Welcome, Guest. Please login or register.
Did you miss your activation email?
July 30, 2014, 10:24:53 pm
HomePredMockPollEVCalcAFEWIKIHelpLogin Register
News: Atlas Hardware Upgrade complete October 13, 2013.

+  Atlas Forum
|-+  General Politics
| |-+  Political Debate (Moderator: Beet)
| | |-+  Govts and cyber attacks
« previous next »
Pages: [1] Print
Author Topic: Govts and cyber attacks  (Read 896 times)
dead0man
YaBB God
*****
Posts: 21609
United States


Political Matrix
E: 6.84, S: -4.52

View Profile
« on: September 23, 2010, 03:33:48 am »
Ignore

Some of you may have heard of Stuxnet.  Most of us probably haven't.
Quote
Stuxnet is a computer worm first discovered in 2010. It is notable because it was written to attack SCADA systems which are used to control and monitor industrial processes. Stuxnet not only is capable of spying on the system but also includes the capability to reprogram the programmable logic controllers (PLCs) and hide the changes.
<snip>
The complexity of the software is very unusual for malware. The attack requires knowledge of industrial processes and an interest in attacking industrial infrastructure. The number of used zero-day Windows exploits is also unusual. Stuxnet is half a megabyte in size and written in different programming languages (including C and C++) which is also irregular for malware.

Analysis of the Stuxnet worm suggests its target might have been Iran's nuclear program.
Another link
Most of the 45,000 infected computer systems are in Iran, Pakistan, India and Indonesia.  And from the second link:
Quote
"The implications of Stuxnet are very large, a lot larger than some thought at first," says Mr. Assante, who until recently was security chief for the North American Electric Reliability Corp. "Stuxnet is a directed attack. It's the type of threat we've been worried about for a long time. It means we have to move more quickly with our defenses – much more quickly."

Has Stuxnet already hit its target?It might be too late for Stuxnet's target, Langner says. He suggests it has already been hit – and destroyed or heavily damaged. But Stuxnet reveals no overt clues within its code to what it is after.

A geographical distribution of computers hit by Stuxnet, which Microsoft produced in July, found Iran to be the apparent epicenter of the Stuxnet infections. That suggests that any enemy of Iran with advanced cyber war capability might be involved, Langner says. The US is acknowledged to have that ability, and Israel is also reported to have a formidable offensive cyber-war-fighting capability.

Could Stuxnet's target be Iran's Bushehr nuclear power plant, a facility much of the world condemns as a nuclear weapons threat?

Langner is quick to note that his views on Stuxnet's target is speculation based on suggestive threads he has seen in the media. Still, he suspects that the Bushehr plant may already have been wrecked by Stuxnet. Bushehr's expected startup in late August has been delayed, he notes, for unknown reasons. (One Iranian official blamed the delay on hot weather.)

<snip>

"This will all eventually come out and Stuxnet's target will be known," Langner says. "If Bushehr wasn't the target and it starts up in a few months, well, I was wrong. But somewhere out there, Stuxnet has found its target. We can be fairly certain of that."

Good news?  Bad news?  Scary news?
Logged

Quote from:   Martha Gellhorn for The Atlantic 1961
The unique misfortune of the Palestinian refugees is that they are a weapon in what seems to be a permanent war...today, in the Middle East, you get a repeated sinking sensation about the Palestinian refugees: they are only a beginning, not an end. Their function is to hang around and be constantly useful as a goad. The ultimate aim is not such humane small potatoes as repatriating refugees.
dead0man
YaBB God
*****
Posts: 21609
United States


Political Matrix
E: 6.84, S: -4.52

View Profile
« Reply #1 on: September 26, 2010, 04:55:32 am »
Ignore

Iran acknowledges it's been hit by it.link
Quote
Iran's nuclear agency is trying to combat a complex computer worm that has affected industrial sites throughout the country and is capable of taking over power plants, Iranian media reports said.

Experts from the Atomic Energy Organization of Iran met this week to discuss how to remove the malicious computer code, or worm, the semi-official ISNA news agency reported Friday.

<snip>

The ISNA report said the malware had spread throughout Iran, but did not name specific sites affected. Foreign media reports have speculated the worm was aimed at disrupting Iran's first nuclear power plant, which is to go online in October in the southern port city of Bushehr.

Iranian newspapers have reported on the computer worm hitting industries around the country in recent weeks, without giving details. Friday's report also did not mention Bushehr.

<snip>

While there have been no reports of damage or disruption at any Iranian nuclear facilities, Tuesday's meeting signaled a high level of concern about the worm among Iran's nuclear officials.

The destructive Stuxnet worm has surprised experts because it is the first one specifically created to take over industrial control systems, rather than just steal or manipulate data.

