Skip to content

Tag Archives: cyber warfare

Cybernews from the dark side – July 26, 2014.

Remote controlled car – your car, while you’re driving it…

News about new hacks, targeted attacks and malware outbreaks is beginning to bore the general public. It’s becoming an incessant stream after all. What isn’t boring the life out of the general public is something a bit more unusual: stuff you wouldn’t dream could be hacked… getting hacked.

A report from China told how hackers broke into the Tesla motor car’s gadgetry – as part of a contest during a hacker conference. So, why Tesla? What’s so good about Tesla? Well, that’ll be its being an electric car, and its being crammed with so much ‘smart’ electronics that it hardly resembles an automobile than a mobile supercomputer. Still, what was Tesla expecting? Any new functionality – especially that developed without the involvement of IT security experts – will inevitably bring with it new threats via vulnerabilities, which is just what the hackers at the conference in China found.

Cybernews from the darkside

Read on: malware getting closer to industrial systems…

Cybernews from the dark side – June 4, 2014.

True to my word, herewith, the second installment of my new weekly (or so) series, ‘dark news from the cyber-side’, or something like that…

Today the main topic will be about the security of critical infrastructure; in particular, about the problems and dangers to be on the watch for regarding it. Things like attacks on manufacturing & nuclear installations, transportation, power grid and other industrial control systems (ICS).

Actually, it’s not quite ‘news’ here, just kinda news – from last week: fortunately critical infrastructure security issues don’t crop up on a weekly basis – at least, not the really juicy bits worthy of a mention. But then, the reason for that is that probably that most issues are kept secret (understandable, but worrying all the same) or simply no one is aware of them (attacks can be carried out on the quiet – even more worrying).

So, below, a collection of curious facts to demonstrate the current situation and trends as regards critical infrastructure security issues, and pointers to what needs to be done in face of the corresponding threats.

Turns out there are plenty of reasons to be bowled over by critical infrastructure issues…

If ICS is connected to the Internet, it comes with an almost 100% guarantee of its being hacked on the first day

The motto of engineers who make and install ICS  is ‘ensure stable, constant operation, and leave the heck alone!’ So if a vulnerability in the controller is found through which a hacker can seize control of the system, or the system is connected to the Internet, or the password is actually, really, seriously… 12345678 – they don’t care! They only care about the system still running constantly and smoothly and at the same temperature!

After all, patching or some other interference can and does cause systems to stop working for a time, and this is just anathema to ICS engineers. Yep, that’s still today just the way it is with critical infrastructure – no seeing the gray between the black and the white. Or is it having heads firmly stuck in the sand?

In September last year we set up a honeypot, which we connected to the Internet and pretended was an industrial system on duty. The result? In one month it was successfully breached 422 times, and several times the cyber-baddies got as far as the Programmable Logical Controllers (PLC) inside, with one bright spark even reprogramming them (like Stuxnet). What our honeypot experiment showed was that if ICS is connected to the Internet, that comes with an almost 100% guarantee of its being hacked on the first day. And what can be done with hacked ICS… yes, it’s fairly OMG. Like a Hollywood action movie script. And ICS comes in many different shapes and sizes. For example, the following:

Nuclear malware

Read on: absence of light will only be the result of burned out bulbs and nothing else…

Securing Mother-SCADA.

Hi all!

We’re always assessing the state of the world of computers by prodding it with various hi-tech instruments in different places, taking measurements from different Internet sensors, and studying “information noise”. From the information we glean from all this, plus data from other sources, we constantly evaluate the overall body temperature and blood pressure of the computer world, and carefully monitor the main risk areas. And what we’re seeing at the mo – that’s what I’ll tell you about in this post.

To many, it seems that the most diseased elements of the digital world are home computers, tablets, cellphones and corporate networks – that is, the computer world that most folks know about – be it of a work or home/consumer coloring. But they’d be wrong. Despite the fact that the majority of cyberattacks occur in “traditional” cyberspace (cyberespionage, cybercrime, etc.), they don’t represent the main threat. In actual fact, what should be feared most of all are computer attacks on telecommunications (Internet, mobile networks) and ICS (automated Industrial Control Systems).

One particular investigation of ours, conducted as part of our ongoing secure OS project, detected a seriously low level of “computer immunity” for control systems of critically important infrastructure. ICS, including SCADA, all of which is made up of software and computerized hardware, is responsible for controlling – and the smooth, uninterrupted running of – tech-processes in practically every sector of industry, be it the power industry, transportation, the mass media, and so on. Computer systems control critical aspects of all modern cars, airplanes and trains; every power station and waterworks, every factory, and even every modern office building (lifts, electricity and water supply, emergency systems like smoke alarms and sprinklers, air conditioning, etc.). SCADA and other ICS – it’s all imperceptible, working in the background in some corner or other nobody takes any notice of… but a whole lot around us depends on it.

Alas, as with any other computer systems, SCADA & Co. can be exposed to malware and hacker attacks, as was clearly demonstrated by the Stuxnet worm in 2010. Therefore, protection of critically important systems has become one of the main strategic priorities of computer security in most developed countries of the world, while in response to cyberattacks on critical infrastructure some countries are ready to go to war – real tanks-and-bombs war (if they can find out which country is responsible). So indeed, the situation’s sure hotting up.

