A Preview Of Coming Attractions

So much for Homeland Security. From Russia, without love, hitting us where it really hurts.

Foreign hackers targeted U.S. water plant in apparent malicious cyber attack, expert says

Foreign hackers caused a pump at an Illinois water plant to fail last week, according to a preliminary state report. Experts said the cyber-attack, if confirmed, would be the first known to have damaged one of the systems that supply Americans with water, electricity and other essentials of modern life.

Companies and government agencies that rely on the Internet have for years been routine targets of hackers, but most incidents have resulted from attempts to steal information or interrupt the functioning of Web sites. The incident in Springfield, Ill., would mark a departure because it apparently caused physical destruction.

See also:
Was U.S. water utility hacked last week?
Foreign cyber attack hits US infrastructure: expert
Illinois Water Utility Pump Destroyed After Hack
H(ackers)2O: Attack on City Water Station Destroys Pump
Cyberattack investigation centers on Curran-Gardner water pump
Feds investigating whether Illinois “pump failure” was cyber attack
Broken water pump in Illinois caused by cyber-attack from Russia, claims expert, but DOH denies terrorism
Cyberattack on Illinois water utility may confirm Stuxnet warnings
Water utility hackers destroy pump, expert says
UPDATE 3-U.S. probes cyber attack on water system

The SCADA vulnerabilities to a remote attack have been known for years. The solution is real simple, DON’T CONNECT YOUR CRITICAL INFRASTRUCTURE TO THE INTERNET!

/how hard is that, is it going to take a disaster for us to learn this basic lesson?

There Is No Humor In Islam

The Religion of Murder and Mayhem strikes again, proving once again that Islam is incompatible with Western civilization.

Firebomb hits French satire magazine

The offices of Charlie Hebdo, a satirical weekly French magazine, have been burnt down in a firebomb attack on the same day that it published a special edition entitled “Charia [Sharia] Hebdo” with the Prophet Muhammad depicted as editor-in-chief.

The paper’s website was also brought down by hackers in what staff believe was retaliation for the publication, which “celebrated” the victory of an Islamist political party in the recent Tunisian elections and the promise from Libya’s interim leader that Sharia law would be the principal source of legislation in the country. The magazine’s front page carried a large picture of the prophet, which is forbidden in Islam, with the caption: “100 lashes if you are not dying of laughter”.

See also:
French satirical paper firebombed after publishing Mohammed cartoon
French Satirical Magazine Office Fire Bombed Ahead of ‘Muhammad Edition’
Newspaper firebombed after Arab Spring satire
French magazine bombed for caricature of Islamic prophet Muhammad
Firebomb Torches French Weekly
Satirical weekly offices attacked
French Newspaper Firebombed After Satire Involving Prophet Muhammad
Fire hits French satirical paper Charlie Hebdo after it publishes cartoons of the prophet Muhammad
Muhammad cartoon sparks attack on French magazine Charlie Hebdo – video
Jidhadists celebrate attack on French satirical paper
Satirical website remains offline after death threats
French satire is no match for militant Islam
Chris Selley: First, they came for the bad satirists…
Satire And The Prophet: Supporting French Magazine’s Right To Spoof Mohammed
French paper reprints Mohammad cartoon after fire-bomb

Free speech is a basic tenet of a free society and satire is a subset of free speech, including the right to satirize religion. Of course, there is no freedom of speech in Islam, under Sharia law, which would be fine if they kept to themselves and Muslims, driven by the basic mandates of their religion, weren’t continuously attempting to conquer and impose their beliefs and values on, often by violent means, the infidels of Western civilization.

/so, until Muslims, as a society, collectively decide to leave the 7th century, reform their religion, and catch up with the 21st century, Islam and Western civilization will never mix, because us infidels refuse to time travel backward in terms of freedom and world history

Caught Stealing . . . Again

I thought cyberattacks were supposed to considered acts of war, how long are we going to just keep bending over for this threat to national security behavior?

Chinese Hackers Target Chemical Companies

Chinese hackers tried to penetrate the computer systems of 48 chemical and military-related companies in a late summer cyber attack to steal design documents, formulas and manufacturing processes, a security firm reported Tuesday.

The attack ran from late July to mid-September and appeared to be aimed at collecting intellectual property for competitive advantage, reported Symantec, which code-named the attack Nitro, because of the chemical industry targets. Hackers went after 29 chemical companies and 19 other businesses that made advanced materials primarily used in military vehicles.

