Computer Systems | Eat It Or Wear It

June 2024
S	M	T	W	T	F	S
	1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30

Duqu Shoots, It Scores!

Posted on November 14, 2011 by Killian Bundy

Duqu goes in where Stuxnet has been . . .

Iran claims defence computer systems hit by another ‘supervirus’

Anti-virus experts last month identified a virus called “Duqu” that they said shared properties with the now famous “Stuxnet” worm, which spread across the world but is thought to have been successfully targeted at the nuclear programme’s centrifuges, the devices that enrich uranium to create nuclear fuel.

It was not clear on Monday from the Iranian statement whether Duqu had also struck nuclear facilities, but it was the first admission of damage.

“We are in the initial phase of fighting the Duqu virus,” Gholamreza Jalali, the head of Iran’s civil defence programme, said. “The final report which says which organisations the virus has spread to and what its impacts are has not been completed yet.

Duqu is the, arguably more sophisticated, follow on to Stuxnet, which took control of Iranian uranium enrichment centrifuges and spun them at speeds well beyond their design capability until they failed. Stuxnet was an offensive weapon. Unlike Stuxnet, Duqu is, at least so far, strictly a reconnaissance tool, gathering and reporting back information on systems related to Iran’s nuclear program, preparing the battlespace as a prelude to a future attack if you will. Whether the next attack will be another
Stuxnet like cyberstrike or physically digging in the Iranian dirt is a layman’s guess. One thing’s for sure, the next attack on Iran’s nuclear program is coming and Iran won’t be able to stop it.

Iran claims to have thwarted Duqu but, then again, they said the same thing about Stuxnet and Stuxnet blew out their centrifuges. Anyway, if Iran is just now admitting that they’ve been infected by Duqu, Duqu may have already accomplished its reconnaissance mission and gone dormant. Whatever information Iran releases publicly is pretty much a lie, propaganda, you can safely assume that whenever they acknowledge their nuclear program has been compromised, the damage is much worse than they’re letting on.

And remember, whether it’s another cyberattack or airstrikes against Iranian nuclear facilities, all it does is buy us time. Stuxnet set the Iranians back, but it didn’t deter them. Destroying some of their nuclear facilities won’t deter them either, in fact, it’ll probably make them even more defiant. The only endgame that will bring closure is regime change. And think about it, if we do that, we’ve just resolved 70+% of the world’s instability problems.

/my vote is for a comprehensive, all hands on deck, leave no stone unturned, decapitation campaign, Mullahs and the Republican Guard gots to live and work somewhere and I bet we have the GPS coordinates

Filed under: Blog Entry | Tagged: Admission, Anti-Virus, Anti-Virus Experts, Centrifuges, Civil Defense Program, Claims, Completed, Computer, Computer Systems, Create, Damage, Defense, Defense Computer Systems, Devices, Duqu, Duqu Virus, Enrich, Enrich Uranium, Experts, Facilities, Famous, Fighting, Final, Final Report, First, Fuel, Gholamreza Jalali, Head, Hit, Identified, Impacts, Initial, Initial Phase, Iran, Iran Nuclear Program, Iranian, Iranian Nuclear Program, Iranian Statement, Malware, Nuclear, Nuclear Facilities, Nuclear Fuel, Nuclear Program, Organizations, Phase, Program, Properties, Report, Shared, Shared Properties, Spread, Spread Across, Statement, Struck, Stuxnet, Stuxnet Worm, Successfully, Successfully Targeted, Supervirus, Systems, Targeted, Uranium, Virus, World | Leave a comment »

Caught Stealing . . . Again

Posted on October 28, 2011 by Killian Bundy

I thought cyberattacks were supposed to considered acts of war, how long are we going to just keep bending over for this threat to national security behavior?

Chinese Hackers Target Chemical Companies

Chinese hackers tried to penetrate the computer systems of 48 chemical and military-related companies in a late summer cyber attack to steal design documents, formulas and manufacturing processes, a security firm reported Tuesday.