Of course, we’re on the case with SCADA security, and have been for a while. Over the last several years we’ve been conducting detailed analysis of ICS, been establishing the fundamental principles of SCADA security, and also developing a prototype solution for guaranteed SCADA protection from malware threats – based on traditional endpoint security and our secure OS. Products fit for consumption aren’t ready just yet, but active work is currently underway – so they should be soon…

Now, while continuing our usual analysis of SCADA security, earlier today we stumbled upon one heck of a big surprise: we came across “Mother-SCADA”, the chief, predominant, all-powerful ICS of the whole world, on whose smooth and uninterrupted operation relies literally everything on the planet: from how breakfast tastes and the size of annual bonuses, to the hours of night and day time and how fast the sun and the stars move across the skies.

Yep, we’ve gone and found the SCADA that manages all the technological processes in the Matrix!

Mother SCADA admin panel

More: Mother SCADA controls your annual bonus!…

Back from the dead: the original virus writers.

Hi all!

A great many computer security events occur around the world all the time, but the RSA Conference is one of the most important of all of them. What exactly it’s all about here I’ll not go into; instead I’ll just share with you some pics from the gig. The photos were taken the day before it started while the stands were still being set up, so though all the installations aren’t ready, at least you can see the near-completed scene without throngs of visitors getting in the way…

RSA Conference 2013Stylish stands

More: Jam of resurrection Joes…

A Move in the Right Direction.

Barack Obama signs an executive act regulating cyber security

On Tuesday, President Obama issued a long awaited Executive Order on cyber security intended to expand and deliver more robust information sharing between government and the private sector.  The Executive Order also requires the development of a voluntary cyber framework and standards to improve protection of the U.S. critical infrastructure.  The Executive Order rightly focuses on a risk-based approach.  Resources are limited and prioritization to secure those areas most at risk is smart policy.  The sophistication of threats and targeted attacks on key economic sectors around the world stresses the urgency that action be taken to better secure critical infrastructure.  This effort by President Obama is a positive step to address a real gap in the protection of critical assets necessary to the well being of the United States.

The risk to critical infrastructures is real, and an international challenge that must be addressed by governments and the private sector together.  As we see more threats to the national and economic security of countries, action must be taken to better protect those critical national infrastructures.  Attacks like StuxnetFlameGauss and Shamoon are becoming commonplace and keep growing in sophistication.

I believe this executive order is a move in the right direction as it seeks to increase digital defenses of critical infrastructure, and tries to facilitate the exchange of threat information between the government and private sector.  Better cooperation between governments around the world and their private sectors to improve sharing of timely and relevant cyber threat information is essential. Likewise, operators of the critical infrastructures must work to implement flexible performance based standards to secure their assets.

We are at a critical juncture on cyber security protection, and leadership in the U.S. and around the world is essential.  We hope that other nations and unions will follow this example and take steps to better protect their national critical infrastructures.

We’re ready to support and assist in national and international cyber defense efforts with our research, technologies and people.

Kaspersky Lab Developing Its Own Operating System? We Confirm the Rumors, and End the Speculation!

Today I’d like to talk about a not-so-glamorous future of mass cyber-attacks on critically important installations. We are working on developing technologies for a secure operating system aimed at protecting precisely these same critical IT systems. Quite a few rumors about this project have appeared already on the Internet, so I guess it’s time to lift the curtain (a little) on our secret project and let you know (a bit) about what’s really going on …

More: Kaspersky Lab Developing Its Own Operating System? We Confirm the Rumors, and End the Speculation!. . .

Social Networks: the Force Is Strong with These Ones.

Governments and intelligence services are getting more deeply involved in social networks. Some states understood the potential and dangers earlier rather than later, while others are catching up fast. But that doesn’t really matter. In one way or another battle lines will be drawn in social media, there’ll be attacks and defense moves – often termed war. Do we need that? I don’t. …

More: Social Networks: the Force Is Strong with These Ones.. . .

Worse than Cheese: Scary Scenarios Causing Nightmares Now – the Five Main Issues of IT Security.

Here I’m presenting my List of the Five Main Issues Facing IT Security, in the broad sense of the term. I should say straight away that I don’t have prescriptions for solving all five issues. The aim of this post is more to identify the problems, let you start to muse on them, and hopefully draw you into the fold of their ongoing discussion by raising your interest, empathy and/or sympathy!

More: Worse than Cheese: Scary Scenarios Causing Nightmares Now – the Five Main Issues of IT Security.. . .

The Flame That Changed the World.

What is the historic significance of Flame? Why all the fuss about this particular malware? To what extent is it dangerous and what type of danger does it pose? Are cyber weapons capable of becoming part of state military doctrine and triggering a new arms race? These questions may sound strange, even alarming – it’s just a virus, no big deal! After all, it’s not going to stop me from eating my fresh croissant in the morning (or my dim sum :), is it? Well, if the development of military malware continues to spiral out of control, then the lack of a croissant or dim sum in the morning will be the least of the worries around …

More: The Flame That Changed the World.. . .

Cassandra Complex… Not for Much Longer.

It’s fair to say I’m a bit of an IT-paranoiac, and most of you will know by now I’m not one to hold my tongue about my fears of possible future Internet catastrophes, or the greed and degeneracy of cyber-wretches – plus the massive size of the threat they represent – and so on. Here are the five main problems for IT security (in the broad meaning of the term) as I see them …

More: Cassandra Complex… Not for Much Longer.. . .