The United States is also tracking the worm, and the Department of Homeland Security is building specialized teams that can respond quickly to cyber emergencies at industrial facilities across the country.
I know this isn't as important as the goings on of BushOK or making fun of the moronic 9-11 conspiritards, but I was hoping for a little discussion here.
Logged

Quote from:   Martha Gellhorn for The Atlantic 1961
The unique misfortune of the Palestinian refugees is that they are a weapon in what seems to be a permanent war...today, in the Middle East, you get a repeated sinking sensation about the Palestinian refugees: they are only a beginning, not an end. Their function is to hang around and be constantly useful as a goad. The ultimate aim is not such humane small potatoes as repatriating refugees.
IDS Judicial Overlord John Dibble
John Dibble
YaBB God
*****
Posts: 18788
Japan


View Profile
« Reply #2 on: September 26, 2010, 08:47:20 am »
Ignore

Inevitable news. Nations have been spying on and trying to sabotage rival nations for a long, long time. With so much infrastructure coming to rely on computers and the internet, it was only inevitable that such things would enter that realm.
Logged

dead0man
YaBB God
*****
Posts: 21609
United States


Political Matrix
E: 6.84, S: -4.52

View Profile
« Reply #3 on: September 29, 2010, 11:29:48 pm »
Ignore

This story keeps getting better.  link (even if I seem to be the only person that cares)
Quote
Tehran this week secretly appealed to a number of computer security experts in West and East Europe with offers of handsome fees for consultations on ways to exorcize the Stuxnet worm spreading havoc through the computer networks and administrative software of its most important industrial complexes and military command centers. debkafile's intelligence and Iranian sources report Iran turned for outside help after local computer experts failed to remove the destructive virus.
None of the foreign experts has so far come forward because Tehran refuses to provide precise information on the sensitive centers and systems under attack and give the visiting specialists the locations where they would need to work. They were not told whether they would be called on to work outside Tehran or given access to affected sites to study how they function and how the malworm managed to disable them. Iran also refuses to give out data on the changes its engineers have made to imported SCADA (Supervisory Control and Data Acquisition) systems, mostly from Germany.
The impression debkafile sources gained Wednesday, Sept. 29 from talking to European computer experts approached for aid was that the Iranians are getting desperate. Not only have their own attempts to defeat the invading worm failed, but they made matters worse: The malworm became more aggressive and returned to the attack on parts of the systems damaged in the initial attack.

<snip>

As it is, the Iranian officials who turned outside for help were described by another of the experts they approached as alarmed and frustrated. It has dawned on them that the trouble cannot be waved away overnight but is around for the long haul. Finding a credible specialist with the magic code for ridding them of the cyber enemy could take several months. After their own attempts to defeat Stuxnet backfired, all the Iranians can do now is to sit back and hope for the best, helpless to predict the worm's next target and which other of their strategic industries will go down or be robbed of its secrets next.

While Tehran has given out several conflicting figures on the systems and networks struck by the malworm - 30,000 to 45,000 industrial units - debkafile's sources cite security experts as putting the figure much higher, in the region of millions. If this is true, then this cyber weapon attack on Iran would be the greatest ever.
Sure, just blowing it up would have made for a better discussion and given the anti-Se.....errrr, anti-Zionists and the anti-West more hay play with, but really, this way is a 1000 times cooler.
Logged

Quote from:   Martha Gellhorn for The Atlantic 1961
The unique misfortune of the Palestinian refugees is that they are a weapon in what seems to be a permanent war...today, in the Middle East, you get a repeated sinking sensation about the Palestinian refugees: they are only a beginning, not an end. Their function is to hang around and be constantly useful as a goad. The ultimate aim is not such humane small potatoes as repatriating refugees.
Swing low, sweet chariot. Comin' for to carry me home.
jmfcst
YaBB God
*****
Posts: 18306
United States


View Profile
« Reply #4 on: October 05, 2010, 09:00:40 pm »
Ignore

This story keeps getting better.  link (even if I seem to be the only person that cares)

few on this forum know what is really going on in the world.
Logged

Do not fight with one another over my banning.  I've enjoyed the time I have spent with all of you, but the time really has come for me to leave.  It is what I want.

http://www.youtube.com/watch?v=z9Y_GLT4_9I

I looked over Jordan, and what did I see?
Coming for to carry me home,
A band of angels coming after me,
Coming for to carry me home.

Swing low, sweet chariot,
Coming for to carry me home.
dead0man
YaBB God
*****
Posts: 21609
United States


Political Matrix
E: 6.84, S: -4.52

View Profile
« Reply #5 on: May 30, 2012, 01:54:35 am »
Ignore

link
Quote
Russian security firm Kaspersky Labs told the BBC they believed the malware, known as Flame, had been operating since August 2010.

The company said it believed the attack was state-sponsored, but could not be sure of its exact origins.

