A Preview Of Coming Attractions

So much for Homeland Security. From Russia, without love, hitting us where it really hurts.

Foreign hackers targeted U.S. water plant in apparent malicious cyber attack, expert says

Foreign hackers caused a pump at an Illinois water plant to fail last week, according to a preliminary state report. Experts said the cyber-attack, if confirmed, would be the first known to have damaged one of the systems that supply Americans with water, electricity and other essentials of modern life.

Companies and government agencies that rely on the Internet have for years been routine targets of hackers, but most incidents have resulted from attempts to steal information or interrupt the functioning of Web sites. The incident in Springfield, Ill., would mark a departure because it apparently caused physical destruction.

See also:
Was U.S. water utility hacked last week?
Foreign cyber attack hits US infrastructure: expert
Illinois Water Utility Pump Destroyed After Hack
H(ackers)2O: Attack on City Water Station Destroys Pump
Cyberattack investigation centers on Curran-Gardner water pump
Feds investigating whether Illinois “pump failure” was cyber attack
Broken water pump in Illinois caused by cyber-attack from Russia, claims expert, but DOH denies terrorism
Cyberattack on Illinois water utility may confirm Stuxnet warnings
Water utility hackers destroy pump, expert says
UPDATE 3-U.S. probes cyber attack on water system

The SCADA vulnerabilities to a remote attack have been known for years. The solution is real simple, DON’T CONNECT YOUR CRITICAL INFRASTRUCTURE TO THE INTERNET!

/how hard is that, is it going to take a disaster for us to learn this basic lesson?

Advertisements

Don’t Get Caught In The Crossfire

The Duqu virus is squarely aimed at Iran’s nuclear program. Unless you’re connected with Iran’s nuclear program, your chances of being directly targeted are extremely low. However, Microsoft was freaked out enough to issue a security bulletin for Windows users. So, better safe than sorry, protect yourself against the possibility of becoming collateral damage in an epic, upcoming attack.

Microsoft issues Duqu virus workaround for Windows

Microsoft has issued a temporary fix to the pernicious Duqu virus — also known as “Son of Stuxnet” — which could affect users of Windows XP, Vista, Windows 7 as well as Windows Server 2008.

The company promised the security update earlier this week as it races to deal with the virus, which targets victims via email with a Microsoft Word attachment. The virus is not in the email, but in the attachment itself. A Symantec researcher said if a user opens the Word document, the attacker could take control of the PC, and nose around in an organization’s network to look for data, and the virus could propagate itself.

See also:
Microsoft Security Advisory (2639658)
Microsoft software bug linked to ‘Duqu’ virus
Microsoft Provides Workaround Patch for Duqu Malware
Microsoft announces workaround for the Duqu exploit
Microsoft Issues Temporary Duqu Workaround, Plans 4 Patch Tuesday Fixes
Six Ways to Protect Yourself from Duqu
Microsoft Airs Temporary Fix to Defeat Duqu Worm
Microsoft Releases Temporary Plug For Duqu
Duqu exploits same Windows font engine patched last month, Microsoft confirms
5 Things To Do To Defend Against Duqu
Microsoft issues temporary ‘fix-it’ for Duqu zero-day
Patch Tuesday: Fix for ‘Duqu’ zero-day not likely this month

Is it just me or doesn’t it seem a bit more than odd that Microsoft, a company with close ties to and a past history of working with U.S. intelligence agencies, would publicly issue a workaround to defend against a specific piece of malware that, by many accounts, is being actively and currently used by U.S. intelligence agencies to set up and facilitate an upcoming attack, in cyberspace or otherwise, against Iran’s nuclear program? I mean, it’s not like the Iranians can’t read English, why help them defend against Duqu? Hmmm, something’s not quite right here.

/whatever’s going on, and something is going on, it’s way above my pay grade, but when the endgame comes, don’t forget to duck

Hacking The High Ground

Not content to merely cyberattack our civilian and military computer systems every second of every day, the Chinese have now taken their hacking attacks to a whole new, higher level.