See also:
The Nitro Attacks
Stealing Secrets from the Chemical Industry

Nitro Attack: Points of interest
“Nitro” spear-phishers attacked chemical and defense company R&D
‘Nitro’ Cyber-Spying Campaign Stole Data From Chemical, Defense Companies
‘Nitro’ Hackers Rifle Through Chemical Companies’ Secret Data
Report: Chinese hackers launched summer offensive on US chemical industry
‘Nitro’ Hackers Reportedly Attack Dozens of Companies in Chemical, Defense Industries
Chemicals and defence firms targeted by hacking attack
Dozens of chemical firms hit in espionage hack attack
“Nitro” attacks target 29 firms in chemical sector
‘Nitro’ hackers use stock malware to steal chemical, defense secrets
‘Nitro’ Hackers Steal Chemical Company Secrets
Nitro Malware Targeted Chemical Companies
Cyber attacks on chemical companies traced to China
Cyber Attacks on Chemical Firms Traced to Chinese Computers
Symantec uncovers cyber espionage of chemical, defense firms

You know, if we’re not going to treat these attacks as military in nature, which we should, the least we should do is take action against China for violation of international trade agreements, not to mention international law. For all the ‘fraidy cat, nervous Nellies who are so scared of engaging China in a trade war, what do you call these constant corporate espionage cyberattacks?

/China is not our friend

Good Luck With That Guy Fawkes

You really want to piss off important, rich and powerful people and call down the almighty wrath of God upon yourself? [Expletive deleted] with their money. This is so much bull[expletive deleted]. The New York Stock Exchange is one of the most hardened, redundant,and secure computer systems on Earth, Anonymous doesn’t have a chance in Hell of crippling it or shutting it down. Anonymous does, however, have a 100% chance of attracting a massive law enforcement investigative effort. Be sure to lock Mom’s basement door script kiddies and don’t forget to ask to see the warrant when the FBI comes knocking, if they knock.

Hacker Group Anonymous Threatens to Attack Stock Exchange

The FBI is investigating threats purportedly from the hacking collective that calls itself Anonymous to bring down the New York Stock Exchange on Monday by hacking into its computer system.

Members of the notorious hacker group appear to be threatening to bring the Occupy Wall Street protests in New York to a dangerous new level, sounding a call to “declare war on the New York Stock Exchange” on Monday by “erasing” it from the Internet.

“The FBI is aware of these schemes and threats and is looking into the matter,” FBI spokesman Tim Flannelly told FoxNews.com.

The hackers say they plan to launch a DDoS (or distributed denial of service) attack on the NYSE’s computer systems — the same type of computer attack that brought down numerous websites last Spring, making them inaccessible.

See also:
Anonymous Vows to Attack NYSE in Support of Wall Street Protests
Anonymous Threatens New York Stock Exchange Attack
Anonymous Hack Attack on NYSE: Will They or Won’t They?
Anonymous Vows to Attack NYSE
Anonymous Vows to Attack NYSE in Support of Wall Street Protests
A Tree Falls In The Forest: Anonymous Threatens To “Erase” NYSE From Internet
Is NYSE Vulnerable to Cyber Attack? Anonymous Might Just Try
Anonymous Group Pledges Digital Raid on NYSE Next Week
Anonymous Threatens to ‘Erase NYSE from the Internet’
Anonymous to (Maybe) Attack NYSE on Monday, Unconfirmed
‘Anonymous threat’ plot to undermine Wall Street protest?
Anonymous declares war on Wall Street? (Updates)
‘Invade Wall Street’: Occupy Wall Street’s Evil (And Probably Fake) Twin

With a threat this serious, the FBI is likely to get some help in hunting down these Anonymous douche nozzles, namely the full spectrum of U.S. “national technical means”. If Anonymous actually tries to attack the NYSE, using anything that requires electricity, they’ll quickly find out that they’re not so anonymous.

/hey scumbags, you’re in over your heads here, remember what happened to your mascot Guy Fawkes?

Can You Hack It?

Calling all hackers, do you pack what it takes?

NSA is looking for a few good hackers

The National Security Agency has a challenge for hackers who think they’re hot stuff: Prove it by working on the “hardest problems on Earth.”

Computer hacker skills are in great demand in the U.S. government to fight the cyberwars that pose a growing national security threat — and they are in short supply.

For that reason an alphabet soup of federal agencies — DOD, DHS, NASA, NSA — are descending on Las Vegas this week for Defcon, an annual hacker convention where the $150 entrance fee is cash only — no registration, no credit cards, no names taken. Attendance is expected to top 10,000.

The NSA is among the keen suitors. The spy agency plays offense and defense in the cyberwars. It conducts electronic eavesdropping on adversaries, and it protects U.S. computer networks that hold super-secret material — a prime target for America’s enemies.