The attack ran from late July to mid-September and appeared to be aimed at collecting intellectual property for competitive advantage, reported Symantec, which code-named the attack Nitro, because of the chemical industry targets. Hackers went after 29 chemical companies and 19 other businesses that made advanced materials primarily used in military vehicles.

You know, if we’re not going to treat these attacks as military in nature, which we should, the least we should do is take action against China for violation of international trade agreements, not to mention international law. For all the ‘fraidy cat, nervous Nellies who are so scared of engaging China in a trade war, what do you call these constant corporate espionage cyberattacks?

/China is not our friend

Filed under: Blog Entry | Tagged: Advanced, Advanced Materials, Advantage, Aimed, Attack, Businesses, Chemical, Chemical Companies, Chemical Industry, Chemical Industry Targets, Chinese, Chinese Hackers, Code-Named, Collecting, Companies, Competitive, Competitive Advantage, Computer, Computer Systems, Cyber-Attack, Design, Design Documents, Documents, Firm, Formulas, Hackers, Industry, Intellectual Property, Manufacturing, Manufacturing Processes, Materials, Military, Military Vehicles, Military-Related, Military-Related Companies, Nitro, Penetrate, Penetratet, Primarily, Primarily Used, Processes, Reported, Security, Security Firm, Steal, Summer, Summer Cyber Attack, Symantec, Systems, Target, Targets, Used, Vehicles | Leave a comment »

Hacking The High Ground

Posted on October 26, 2011 by Killian Bundy

Not content to merely cyberattack our civilian and military computer systems every second of every day, the Chinese have now taken their hacking attacks to a whole new, higher level.

Chinese Military Suspected in Hacker Attacks on U.S. Satellites

Computer hackers, possibly from the Chinese military, interfered with two U.S. government satellites four times in 2007 and 2008 through a ground station in Norway, according to a congressional commission.

The intrusions on the satellites, used for earth climate and terrain observation, underscore the potential danger posed by hackers, according to excerpts from the final draft of the annual report by the U.S.-China Economic and Security Review Commission. The report is scheduled to be released next month.

“Such interference poses numerous potential threats, particularly if achieved against satellites with more sensitive functions,” according to the draft. “Access to a satellite‘s controls could allow an attacker to damage or destroy the satellite. An attacker could also deny or degrade as well as forge or otherwise manipulate the satellite’s transmission.”

Given their ongoing and constant obsession with conducting cyberwarfare, it’s hardly surprising that the Chinese would be interested in attacking satellites. After all, in the event of hostilities, taking out the enemy’s satellites would effectively render them “blind”. The U.S. military is particularly dependent on satellite technology for communication and navigation, so it would only be logical for the Chinese, either by hacking or with kinetic strikes, to attempt to neutralize our satellite network and with it our technological advantage. The question is, what are we doing to counter this extremely obvious and serious threat?

/does anyone still remember how to navigate using a map and compass?

Filed under: Blog Entry | Tagged: Access, According, Achieved, Allow, Annual, Annual Report, Attack, Attacker, Attacks, China, Chinese, Chinese Military, Civilian, Climate, Commission, Computer, Computer Hackers, Computer Systems, Congressional, Congressional Commission, Controls, Cyberattack, Cyberattacks, Damage, Danger, Degrade, Deny, Destroy, Draft, Earth, Earth Climate Observation, Excerpts, Final, Final Draft, Forge, Functions, Ground Station, Hack, Hacker, Hacker Attacks, Hacking, Interfered, Interference, Intrusions, Manipulate, Military, Next Month, Norway, Numerous, Observation, Particularly, Posed, Poses, Potential, Potential Danger, Potential Threats, Released, Report, Satellites, Scheduled, Sensitive, Sensitive Functions, Suspected, Systems, Terrain, Terrain Observation, Threats, Transmission, U.S., U.S. Government, U.S. Government Satellites, U.S. Satellites, U.S.-China Economic And Security Review Commission, Underscore, United States | Leave a comment »

Beyond Stuxnet

Posted on October 19, 2011 by Killian Bundy

Looks like someone, and I’m guessing it’s not the Anonymous script kiddies, is getting ready to open a serious can of cyberwarfare whoop ass on someone.

