A Preview Of Coming Attractions

So much for Homeland Security. From Russia, without love, hitting us where it really hurts.

Foreign hackers targeted U.S. water plant in apparent malicious cyber attack, expert says

Foreign hackers caused a pump at an Illinois water plant to fail last week, according to a preliminary state report. Experts said the cyber-attack, if confirmed, would be the first known to have damaged one of the systems that supply Americans with water, electricity and other essentials of modern life.

Companies and government agencies that rely on the Internet have for years been routine targets of hackers, but most incidents have resulted from attempts to steal information or interrupt the functioning of Web sites. The incident in Springfield, Ill., would mark a departure because it apparently caused physical destruction.

See also:
Was U.S. water utility hacked last week?
Foreign cyber attack hits US infrastructure: expert
Illinois Water Utility Pump Destroyed After Hack
H(ackers)2O: Attack on City Water Station Destroys Pump
Cyberattack investigation centers on Curran-Gardner water pump
Feds investigating whether Illinois “pump failure” was cyber attack
Broken water pump in Illinois caused by cyber-attack from Russia, claims expert, but DOH denies terrorism
Cyberattack on Illinois water utility may confirm Stuxnet warnings
Water utility hackers destroy pump, expert says
UPDATE 3-U.S. probes cyber attack on water system

The SCADA vulnerabilities to a remote attack have been known for years. The solution is real simple, DON’T CONNECT YOUR CRITICAL INFRASTRUCTURE TO THE INTERNET!

/how hard is that, is it going to take a disaster for us to learn this basic lesson?

Advertisements

Aid And Comfort To The Enemy

Let’s see, China launches cyberattacks and conducts internet espionage against the United States 24/7/365 and our U.S. Department of Homeland Security is warning China about their vulnerabilities? WTF?

China’s Infrastructure Vulnerable to Cyber Attack

Software widely used in China to help run weapons systems, utilities and chemical plants has bugs that hackers could exploit to damage public infrastructure, according to the Department of Homeland Security.

The department issued an advisory on Thursday warning of vulnerabilities in software applications from Beijing-based Sunway ForceControl Technology Co that hackers could exploit to launch attacks on critical infrastructure.

See also:
SCADA Vulnerabilities Patched in Two Industrial Control Software from China
Chinese Weapon Systems Vulnerable To SCADA Hack
US warns China software risk to public infrastructure
US Warns of Problems in Chinese SCADA Software
Software bugs discovered in Chinese-made applications
China’s weapons systems have exploitable software bugs
Department Of Homeland Security Cites China Vulnerability
Exclusive: China software bug makes infrastructure vulnerable
US reveals Stuxnet-style vuln in Chinese SCADA ‘ware
Critical vulnerability in industrial control software

China is not our friend, why are we feeding the hand that bites us? Why aren’t we keeping these discovered Chinese vulnerabilities to ourselves in case we might actually need to use them in the event of escalated hostilities with China?

/and just when did the DHS become the CDHS, Chinese Department of Homeland Security, protecting the homeland of a hostile country?

Life, Liberty, And The Pursuit Of Free Internet Porn

Are you kidding me, internet access is a basic human right? Of course, as long as you have a basic human right to internet access, it follows that you also have a basic human right to a computer, modem, internet service, and hey, you’re going to need a place to plug in and the electricity to make it all work. Can’t afford all that? No problem, it’s a basic human right, demand it all free from your government and, if they can’t or won’t provide it, drag them before the U.N. Human Rights Council for human rights violations!

UN report: Internet access is a basic human right

Access to the Internet, especially during times of political unrest, is a basic human right, says a report released by the United Nations today.

“Facilitating access to the Internet for all individuals, with as little restriction to online content as possible, should be a priority for all States,” says the report, published on May 16 by Frank La Rue, a “special rapporteur” for the UN’s Human Rights Council.

. . .

The report urges states to avoid or amend any laws that “permit users to be disconnected from Internet access.”

. . .

The UN report defines Internet access to include both free information flow as well as access to infrastructure, “such as cables, modems, computers and software, to access the Internet in the first place.”

Read the report:

Report of the Special Rapporteur on the
promotion and protection of the right to freedom
of opinion and expression, Frank La Rue

See also:
Internet should remain as open as possible – UN expert on freedom of expression
United Nations report: Internet access is a human right
UN Declares Internet Access As A Human Right
UN Report: Internet access a human right
United Nations Declares Internet Access a Basic Human Right
United Nations Claims Internet Blackouts Violate Human Rights
UN: Disconnecting File-Sharers Breaches Human Rights
Filesharing laws ‘breach human rights’
United Nations High Commissioner for Human Rights (OHCHR)

And make no mistake, when the report mentions “with as little restriction to online content as possible’, that’s a direct shot at copyright holders and any governmental efforts to protect copyright or otherwise filter internet content. You see, no matter how prurient, vile, subversive, inflammatory, inaccurate, untruthful, or proprietary it is, information and intellectual property just want to be free! It’s a basic human right, damn it!