See also:
NSA Wants to Hire Hackers at DefCon
US gov’t building hacker army for cyber war
U.S. government hankers for hackers
U.S. Federal Agencies Look to Hire Hackers at Defcon; Cyber Criminals Offer Services to the Public
US government agencies scouting for computer hackers: report
Federal Agencies to Recruit Hackers at Defcon
R u h4X0R? n33d @ jo8? NSA wants you (locked up in a cubicle, not a cell)
The NSA Wants More Hackers for Their ‘Collection of Geeks’
Welcome to the National Security Agency – NSA/CSS
National Security Agency
Defcon
DEF CON

Would you rather work for them or be hunted down by them? If you’re good enough, it probably pays pretty well and beats sitting in a prison cell.

/don’t forget to bring your white hat

Aid And Comfort To The Enemy

Let’s see, China launches cyberattacks and conducts internet espionage against the United States 24/7/365 and our U.S. Department of Homeland Security is warning China about their vulnerabilities? WTF?

China’s Infrastructure Vulnerable to Cyber Attack

Software widely used in China to help run weapons systems, utilities and chemical plants has bugs that hackers could exploit to damage public infrastructure, according to the Department of Homeland Security.

The department issued an advisory on Thursday warning of vulnerabilities in software applications from Beijing-based Sunway ForceControl Technology Co that hackers could exploit to launch attacks on critical infrastructure.

See also:
SCADA Vulnerabilities Patched in Two Industrial Control Software from China
Chinese Weapon Systems Vulnerable To SCADA Hack
US warns China software risk to public infrastructure
US Warns of Problems in Chinese SCADA Software
Software bugs discovered in Chinese-made applications
China’s weapons systems have exploitable software bugs
Department Of Homeland Security Cites China Vulnerability
Exclusive: China software bug makes infrastructure vulnerable
US reveals Stuxnet-style vuln in Chinese SCADA ‘ware
Critical vulnerability in industrial control software

China is not our friend, why are we feeding the hand that bites us? Why aren’t we keeping these discovered Chinese vulnerabilities to ourselves in case we might actually need to use them in the event of escalated hostilities with China?

/and just when did the DHS become the CDHS, Chinese Department of Homeland Security, protecting the homeland of a hostile country?

Hackers With A Death Wish

It’s probably not a good idea to taunt the folks who tracked down Osama bin Laden and specialize in covert, extrajudicial killings.

CIA Web site hacked; group LulzSec takes credit

The hacker group LulzSec claimed credit Wednesday for taking down the CIA’s Web site for a couple of hours, the latest in a string of embarrassing Web site disruptions the group has pulled off — apparently more to poke fun and highlight vulnerabilities than to cause real damage.

At 5:48 p.m., LulzSec, which dubs itself “the world’s leaders in high-quality entertainment at your expense,” posted an alert on Twitter: “Tango down — cia.gov — for the lulz.”

The site was back up by 8 p.m.

See also:
Hacker Group Goes After CIA SiteLulzSec’s CIA hack just one of many high-profile hackings
LulzSec Speeds Up Cyber Attacks, Now Claims CIA Website Hack
Hackers say they hit CIA website
Hackers Claim CIA Website Breach
Hackers breach into CIA website
LulzSec claims responsibility for CIA.gov outage
Hackers claim hit on CIA website
Group claims to have hacked CIA website
Senate website, CIA.gov reportedly hacked. LulzSec claims responsibility. [Updated]
Lulzsec Claims Responsibility For Hacking CIA And Senate Websites
CIA website hacked; group claims ‘credit’
Central Intelligence Agency

Apparently, LulzSec stages these attacks for giggles, laughs, and bragging rights, which is all fun and games until they bite off more than they can chew by hitting an entity with unlimited resources and more hacking talent than they have, and then suddenly it won’t be so funny anymore. Maybe LulzSec already has and they just don’t know it yet.

/as Jim Croce warned, you don’t tug on Superman’s cape, you don’t spit into the wind . . .

Operation Cupcake

Too funny, the British go about fighting terrorism with attempted humor.

MI6 attacks al-Qaeda in ‘Operation Cupcake’

The cyber-warfare operation was launched by MI6 and GCHQ in an attempt to disrupt efforts by al-Qaeda in the Arabian Peninsular to recruit “lone-wolf” terrorists with a new English-language magazine, the Daily Telegraph understands.

When followers tried to download the 67-page colour magazine, instead of instructions about how to “Make a bomb in the Kitchen of your Mom” by “The AQ Chef” they were greeted with garbled computer code.

The code, which had been inserted into the original magazine by the British intelligence hackers, was actually a web page of recipes for “The Best Cupcakes in America” published by the Ellen DeGeneres chat show.

