Monday, September 27, 2010

Stuxnet worm hits Iran's first nuclear plant - What up?

Here is interesting news.

"Iran’s first nuclear power plant has been attacked by a sophisticated computer worm designed to disrupt power grids and other industrial facilities using SCADA [software] systems. The worm, however, hasn’t caused any damage but did succeed in infecting computers.

It has been suggested that the worm, which hit the Bushehr nuclear power plant, is the work of Israeli hackers.

The Stuxnet worm, described as one of the most refined pieces of malware ever discovered, has hit thousands of computers worldwide but has been most active in Iran. It specifically targets computers running Siemens’ SCADA technology."

Several years ago when Iraq was invaded and there were allegations of nuclear and biological weapons I wrote a confidential briefing paper in which I recommended that intelligence agencies place tracking devices in equipment being shipped to countries that were on the list of dangerous regimes. I also suggested that self destruct devices be deeply embedded in such equipment and that software remote command slaves, which would be activated as necessary by international intelligence services, be included in the package of security action.

In also made a strong case for machinery software time bombs and back doors so that "western intelligence" (I still call them that since Russia is a little like the Soviet union and China is eastern thus definitely an adversary) can intercede or incapacitate threats.

I can't guarantee that this Iranian situation is in any way related to my briefing but it certainly makes sense to me. It's much less deadly and politically sensitive to "snip the wires" as I called it, with remote and even nano-robotics as well as software than to launch a traditional military attack.

I wanted to share this because we are constantly scanning the horizon for similar threats to American infrastructure and personal-use sites such as on-line banking.

Clearly the package of risks that sit waiting for an opportunity to do mischief has not diminished. the capacity of individuals, gangs of hackers or criminals and states to attack networks grows each day.

The countermeasure to all of this is to start from the bottom with good computer hygene. The second layer of protection is to have excellent enterprise security at the server and portal evel. Fourth ISP's need to be continuously innovating in building protective as well as detective practices. Governments must also play a more robust role as we see with the creation of a Cyber Command.

Gen. Keith B. Alexander, the commander of the US Cyber Command, said recently that cyberspace is now "on par with sea, air, land and space. The cyber threat is just as significant and real as the physical threat," he said.

For the final defense against attacks there need to be international standards and procedures to make sure that governments conduct law enforcement so that their countries do not becomes centers of cyber-malice or crime.

Of course, if governments are themselves using networks to conduct intelligence as well as warfare we can expect a lively and active future for hacking and cyber warfare.

Labels: , , , ,

Monday, September 20, 2010

INTERPOL's Chief Identity faked on facebook

So here we are posting our little hearts pout on Facebook. Then comes this surprising story:

If you're going to be an identity thief, think big. Like stealing the identity of the head of one of the world's best-known law enforcement agencies.

That's what happened not once, but twice, to Ronald Noble, secretary general of Interpol, who revealed the attacks in a speech at the First Interpol Information Security Conference last week in Hong Kong.

"Just recently INTERPOL’s Information Security Incident Response Team discovered two Facebook profiles attempting to assume my identity as INTERPOL’s Secretary General," Noble said.

We have warned y'all about the Internet and now even the world's police chief is being spoofed by malicious people.

Why would they want to do this?

"One of the impersonators was using this profile to obtain information on fugitives targeted during our recent Operation Infra Red," Noble said. "This Operation was bringing investigators from 29 member countries at the Interpol General Secretariat to exchange information on international fugitives and lead to more than 130 arrests in 32 countries"

So if YOU use Facebook for work or to share information with your "friends" make sure there is nothing you don't want bad guys to lay their hands on because they will.

Labels: ,

  • All Material is Copyright © 2009 Michael McCoy and SEAS, L.L.C
  • Deter. Detect. Defend. Avoid ID Theft -