/so remember boys and girls, if you don’t have access to free internet porn, demand it, along with all the equipment and infrastructure needed to enjoy yourself, it’s your basic human right!

When Do We Attack China?

This is a pretty bold threat, seeing as how the United States’ government, infrastructure, corporations, and individuals are being seriously cyberattacked ever second of every day.

Cyber Combat: Act of War

The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force.

The Pentagon’s first formal cyber strategy, unclassified portions of which are expected to become public next month, represents an early attempt to grapple with a changing world in which a hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country’s military.

In part, the Pentagon intends its plan as a warning to potential adversaries of the consequences of attacking the U.S. in this way. “If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” said a military official.

See also:
Pentagon warns that cyber-attacks will be seen as ‘acts of war’
US Pentagon to treat cyber-attacks as ‘acts of war’
‘Cyber attacks are an act of war’: Pentagon to announce new rules of engagement against state sponsored hackers
US could respond to cyber-attack with conventional weapons
U.S. Government Says Cyber Attacks May Be Acts of War
Pentagon: Computer hacking can constitute an act of war
U.S. will treat cyber-attacks as act of war
Get Your Cyber War On
Acts of War in the Computer Age
The cyber arms race
Matt Gurney: U.S. military says a cyber attack means war. But with who?
The Pentagon Is Confused About How to Fight a Cyber War

So, with all the thousands of state sponsored cyberattacks unfolding 24/7/365, who are we going to attack first, China, Russia? There’s plenty of the usual suspects probing the United States’ cyberdefenses constantly, it’s hard to choose just one culprit. And what if we get the source of a cyberattack wrong? The exact origin of most of these exploits is extremely difficult to pin down. What if we mistakenly launch a missile strike on China for hacking damage that was actually caused by the Russian Mafia, how cool would that be? Probably not very cool at all.

/and, of course, when we announce a brinkmanship policy like this, and then immediately fail to back up our words with deeds, it become much more than just a joke, it manifests a profound, telltale show of national weakness

How Do You “Invest” When You’re Broke?

Hey Obama, what part of “we don’t have any money” don’t you understand?

CBO: Federal deficit to hit $1.5T this year

Last month’s bipartisan tax cuts and spending deal has deepened the federal deficit dramatically this year, putting the government on track for a nearly $1.5 trillion shortfall — the largest in history — the Congressional Budget Office said Wednesday.

The sobering check on the country’s finances was announced a day after President Obama‘s address to Congress and underscored the country’s tenuous fiscal standing, which could doom many of Mr. Obama‘s initiatives to boost government spending on education, roads and other infrastructure.

The CBO did say the economy appears to be improving, albeit slowly, from a deep recession that drove the unemployment rate to more than 10 percent. The rate is still above 9 percent, despite efforts by Mr. Obama and Congress to pump money into the economy.

“It’s been a slow recovery by the standards of our past. The labor market in particular has been coming back slowly; income has been coming back slowly,” said CBO Director Douglas Elmendorf.

Social Security Will Post Shortfall This Year, CBO Says

Social Security will post a $45 billion shortfall in fiscal 2011 and will pay out more in benefits than it accepts in payroll taxes through at least 2021 without legislative changes, the Congressional Budget office said on Wednesday.

See also:
The Budget and Economic Outlook: Fiscal Years 2011 to 2021
CBO projects record-high $1.5 trillion budget deficit this year
As deficits, debt soar, Obama, Congress fail to confront them
Deficit Outlook Darkens
CBO forecast: frightening fodder for both parties
It’s official: The debt is ballooning. Now can we think clearly?
Social Security to Run Deficits for Foreseeable Future, CBO Says
Social Security fund now seen to be empty by 2037
Social Security to Operate in the Red for the Next 10+ Years: CBO
Social Security to run permanent deficits, says CBO
CBO: Social Security Will Run Permanent Deficits
A Roadmap for America’s Future

I swear, Is Paul Ryan the only adult in Washington? When are these moron politicians going pay attention, grow some spines, and start taking this fiscal crisis seriously. Every day that goes by, we dig ourselves deeper into the national debt hole and it becomes ever so much more difficult and painful to try and climb out of our self inflicted, bottomless deficit pit.