They described Flame as "one of the most complex threats ever discovered".

<snip>

This new threat appears not to cause physical damage, but to collect huge amounts of sensitive information, said Kaspersky's chief malware expert Vitaly Kamluk.

"Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on," he said.

More than 600 specific targets were hit, Mr Kamluk said, ranging from individuals, businesses, academic institutions and government systems.

Iran's National Computer Emergency Response Team posted a security alert stating that it believed Flame was responsible for "recent incidents of mass data loss" in the country.

The malware code itself is 20MB in size - making it some 20 times larger than the Stuxnet virus. The researchers said it could take several years to analyse.

<snip>

He explained: "Currently there are three known classes of players who develop malware and spyware: hacktivists, cybercriminals and nation states.

"Flame is not designed to steal money from bank accounts. It is also different from rather simple hack tools and malware used by the hacktivists. So by excluding cybercriminals and hacktivists, we come to conclusion that it most likely belongs to the third group."

Among the countries affected by the attack are Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.

"The geography of the targets and also the complexity of the threat leaves no doubt about it being a nation-state that sponsored the research that went into it," Mr Kamluk said.

The malware is capable of recording audio via a microphone, before compressing it and sending it back to the attacker.

<snip>

He explained that unlike Stuxnet, which was designed with one specific task in mind, Flame was much more sophisticated.

"Whereas Stuxnet just had one purpose in life, Flame is a toolkit, so they can go after just about everything they can get their hands on."

Once the initial Flame malware has infected a machine, additional modules can be added to perform specific tasks - almost in the same manner as adding apps to a smartphone.
Logged

Quote from:   Martha Gellhorn for The Atlantic 1961
The unique misfortune of the Palestinian refugees is that they are a weapon in what seems to be a permanent war...today, in the Middle East, you get a repeated sinking sensation about the Palestinian refugees: they are only a beginning, not an end. Their function is to hang around and be constantly useful as a goad. The ultimate aim is not such humane small potatoes as repatriating refugees.
shua
YaBB God
*****
Posts: 11185
Russian Federation


View Profile WWW
« Reply #6 on: May 30, 2012, 02:41:37 pm »
Ignore

I wonder who would be interested in screwing with Iran, and those Arab countries and Israel.  Is this military data or is it mainly civilian?
Logged

SJoyce of Harrenhal
sjoycefla
YaBB God
*****
Posts: 8790
United States


View Profile
« Reply #7 on: May 30, 2012, 03:02:50 pm »
Ignore

I wonder who would be interested in screwing with Iran, and those Arab countries and Israel.  Is this military data or is it mainly civilian?

According to Kapersky, "we only found traces of good English used inside the code", so probably not an English-speaking nation. If I had to guess, I'd say Israel.
Logged

shua
YaBB God
*****
Posts: 11185
Russian Federation


View Profile WWW
« Reply #8 on: May 30, 2012, 05:05:19 pm »
Ignore

I wonder who would be interested in screwing with Iran, and those Arab countries and Israel.  Is this military data or is it mainly civilian?

According to Kapersky, "we only found traces of good English used inside the code", so probably not an English-speaking nation. If I had to guess, I'd say Israel.
But isn't Israel one of the targets? 
Logged

SJoyce of Harrenhal
sjoycefla
YaBB God
*****
Posts: 8790
United States


View Profile
« Reply #9 on: May 30, 2012, 05:37:20 pm »
Ignore

I wonder who would be interested in screwing with Iran, and those Arab countries and Israel.  Is this military data or is it mainly civilian?

According to Kapersky, "we only found traces of good English used inside the code", so probably not an English-speaking nation. If I had to guess, I'd say Israel.
But isn't Israel one of the targets? 

Yes, but look at what it does... It gets into sensitive Israeli computer systems and sends classified Israeli government data to the Israeli government, and with a few computers infected, they can say it's not them.
Logged

dead0man
YaBB God
*****
Posts: 21609
United States


Political Matrix
E: 6.84, S: -4.52

View Profile
« Reply #10 on: May 30, 2012, 08:10:49 pm »
Ignore

So...huh....using that same logic, why couldn't it be Iran or one of those Arab countries doing the same thing?
Logged

Quote from:   Martha Gellhorn for The Atlantic 1961
The unique misfortune of the Palestinian refugees is that they are a weapon in what seems to be a permanent war...today, in the Middle East, you get a repeated sinking sensation about the Palestinian refugees: they are only a beginning, not an end. Their function is to hang around and be constantly useful as a goad. The ultimate aim is not such humane small potatoes as repatriating refugees.
SJoyce of Harrenhal
sjoycefla
YaBB God
*****
Posts: 8790
United States


View Profile
« Reply #11 on: May 30, 2012, 08:20:17 pm »
Ignore

So...huh....using that same logic, why couldn't it be Iran or one of those Arab countries doing the same thing?