W32.Duqu: The Precursor to the Next Stuxnet

On October 14, 2011, a research lab with strong international connections alerted us to a sample that appeared to be very similar to Stuxnet. They named the threat “Duqu” [dyü-kyü] because it creates files with the file name prefix “~DQ”. The research lab provided us with samples recovered from computer systems located in Europe, as well as a detailed report with their initial findings, including analysis comparing the threat to Stuxnet, which we were able to confirm. Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose.

Duqu is essentially the precursor to a future Stuxnet-like attack. The threat was written by the same authors (or those that have access to the Stuxnet source code) and appears to have been created since the last Stuxnet file was recovered. Duqu’s purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility.

Duqu does not contain any code related to industrial control systems and is primarily a remote access Trojan (RAT). The threat does not self-replicate. Our telemetry shows the threat was highly targeted toward a limited number of organizations for their specific assets. However, it’s possible that other attacks are being conducted against other organizations in a similar manner with currently undetected variants.

A couple of conclusions come to mind. First, the fact that Duqu is based on Stuxnet and the Stuxnet source code has never been released makes it a sure bet that the authors are one in the same, namely Israel and/or the United States, Second, the fact that Duqu is clandestinely collecting information from European manufacturers of industrial control system software, specifically software that controls nuclear facilities, strongly suggests that the eventual primary target of the apparent pending cyberattack will, once again, be Iran’s nuclear program.

/in other words, Duqu is setting up a cyberassault that will hopefully finish, once and for all, the job that Stuxnet so effectively started, halting Iran’s quest for a nuclear weapon in its tracks without having to bomb the [expletive deleted] out of their nuclear facilities

Filed under: Blog Entry | Tagged: Access, Alerted, Analysis, Anonymous, Appeared, Appears, Assets, Attack, Attackers, Authors, Code, Comparing, Completely, Completely Different Purpose, Computer, Computer Systems, Conduct, Conducted, Confirm, Connections, Control, Created, Currently, Currently Undetected, Cyberwarfare, Data, Design, Design Documents, Detailed, Detailed Report, Different, Documents, DQ, Duqu, Entities, Europe, Facility, File, File Name Prefix, Files, Findings, Future Attack, Gather, Highly, Highly Targeted, Identical, Industrial, Industrial Control Facility, Industrial Control System, Industrial Control System Manufacturers, Information, Initial, Initial Findings, Intelligence, Intelligence Data, International, International Connections, Lab, Limited, Limited Number, Located, Looking f, Manner, Manufacturers, Nearly, Nearly Identical, Number, Organizations, Parts, Possible, Precursor, Prefix, Primarily, Purpose, Rat, Recovered, Remote, Remote Access, Remote Access Trojan, Report, Research, Research Lab, Same, Same Authors, Sample, SCADA, Script Kiddies, Self-Replicate, Similar, Similar Manner, Source, Source Code, Specific, Specific Assets, Strong, Strong International Connections, Stuxnet, Stuxnet File, Stuxnet Source Code, Stuxnet-Like Attack, Supervisory Control And Data Acquisition, Systems, Targeted, Telemetry, Third Party, Threat, Trojan, Undetected, Variants, Very Similar, W32.Duqu, Whoop Ass, Written | 2 Comments »

Good Luck With That Guy Fawkes

Posted on October 4, 2011 by Killian Bundy

You really want to piss off important, rich and powerful people and call down the almighty wrath of God upon yourself? [Expletive deleted] with their money. This is so much bull[expletive deleted]. The New York Stock Exchange is one of the most hardened, redundant,and secure computer systems on Earth, Anonymous doesn’t have a chance in Hell of crippling it or shutting it down. Anonymous does, however, have a 100% chance of attracting a massive law enforcement investigative effort. Be sure to lock Mom’s basement door script kiddies and don’t forget to ask to see the warrant when the FBI comes knocking, if they knock.

Hacker Group Anonymous Threatens to Attack Stock Exchange

The FBI is investigating threats purportedly from the hacking collective that calls itself Anonymous to bring down the New York Stock Exchange on Monday by hacking into its computer system.