/we’d better just forget about pie in the sky choo choo trains and go straight to the required austerity budget measures

Cyberwar Fail

Okay, so it was pretend, could have been more realistic, and adding the natural disasters was a bit much, but today’s Cyber ShockWave proved a point, the United States is not ready to defend herself against an organized, large scale cyber-attack. The Chinese, Russians, and a myriad of other state and criminal entities probe our cyber-defenses 24 hours a day, seven days a week, looking for weaknesses. If one or more of these actors decided to launch a coordinated, sustained cyber-assault, we could be brought down to our economic knees in a crippling world of infrastructure cyberhurt.

Report: The Cyber ShockWave and its aftermath

When it comes to the protection of the nation’s infrastructure, the government is lacking in several areas. While they have the ability to act offensively, if they know who the enemy is, the trick is to collect enough information and retaliate without violating domestic and foreign policy and law. The Tech Herald was in Washington D.C. on Tuesday to witness Cyber ShockWave. Here’s what we walked away with.

What happened?

Cyber ShockWave started with a vulnerability in the operating systems used by various Smartphones. Thanks to a malicious application, celebrating the NCAA’s March Madness, Spyware was loaded onto Smartphones that included a keylogger and data intercept component. The application was then used to funnel millions of dollars to banks overseas. From there, the data and money snatching application morphs, and the malicious application turns the infected devices into bots and adds them to a telecommunications botnet.

The bots start to download videos showing The Red Army. The downloads and resulting spread of the video result flood the data networks of the major carriers, and slow them to a crawl before crippling them altogether. After that, the Malware on the Smartphones starts to replicate, thanks to sync programs linking information from the phone to a computer. Now that the computers are infected, the ISPs face the same issue the telecoms faced. In the end, both communications systems are crippled.

If this wasn’t enough, weather patterns resulting in a heat wave and hurricanes stress the electrical system. This is where things go south, on a major scale. A hurricane wrecks the petroleum refining and natural gas processing centers, and a stressed electrical grid is hurt more by Improvised Explosive Devices (IEDs) and what is assumed to be a Malware attack on the Secure Trade power trading platform.

Both incidents are deemed critical, and the former top US officials debated how to respond for most of the event. The problem is that by the end of the debates, during both sessions, there were no real answers.

Behold the confusion that is Cyber ShockWave

Can we nationalize the U.S. power system? Should the National Guard be called out? The FBI reports that they have traced the services used in the March Madness application to Russia, is retaliation called for? Two IEDs were detonated in two different power facilities, is it terrorism? According to a GNN (the news source for media information during the event), there was a cyber component to the electrical outage, later assumed to be related to patches on the Secure Trade software. Was this the work of an insider? These were the topics of note, and the confusion only led to more questions and few answers.

The downside to the ShockWave, as it were, is that there were just too many levels of attack at the same time. The Cyber ShockWave exercise was to create a possible attack scenario, but not one that is total chaos. However, by adding the botnet side to the telecom attack, adding in natural disasters as well as potential terrorism on and offline, they added too much to the “Perfect Storm” that they kept referring to it as.

The malicious application causing harm to telecom and ISP networks is one scenario that is highly likely, as more and more applications make it to market and more and more people switch to Smartphones. The odds of this happening at the same time that the power grid is attacked, and a hurricane kills off oil and gas production, is simply too high to compute.

The point of it all

The main point to take away from Cyber ShockWave, at least how we see it, is that there needs to be a solid level of cooperation inside the government first, and then after that, between the government and private sector. There is no “I” in team, and when it comes to protecting the assets within the backbone of the Internet, both private and government entities have a lot to look after.

One interesting point came up when debating the Russian server, the one the FBI said was linked to the telecom attacks. Why doesn’t the government simply shut it down? The reason is that doing so could be considered an act of war. No one knows, because there is no policy or precedence of such an action.

The mirror side to this would be the question, what if the Russian server was a jumping point to a server in the U.S.? If so, can we shut it down then? What would be the reasoning? While killing a server in a foreign country could be perceived as an act of aggression, doing so on our own soil could be a violation of various laws, unless a state of emergency is ordered. Once that happens, according to the panel, the President has a good deal of leeway.

There are few limits to what the government can do in response to a threat to national security. What limits that exist are those enforced by policy and U.S. law. What this means is that while there were several ideas passed around, many of them are without precedence, so they couldn’t be acted on.

For example there was a patch for the Smartphones, one that would fix the Malware issue. Yet, only 50-percent of consumers applied it. To prevent further attacks to the telecommunications system, you can ask the people to stop using phones, or simply force them to stop using them by turning them off. If the issue was forced, and the government did something to turn the phones off, then there would be serious consequences to deal with later.

In the end, the Bipartisan Policy Center, who put Cyber ShockWave together, had hoped that the gaps existing within the law and government policy related to cybercrime and cyberattacks would be exposed. The got their wish, as gaps in both areas were exposed. But when it comes to balance between the private and government sectors and security, it takes more than policy to make it work.

