kharkiv less than a day ago," the hacker said.

Indeed, police have caught a cyber gang in Kharkiv these days. "For two years, three Kharkiv residents have interfered in the work of automated systems and computer networks by carrying out DDoS attacks 'on request'. The criminals developed malware to infect computers and discreetly secure full control over them. Controllable computers were than united into a botnet for participation in hacking attacks," the Security Sevice of Ukraine (SBU) press service said. They are now working to identify who made such orders.