Members of the notorious hacker group appear to be threatening to bring the Occupy Wall Street protests in New York to a dangerous new level, sounding a call to “declare war on the New York Stock Exchange” on Monday by “erasing” it from the Internet.

“The FBI is aware of these schemes and threats and is looking into the matter,” FBI spokesman Tim Flannelly told FoxNews.com.

The hackers say they plan to launch a DDoS (or distributed denial of service) attack on the NYSE’s computer systems — the same type of computer attack that brought down numerous websites last Spring, making them inaccessible.

With a threat this serious, the FBI is likely to get some help in hunting down these Anonymous douche nozzles, namely the full spectrum of U.S. “national technical means”. If Anonymous actually tries to attack the NYSE, using anything that requires electricity, they’ll quickly find out that they’re not so anonymous.

/hey scumbags, you’re in over your heads here, remember what happened to your mascot Guy Fawkes?

Filed under: Blog Entry | Tagged: Anonymous, Appear, Attack, Aware, Bring, Brought Down, Call, Collective, Computer, Computer Attack, Computer System, Computer Systems, Dangerous, Dangerous New Level, DDOS, Declare War, Distributed Denial Of Service, Distributed Denial Of Service Attack, Erasing, FBI, FBI Spokesman, Federal Bureau of Investigation, FoxNews.Com, Guy Fawkes, Hacker, Hacker Group, Hackers, Hacking, Hacking Collective, Hardened, Inaccessible, Internet, Investigating, Investigative Effort, Launch, Law Enforcement, Level, Looking Into, Making, Matter, Members, National Technical Means, New, New York, New York Stock Exchange, Notorious, Numerous, NYSE, Occupy, Occupy Wall Street Protests, Purportedly, Redundant, Schemes, Script Kiddies, Secure, Sounding, Stock Exchange, System, Systems, Threatening, Threatens, Threats, Tim Flannelly, Wall Street, Websites | Leave a comment »

They Got Fooled Again

Posted on April 25, 2011 by Killian Bundy

Much like the United States, Iran seems to have a real problem protecting its computer networks. Someone seems to be obsessed with sabotaging their nuclear program. I wonder who that might be?

Second computer virus infiltrates Iran’s computer systems

Iran has discovered a second computer virus designed to damage government computer systems.

The discovery of the virus, called Stars, was announced Monday by a senior Iranian official, Gholam-Reza Jalali, head of an Iranian cyberdefense agency, according to reports.

Jalali said in a statement that the damage from the virus, which looks like a regular government computer file, has been minimal and that Iranian scientists are currently studying the virus.

The virus was aimed at nuclear facilities, according to the Washington Post, and seems to suggest “a broader campaign by foreign saboteurs to undermine Iran’s atomic energy program.”

Well, I certainly hope the Stars virus attack on Iran’s nuclear program isn’t a hoax and does as much damage as the Stuxnet worm, which was apparently wildly more effective than Iran is admitting to.

/you’ll note that Iran still hasn’t managed to power up the Bushehr reactor, which is as good a yardstick as any that their nuclear program has been ground to a halt

Filed under: Blog Entry | Tagged: Aimed, Announced, Atomic Energy Program, Broader Campaign, Computer File, Computer Networks, Computer Systems, Computer Virus, Damage, Designed, Discovered, Foreign, Foreign Saboteurs, Gholam-Reza Jalali, Government, Government Computer File, Government Computer Systems, Iran, Iran Nuclear Program, Iran’s Atomic Energy Program, Iranian cyberdefense Agency, Iranian Nuclear Program, Iranian Official, Iranian Scientists, Nuclear Facilities, Regular Government Computer File, Reports, Sabotage, Saboteurs, Scientists, Senior Iranian Official, Stars, Stars Virus, Statement, Studying, Stuxnet, Stuxnet Worm, Undermine, United States, Virus | Leave a comment »

Eat It Or Wear It

Archives

Duqu Shoots, It Scores!

Hacking The High Ground

Beyond Stuxnet

Good Luck With That Guy Fawkes

They Got Fooled Again

Recent Posts

Blogroll

Donate

Fantasy Football

Finance

News

Weather

Blog Stats