There are, reportedly, vulnerabilities in the US Consular Consolidated Database (CCD) which contains personal details from all who have applied for a US visa over the past twenty years. Information stored in the database includes names, addresses, birth dates, biometric data , race, country of origin and identification numbers, such as Social Security numbers.
There is concern that these vulnerabilities could allow third parties to access and alter information in the database. It has been suggested that this could open the door for hackers to be able to approve visa applications for individuals who would normally have their applications rejected. For example, last year over 2000 people applied for and were denied visas due to being suspected of having ties to terrorism.
In an interview with SecurityWeek, Sean Sullivan, a security advisor with F-Secure , said: “I’d be more concerned with manipulation of the data in the database used to validate travelers. Depending on the quality of the fingerprints stored – Apple Pay and the like.”
As has become their modus operandi, officials are minimizing the impact of these vulnerabilities. A State Department spokesperson told ABC News that there is no evidence of a breach in the visa database and that the vulnerabilities would be difficult to exploit. The spokesperson explained that “the right level of permissions” would be required.
As SecurityWeek has noted, however, “the ‘right level of permissions” is exactly what is obtained through successful spear-phishing. “It has been the start-point for most of the successful major breaches of the last few years.”
“The database contains more than 290 million passport-related records, 184 million visa records and 25 million records on U.S. citizens overseas.
The vulnerabilities, associated with the aging legacy systems that comprise the CCD, were found during routine monitoring and testing, and are reportedly being remediated. However, ABC News also reports doubts that this is completely true. Vulnerabilities have not all been fixed,” and “there is no defined timeline for closing [them] out,” according to a congressional source informed of the matter.”
Also of concern is the fact that the CCD connects to “other federal agencies like the FBI, Department of Homeland Security and Defense Department.” Sullivan warns that if the front-end is already vulnerable, and it likely is, then “vulnerable front-end systems can also reveal details about back-end systems, details that could further direct exploitation.”
So, as it is, the system could be used by terrorist groups to covertly plant spies, recruiters and attackers in the U.S.
“The students, already in the country on student visas, paid 21 brokers, recruiters, and employers to enroll in fake courses at the University of Northern New Jersey so they could continue to stay in the U.S. and ultimately get H-1B foreign workers visas.”
The intermediaries have been arrested and the 1,076 bogus students will now be subject to administrative arrest and removal proceedings. “Today’s arrests, which were made possible by the great undercover work of our law enforcement partners, stopped 21 brokers, recruiters and employers across multiple states who recklessly exploited our immigration system for financial gain,” Paul J. Fishman, New Jersey United States Attorney, said.
The U.S. government has never had a reputation for being on top of things when it comes to cybersecurity. In yet another example of its uneasy relationship with the use of technology, it has come to light that the Pentagon still doesn’t have a viable plan for responding to cyber attacks. The Military Times has reported that there is no, “clear chain of command for responding to a massive cyber attack on domestic targets in the United States, according to the federal government’s principal watchdog.”
Nobody really knows…
“While some Defense Department documents say that U.S. Northern Command would have primary responsibility for supporting civilian agencies in such an event, other documents suggest U.S. Cyber Command should be leading that effort, the Government Accountability Office found, according to a new report published Monday.
In the event of an attack on the nation’s electrical grid or financial system, for instance, the Defense Department would be expected to back up the U.S. Department of Homeland Security. Yet, the Pentagon has no clear rules in place for how that might play out.”
Because of the high risk of cyber terrorism, in particular attacks that target power plants and electricity networks, Israel and the U.S. appear to be strengthening their ties in order to work together against these cyber threats.
Speaking at the National Committee for Energy’s eighth-annual conference in Tel Aviv, US Energy Secretary Ernest Moniz, warned that, “a very large fraction of cyber attacks involves the energy sector and that’s a recent experience.” He went on to say that, “unfortunately, recent events in Belgium suggest specifically ISIL’s, Daesh’s interest in nuclear materials and highlight the urgency of enhancing nuclear and cyber security.”