Author Topic: Cyber-war: It is real, and it is happening right now!  (Read 372 times)

0 Members and 1 Guest are viewing this topic.

Offline muman613

  • Platinum JTF Member
  • **********
  • Posts: 29958
  • All souls praise Hashem, Hallelukah!
    • muman613 Torah Wisdom
Cyber-war: It is real, and it is happening right now!
« on: October 19, 2011, 12:57:17 AM »
The concept of cyber-war, where computer software will be utilized as weapons used to spy on, interrupt the service of, and destroy the information systems which modern society depends on, is relatively new. Until recently when a person spoke of cyberwar it usually was in terms of science fiction.

But as the computer has become more essential in the day-to-day lives of citizens of the modern world we are coming to realize that we are vulnerable to several new realities, including identity theft, piracy, and denial of service attacks. For the most part our home computers do not do many critical things except provide us with entertainment in the form of DVDs, CDs, digital radio, and internet web browsing. Most people today would consider those tasks to be essential but I know that it is possible to live without using the computer all the time {which is difficult for me because I work with them, play with them, and love computers}. Shabbat is a time when we learn that the world goes on without all these gadgets and gizmos...

There are some essential, life-critical, services which computers and networks are providing today. This includes the automated traffic light systems in most cities, the hospital and fire department dispatch systems, the national banking networks and the stock market trading, and many other examples of computers being used in life-critical applications.

Most countries which have advanced technologies just may be vulnerable to attack from foreign entities. For some time the media has reported that China and Korea are famous for attempting to hack into American government computer systems. But we now must deal with a new cyber-war opponent...

Last year there was much news about the Stuxnet 'virus' which was able to enter the Iranian nuclear science labs computers and in the end slow down Irans progress in preparing Uranium to be used in a nuclear weapon. Stuxnet allegedly was developed by Israel and American computer scientists in order to retard Irans nuclear ambitions.

Now the news is reporting that Stuxnet appears to be mutating, or there is a new strain of it, which is targeting nuclear power facilities.

This article explains it somewhat:



Quote
http://www.foxnews.com/scitech/2011/10/18/stuxnet-clone-found-possibly-preparing-power-plant-attacks/

Stuxnet Clone Found Possibly Preparing Power Plant Attacks


Read more: http://www.foxnews.com/scitech/2011/10/18/stuxnet-clone-found-possibly-preparing-power-plant-attacks/#ixzz1bCUi7K9T
Security researchers have detected a new Trojan, scarily similar to the infamous Stuxnet worm, which could disrupt computers controlling power plants, oil refineries and other critical infrastructure networks.

The Trojan, dubbed "Duqu" by the security firm Symantec, appears, based on its code, to have been written by the same authors as the Stuxnet worm, which last July was used to cripple an Iranian nuclear-fuel processing plant.

"Stuxnet source code is not out there," wrote F-Secure cybersecurity expert Mikko Hyppönen on his firm's blog. "Only the original authors have it. So, this new backdoor was created by the same party that created Stuxnet."

The original Stuxnet was specifically designed to compromise an industrial control system by manipulating the supervisory control and data acquisition (SCADA) software on which these facilities rely on for automation. Duqu may have its sights set on the same target, but it approaches from a different angle.

"Duqu shares a great deal of code with Stuxnet; however, the payload is completely different," researchers for the security firm Symantec wrote on its Security Response blog.

Instead of directly targeting the SCADA system, Duqu gathers "intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility."

"Duqu is essentially the precursor to a future Stuxnet-like attack," the researchers added.

Symantec said whoever is behind Duqu rigged the Trojan to install another information-stealing program on targeted computers that could record users' keystrokes and system information and transmit them, and other harvested data, to a command-and-control (C&C) server. The C&C server is still operational, Symantec said.

McAfee, another prominent security firm, has a different analysis of Duqu. Two of its researchers wrote on McAfee's blog that Duqu is actually highly sophisticated spyware designed to steal digital certificates, which are encrypted "keys" that websites use to verify their identities. (Stolen certificates, apparently purloined by a lone Iranian hacker, have become a big issue recently.)

Neither Symantec, McAfee nor F-Secure would speculate about who's behind Duqu, but the conventional wisdom on Stuxnet is that it was created by the intelligence services of the U.S. and Israel to knock out a uranium-refinement plant in Iran.

This new entry into the Stuxnet family comes just after the Department of Homeland Security (DHS) issued a bulletin warning that the notorious hacking group Anonymous may soon start looking to bring down or disrupt industrial control facilities. Posted yesterday (Oct. 18) to publicintelligence.net, the unclassified bulletin assesses Anonymous' ability to compromise SCADA systems that run power plants, chemical plants, oil refineries and other industrial facilities.

Government officials did not blame Anonymous for any such hacks, and the bulletin says that based on available information, Anonymous has "a limited ability to conduct attacks" on industrial control systems.
The group's agenda could change, however. The DHS document cites several recent actions, including Anonymous' cyberattack on the websites and servers of biotech seed company Monsanto, as proof that Anonymous could "develop capabilities to gain access and trespass on control system networks very quickly."



When the infrastructure of the Internet was developed 30 years ago it was not intended for the use it is getting today. While there are plans for an 'upgrade' to Internet 2.0, with a new TCP/IP stack and IPV6, it will be a while before this technology is available to the average user. I remember talk about a 'wide pipe' but the pipe seems to be clogging...

Keep your eyes open for strange activity of your computer. A co-worker of mine recently got an 'infection' on his computer which caused degradation of the network bandwidth... A real computer 'whiz' can look at the flashing lights on the network hub and tell you why those lights are flashing...

You shall make yourself the Festival of Sukkoth for seven days, when you gather in [the produce] from your threshing floor and your vat.And you shall rejoice in your Festival-you, and your son, and your daughter, and your manservant, and your maidservant, and the Levite, and the stranger, and the orphan, and the widow, who are within your cities
Duet 16:13-14