Because most likely an Iran, Syria, or Sudan does not have the capability to make a virus this complex. It'd take a nation with sufficiently advanced technology and will to do such, such as Israel, the US, or a major European power (think France, Germany, or the UK). Iran really doesn't have that level of technological advancement, nor does any of the Arab countries (except the Saudis).
Logged

dead0man
YaBB God
*****
Posts: 21609
United States


Political Matrix
E: 6.84, S: -4.52

View Profile
« Reply #12 on: May 31, 2012, 06:24:11 am »
Ignore

Trojan targets Iranian and Syrian dissidents via proxy tool
Quote
<snip>

"This Trojan has been specifically crafted to target people attempting to evade government censorship," he added.

<snip>

A follow-up post by Sophos noted that although the data was being sent to what appeared to be a Saudi Arabian registered entity, some of the servers being used were in the United States.

Sophos stressed that the discovery did not mean that the attack had been instigated by parties in the US, as anyone could have rented the server space.

<snip>

The news comes as investigators probe a malware attack - dubbed Flame - found to have infected computers in Iran and other parts of the Middle East, which is thought to have been designed to steal sensitive data.

However, Sophos suggested that the the Simurgh Trojan was likely to have compromised more computers.

"Unlike Flame, which is highly targeted malware that has only been found on a handful of computers globally, this malware is targeting users for whom having their communications compromised could result in imprisonment or worse," wrote Chester Wisniewski, senior security advisor at Sophos, on his company's blog.

"Many thousands depend on the legitimate Simurgh service, which makes it likely that far more people have been impacted by this malware."
Logged

Quote from:   Martha Gellhorn for The Atlantic 1961
The unique misfortune of the Palestinian refugees is that they are a weapon in what seems to be a permanent war...today, in the Middle East, you get a repeated sinking sensation about the Palestinian refugees: they are only a beginning, not an end. Their function is to hang around and be constantly useful as a goad. The ultimate aim is not such humane small potatoes as repatriating refugees.
dead0man
YaBB God
*****
Posts: 21609
United States


Political Matrix
E: 6.84, S: -4.52

View Profile
« Reply #13 on: June 02, 2012, 05:25:08 am »
Ignore

NY Times confirms what we suspected.  link
Quote
From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.

Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.

<snip>

Told it was unclear how much the Iranians knew about the code, and offered evidence that it was still causing havoc, Mr. Obama decided that the cyberattacks should proceed. In the following weeks, the Natanz plant was hit by a newer version of the computer worm, and then another after that. The last of that series of attacks, a few weeks after Stuxnet was detected around the world, temporarily took out nearly 1,000 of the 5,000 centrifuges Iran had spinning at the time to purify uranium.

This account of the American and Israeli effort to undermine the Iranian nuclear program is based on interviews over the past 18 months with current and former American, European and Israeli officials involved in the program, as well as a range of outside experts. None would allow their names to be used because the effort remains highly classified, and parts of it continue to this day.

These officials gave differing assessments of how successful the sabotage program was in slowing Iran’s progress toward developing the ability to build nuclear weapons. Internal Obama administration estimates say the effort was set back by 18 months to two years, but some experts inside and outside the government are more skeptical, noting that Iran’s enrichment levels have steadily recovered, giving the country enough fuel today for five or more weapons, with additional enrichment.

<snip>

It appears to be the first time the United States has repeatedly used cyberweapons to cripple another country’s infrastructure, achieving, with computer code, what until then could be accomplished only by bombing a country or sending in agents to plant explosives. The code itself is 50 times as big as the typical computer worm, Carey Nachenberg, a vice president of Symantec, one of the many groups that have dissected the code, said at a symposium at Stanford University in April. Those forensic investigations into the inner workings of the code, while picking apart how it worked, came to no conclusions about who was responsible.

A similar process is now under way to figure out the origins of another cyberweapon called Flame that was recently discovered to have attacked the computers of Iranian officials, sweeping up information from those machines. But the computer code appears to be at least five years old, and American officials say that it was not part of Olympic Games. They have declined to say whether the United States was responsible for the Flame attack.

<snip>
Much more at link.
Logged

Quote from:   Martha Gellhorn for The Atlantic 1961
The unique misfortune of the Palestinian refugees is that they are a weapon in what seems to be a permanent war...today, in the Middle East, you get a repeated sinking sensation about the Palestinian refugees: they are only a beginning, not an end. Their function is to hang around and be constantly useful as a goad. The ultimate aim is not such humane small potatoes as repatriating refugees.
Pages: [1] Print 
« previous next »
Jump to:  


Login with username, password and session length

Logout

Powered by SMF 1.1.19 | SMF © 2013, Simple Machines