Chinese Military Suspected in Hacker Attacks on U.S. Satellites

Computer hackers, possibly from the Chinese military, interfered with two U.S. government satellites four times in 2007 and 2008 through a ground station in Norway, according to a congressional commission.

The intrusions on the satellites, used for earth climate and terrain observation, underscore the potential danger posed by hackers, according to excerpts from the final draft of the annual report by the U.S.-China Economic and Security Review Commission. The report is scheduled to be released next month.

“Such interference poses numerous potential threats, particularly if achieved against satellites with more sensitive functions,” according to the draft. “Access to a satellite‘s controls could allow an attacker to damage or destroy the satellite. An attacker could also deny or degrade as well as forge or otherwise manipulate the satellite’s transmission.”

See also:
Hackers Interfered With Two U.S. Satellites, Draft Report Says
Hackers Interfered With 2 US Government Satellites
Hackers reportedly behind U.S. government satellite disruptions
Hackers Targeted U.S. Government Satellites
Chinese military may have hacked US satellites
China may have hacked US satellites
Hackers Targeted U.S. Government Satellites
U.S. satellites tampered by hackers
Hackers interfered with two U.S. satellites, report says
Chinese hackers suspected of interfering with US satellites
New hacker target: Government satellites
Chinese hackers may have attacked U.S. satellites
China suspect in US satellite interference: report
US reportedly attacked by Chinese hackers linked with the military
US Satellites hacked by Chinese Military says Congressional Commission

Given their ongoing and constant obsession with conducting cyberwarfare, it’s hardly surprising that the Chinese would be interested in attacking satellites. After all, in the event of hostilities, taking out the enemy’s satellites would effectively render them “blind”. The U.S. military is particularly dependent on satellite technology for communication and navigation, so it would only be logical for the Chinese, either by hacking or with kinetic strikes, to attempt to neutralize our satellite network and with it our technological advantage. The question is, what are we doing to counter this extremely obvious and serious threat?

/does anyone still remember how to navigate using a map and compass?

When Chinese RATs Attack

Oh, hey, look what China did, again. Isn’t this supposed to be an act of war now?

Massive Global Cyberattack Targeting U.S., U.N. Discovered; Experts Blame China

The world’s most extensive case of cyber-espionage, including attacks on U.S. government and U.N. computers, was revealed Wednesday by online security firm McAfee, and analysts are speculating that China is behind the attacks.

The spying was dubbed “Operation Shady RAT,” or “remote access tool” by McAfee — and it led to a massive loss of information that poses a huge economic threat, wrote vice president of threat research Dmitri Alperovitch.

. . .

Analysts told The Washington Post that the finger of blame for the infiltration of the 72 networks — 49 of them in the U.S. — points firmly in the direction of China.

See also:
Revealed: Operation Shady RAT
McAfee’s Operation Shady RAT exposes national cybersecurity lapses
McAfee discovers massive series of cyber attacks
Hacking Campaign Targets U.S. Government, Signs Point to China
Operation Shady RAT: five-year hack attack hit 14 countries
China Suspected Of Shady RAT Attacks
Q+A: Massive cyber attack dubbed “Operation Shady RAT”
Operation Shady RAT: A frightening web of global cyber-espionage
Operation Shady RAT smells like Chinese hacking
All cursors point to China in global hack attack that threatens nations
China accused of biggest ever global cyber spying attacks
Hackers Based in China Attack UN, Olympic Networks, Security Firms Report
Operation Shady RAT and the cyberhacking
APT Attackers Used Chinese-Authored Hacker Tool To Hide Their Tracks

Why did it take a private security company to uncover the largest case of cyberspying in world history and why aren’t we doing something about it?

/does China have to steal every last piece of sensitive and secret computer data we possess before we start taking this threat seriously?