Kim Zetter’s article for Wired tells us that “SCADA System’s Hard-Coded Password Circulated Online for Years” – see the article at http://www.wired.com/threatlevel/2010/07/siemens-scada/#ixzz0uFbTTpM0 for a classic description of how a password can have little or no value as a security measure. Zetter quotes Lenny Zeltser of SANS as saying that ““…anti-virus tools’ ability to detect generic versions of
As I mentioned in a previous blog, Wired Magazine reported it would take a Nation State to pull off a takedown of the electric grid. Actually, Mother Nature, back hoes, and potentially a worm have had major impacts in the past, but the recent use of the LNK file vulnerability shows it doesn’t take the
…But that doesn’t mean that this particular attack is going to vanish any time soon, AV detection notwithstanding. Now that particular vulnerability is known, it’s certainly going to be exploited by other parties, at least until Microsoft produce an effective fix for it, and it will affect some end users long after that…
[Update 23rd January 2011: volume 3 of this resource has just kicked off at /2011/01/23/stuxnet-information-and-resources-3/: volume 1 is at /2011/01/03/stuxnet-information-and-resources/.] @imaguid microblogged today about his annoyance at "the analysts and journalists who breathlessly fawn over #stuxnet", and suggested that we call it even. I hope he won't think I'm fawning by maintaining resource lists in
In researching today’s SC Magazine Cybercrime Corner article “From sci-fi to Stuxnet: Exploding gas pipelines and the Farewell Dossier”, I came across this ‘Damn Interesting’ article which showcases the successful cyberwarfare compromise of a SCADA / pipeline control system nearly thirty years ago, an event which I had heard stories about in Navy circles but
While the defining research on the Stuxnet topic doesn’t go this far, Forbes writer Trevor Butterworth went out on a limb to name names along with detailing the warfare aspects: As I noted last week – and as the news media have only begun to grasp – Stuxnet represents a conceptual change in the history
Well, not exactly, though actually a top ten of top tens isn't a bad idea: apparently, top tens usually attract plenty of readers. As do top fives. twenties etc, though probably not top thirteens. Security Memes a Lot to Me Still, there is a touch of recursion to this post. I got a notification from
A bit of news this week dealt with Cyberwarfare. Far from becoming part of the tinfoil hat crowd, cyberwarfare has been growing in real world relevance in the past eighteen months and is the primary impetus for pending legislation. While in the Cold War, detente could be measured in the megatonnage of nuclear weapons, the
Well, hopefully my power sockets are not leaking computer viruses and keyloggers, but who knows? Quite a few news outlets have picked up on a story in the Wall Street Journal claiming that spies from China and Russia have "penetrated the U.S. electrical grid". Scary… A little too scary and not enough detail to convince some
Now that cyberwarfare is out of the bottle, will anyone agree to not use it? In the summer of 1945 in New Mexico, the Trinity test gave rise to the term ground zero. Could Stuxnet may be measured as a definitive ground zero in cyberwarfare comparable to Trinity? Concerning Stuxnet’s latest rise in China, David
There have been recent articles with fantastic titles such as “New threat: Hackers look to take over power plants” and “Hackers Target Power Plants and Physical Systems” in the wake of the Stuxnet worm that targeted certain industrial control systems (ICS). The reality is that hackers targeting ICS is nothing new. I am not clear
It’s that time of the year when the information security industry takes part in its annual tradition: coming up with cybercrime predictions and trends for the next 12 months.
In recent months there has been a lot of discussion in the US about an Internet kill switch. The real idea behind the kill switch is not to protect the infrastructure as claimed, but rather for political control such as has been recently observed in Egypt and other countries. Proponents of the Internet kill switch
What would happen if every single one of the four BILLION cell phones on this planet just went dark? Or most likely, what would happen if every single cell phone went dark in one country? One scenario is a combined DoS attack on the internet was combined with a DoS attack on the cellular phone infrastructure at the same time.
ESET has discovered a Linux variant of the KillDisk component that renders Linux machines unbootable, while encrypting files and requesting a large ransom at the same time.
Your business’s CCTV camera could be coughing up your admin passwords. Patch now, or regret later.
The recent attacks on the electrical power industry in Ukraine are connected to attacks on the media and to targeted cyber-espionage attacks against Ukrainian governmental agencies.