It would have added a ton of weight to the exercise if there was some sort of consultation with energy companies or telecom representatives. They were absent during the mock attacks, and their absence was felt when you consider that by the time the President was “briefed”, there was no solid plan of action as to how to deal with and recover from the incidents.

There were some smart and skilled people on the panel. Yet, the scripting made the panel come off as clueless when it came to the reach, intelligence, and overall skill of foreign attackers. The current cyber capacities of the various international terrorist groups were left completely off the table.

Overall, the Cyber ShockWave was more media hype than actual intelligence and insight. We had hoped to see some of the political heavyweights on the panel act with their full capacity and experience, but they either couldn’t or opted not to. If anything, the federal employees who attended learned that managing IT in the public world, and dealing with threats there, is nothing like attempting the same feat within the federal government.

See also:
U.S. Isn’t Prepared for Massive Cyber Attack, Ex-Officials Say
War game reveals U.S. lacks cyber-crisis skills
In a doomsday cyber attack scenario, answers are unsettling
Washington Group Tests Security in ‘Cyber ShockWave’
US networks and power grid under (mock) cyber-attack
Cyberattack simulation highlights vulnerabilities
Former officials war-game cyberattack
Former Government Officials Gather to Rehearse Cyberwar
Former top U.S. officials hold cyberattack exercise
Cyber ShockWave cripples computers nationwide (sorta)
Cyber Shockwave : Cyber-Attack to Test Government Response
Is The U.S. Ready For A Cyberwar?
25 ways to better secure software from cyber attacks
It’s Your Cyberspace Too, So Take Care Of It
Bipartisan Policy Center

/remember, this was only a test, had this been an actual emergency we would have been seriously [expletive deleted]

The Cyberwar Rages 24/7

Corporations’ cyber security under widespread attack, survey finds

Around the world, corporations’ computer networks and control systems are under “repeated cyberattack, often from high-level adversaries like foreign nation-states,” according to a new global survey of information technology executives.

The attacks include run-of-the-mill viruses and other “malware” that routinely strike corporate defenses, but also actions by “high-level” adversaries such as “organized crime, terrorists, or nation states,” a first-time global survey by the Center for Strategic and International Studies (CSIS) in Washington has found. More than half of the 600 IT managers surveyed, who operate critical infrastructure in 14 countries, reported that their systems have been hit by such “high-level” attacks, the survey concludes.

A large majority, 59 percent, said they believed that foreign governments or their affiliates had already been involved in such attacks or in efforts to infiltrate important infrastructure – such as refineries, electric utilities, and banks – in their countries.

Such attacks, the survey said, include sophisticated denial-of-service attacks, in which an attacker tries to so overwhelm a corporate network with requests that the network grinds to a halt.

But they also include efforts to infiltrate a company. Fifty-four percent of the IT executives said their companies’ networks had been targets of stealth attacks in which infiltration was the intent. In two-thirds of those cases, the IT managers surveyed said company operations had been harmed.

The IT managers also believed that these “stealthy” attacks were conducted by “nation states” targeting their proprietary data, says the survey’s main author, CSIS fellow Stewart Baker, in a phone interview. Mr. Baker is a cybersecurity expert formerly with the Department of Homeland Security and National Security Agency.

“It’s all the same kind of stuff – spear-phishing, malware, taking over the network and downloading-whatever-you-want kind of attack,” he says. “Over half of these executives believe they’ve been attacked with the kind of sophistication you’d expect from a nation state.”

The CSIS report describes such attacks as “stealthy infiltration” of a company’s networks by “a high-level adversary” akin to a “GhostNet,” or large spy ring featuring “individualized malware attacks that enabled hackers to infiltrate, control and download large amounts of data from computer networks.” The GhostNet attacks, which Canadian researchers attributed to Chinese state-run agencies, bear similarities to recent attacks on Google and other high-tech companies, Baker says. Google attributed attacks on it to entities in China.

Read the report:
In the Crossfire: Critical Infrastructure in the Age of Cyber War

See also:
In the Crossfire: Critical Infrastructure in the Age of Cyber War
Report: Critical Infrastructures Under Constant Cyberattack Globally
Utilities, Refineries and Banks Are Victims of Cyber Attacks, Report Says
Critical Infrastructure under Siege from Cyber Attacks
Critical Infrastructure Vulnerable To Attack
Critical Infrastructure Security a Mixed Bag, Report Finds
Report shows cyberattacks rampant; execs concerned
Key infrastructure often cyberattack target: survey
Critical infrastructure execs fear China
SCADA system, critical infrastructure security lacking, survey finds

Ironically, the more dependent we become on interconnected network technology, the more vulnerable we become too.

/so keep your fingers crossed and your computers patched against hacking and intrusion, at least you can do your part to avoid being part of the problem