See also:
British intelligence used cupcake recipes to ruin al-Qaida websiteMI6 hacks Qaida site, swaps bomb info with cake recipes
MI6 swapped pipe-bomb guide for cupcake recipes
MI6 scores al Qaeda hit, with cupcakes
British MI6 replace bomb website with cupcake recipe
MI6 hacks al-Qaeda website, leaves garbled recipe for cupcakes
UK spies cooked up problem for al Qaeda: media
Cupcake shop enlisted in war on terror?
MI6 Hackers Replaced Bombs with Cakes
Make Pastries, Not Bombs
SIS (MI6)
Secret Intelligence Service
GCHQ – Government Communications Headquarters
Government Communications Headquarters

Of course, it would have been better if the cupcake recipes hadn’t been garbled but, nonetheless, well played!

/and hey, as long as MI6 has rooted themselves this deep into al Qaeda servers, why not a massive Hello Kitty campaign?

Have We Attacked China Yet?

No sooner was it publicly revealed that the United States would now treat damaging cyberattacks by other nations as an act of war, threatening retaliation with conventional weapons, the new, bold, some say foolish, policy, was immediately put to the test.

China Google hackers’ goal: Spying on U.S. Govt.

It’s the second time Google has blamed a major computer hacking scheme on China, reports CBS News correspondent Wyatt Andrews.

This time Google says unknown hackers from Jinan, China, a city with a military command center, stole the personal Gmail passwords of hundreds of senior U.S .government officials.

Google said the hackers’ “goal” was to eavesdrop on the officials — “to monitor the content of the users’ emails.”

That suggestion — of spying — rang alarm bells in the Administration.

“These allegations are very serious,” said Secretary of State Hillary Clinton. “We take them seriously. We’re looking into them.”

See also:
Clinton: Google’s China Hacking Claims ‘Very Serious’
Hillary Clinton says FBI will probe Gmail hacker attack
US Investigating Google Claim of China Hacking
FBI Investigating Google Claim that China Hacked Them
Google breach gives way to diplomatic, high-tech tensions
China Denies Accessing High Profile Gmail Accounts
Google’s groundless accuses hurt global trust on Internet
The Google-China Saga Continues
Admin: Gmail phishers stalked victims for months
Gmail Hack Targeted White House
Cyber war: Google, China in fresh spat over email hacking
Google, what exactly is the China connection for the phishing scare?
Is Google an agent of the US Government? It certainly gives that impression

So far, the U.S. has uncovered a successful espionage phishing expedition, against top level U.S. Government officials, tracked back to a specific Chinese city. Why aren’t we bombing China, isn’t this a perfect situation to show how our new military policy will treat hacking intrusions like this as acts of war? Unfortunately for us, China denies the attack and, as I pointed out yesterday, it’s extremely difficult to be absolutely sure as to the origins of cyberattacks like this, so we do nothing and our brand new policy looks foolish and radiates national weakness.

/instead of making toothless threats to send missile strikes in response to hack attacks, why don’t we just send the Chinese back a nice Stuxnet worm or take down Baidu with a complimentary DoS attack

Oops, They Did It Again!

Despite having nearly an entire month to get their act together, Sony’s apparently still wearing their security pants down around their ankles.

Sony Hacked Yet Again

Hard as it may be to believe, Sony has been hacked yet again.

According to a report in the Wall Street Journal, So-net Entertainment Corp., a Japanese ISP owned by the technology giant, said that hackers accessed its customer rewards site earlier this week and stole customers’ redeemable gift points worth about $1,225.

The incident is the latest in a weeks-long string of hacks and breaches of security for Sony. The trouble began on April 19, when the company began investigating and ultimately discovered a massive breach of security on its PlayStation Network, a cyberscandal that compromised the personal information of more than 100 million users.

See also:
Sony’s Security Nightmare Not Over, Hacked Again
Fresh security glitch adds to Sony’s woes
Sony hit again with two hacks
Sony hacked twice in one day, this time $1225 was stolen from accounts in Japan
Sony subsidiary So-net reports data breach
Yep, Looks Like Sony’s Been Hacked Again
Sony Faces Another Hack Attack
Sony hacked again
Sony Hacked Again, Server Hosting Credit Card Phishing Site
Do You Own A Sony HackStation?

And if all this hacking wasn’t bad enough . . .

Sony Can’t Guarantee PlayStation Network Security

Sony CEO Howard Stringer says he cannot guarantee the security of his company’s videogame network. . . . maintaining security is a “never-ending process,” and he cannot say that anyone is “100 percent secure.”

/not exactly confidence inspiring, I’ll be taking a pass on Sony products for the foreseeable future