Archive

Archive for the ‘cybersecurity’ Category

Dual warhead stuxnet

December 7, 2010 Leave a comment

http://www.nytimes.com/2010/11/20/world/middleeast/20stuxnet.html?_r=1&ref=technology

German software engineer who in September was the first to report that a computer worm was apparently designed to sabotage targets in Iran said Friday that the program contained two separate “digital warheads.”… malicious program, known as Stuxnet, is designed to disable both Iranian centrifuges used to enrich uranium and steam turbines at the Bushehr nuclear power plant…link between the worm and an Iranian target was first made at an industrial systems cybersecurity conference in the Washington area on Sept. 20 by Mr. Langner…In a statement Friday on his Web site, he described two different attack modules that are designed to run on different industrial controllers made by Siemens, the German industrial equipment maker. “It appears that warhead one and warhead two were deployed in combination as an all-out cyberstrike against the Iranian nuclear program,”… Mr. Langner said, however, that he had found enough evidence within the programs to pinpoint the intended targets. He described his research process as being akin to being at a crime scene and examining a weapon but lacking a body…second code module — aimed at the nuclear power plant — was written with remarkable sophistication, he said. The worm moves from personal computers to Siemens computers that control industrial processes. It then inserts fake data, fooling the computers into thinking that the system is running normally while the sabotage of the frequency converters is taking place. “It is obvious that several years of preparation went into the design of this attack,”… concerned that computer security organizations were not adequately conveying the potential for serious industrial sabotage that Stuxnet foretells…

 

Advertisements

Stuxnet update

December 7, 2010 Leave a comment

http://www.foxnews.com/scitech/2010/11/26/secret-agent-crippled-irans-nuclear-ambitions/?test=latestnews

 

mission: Infiltrate the highly advanced, securely guarded enemy headquarters where scientists in the clutches of an evil master are secretly building a weapon that can destroy the world. Then render that weapon harmless and escape undetected…job is handled by a suave and very sophisticated secret computer worm, a jumble of code called Stuxnet, which in the last year has not only crippled Iran’s nuclear program but has caused a major rethinking of computer security around the globe….have been trying to analyze the worm since it was discovered in June by a Belarus-based company that was doing business in Iran. And what they’ve all found, says Sean McGurk, the Homeland Security Department’s acting director of national cyber security and communications integration, is a “game changer.”… onstruction of the worm was so advanced, it was “like the arrival of an F-35 into a World War I battlefield,”… have called it the first “weaponized” computer virus…Stuxnet is an incredibly advanced, undetectable computer worm that took years to construct and was designed to jump from computer to computer until it found the specific, protected control system that it aimed to destroy: Iran’s nuclear enrichment program…target was seemingly impenetrable; for security reasons, it lay several stories underground and was not connected to the World Wide Web. And that meant Stuxnet had to act as sort of a computer cruise missile: As it made its passage through a set of unconnected computers, it had to grow and adapt to security measures and other changes until it reached one that could bring it into the nuclear facility…When it ultimately found its target, it would have to secretly manipulate it until it was so compromised it ceased normal functions…after the job was done, the worm would have to destroy itself without leaving a trace…That is what we are learning happened at Iran’s nuclear facilities — both at Natanz, which houses the centrifuge arrays used for processing uranium into nuclear fuel, and, to a lesser extent, at Bushehr, Iran’s nuclear power plant…At Natanz, for almost 17 months, Stuxnet quietly worked its way into the system and targeted a specific component — the frequency converters made by the German equipment manufacturer Siemens that regulated the speed of the spinning centrifuges used to create nuclear fuel. The worm then took control of the speed at which the centrifuges spun, making them turn so fast in a quick burst that they would be damaged but not destroyed. And at the same time, the worm masked that change in speed from being discovered at the centrifuges’ control panel…At Bushehr, meanwhile, a second secret set of codes, which Langner called “digital warheads,” targeted the Russian-built power plant’s massive steam turbine…nuclear facility in Iran runs an “air gap” security system, meaning it has no connections to the Web, making it secure from outside penetration. Stuxnet was designed and sent into the area around Iran’s Natanz nuclear power plant — just how may never be known — to infect a number of computers on the assumption that someone working in the plant would take work home on a flash drive, acquire the worm and then bring it back to the plant…Once the worm was inside the plant, the next step was to get the computer system there to trust it and allow it into the system. That was accomplished because the worm contained a “digital certificate” stolen from JMicron, a large company in an industrial park in Taiwan. (When the worm was later discovered it quickly replaced the original digital certificate with another certificate, also stolen from another company, Realtek, a few doors down in the same industrial park in Taiwan.)… Once allowed entry, the worm contained four “Zero Day” elements in its first target, the Windows 7 operating system that controlled the overall operation of the plant. Zero Day elements are rare and extremely valuable vulnerabilities in a computer system that can be exploited only once. Two of the vulnerabilities were known, but the other two had never been discovered. Experts say no hacker would waste Zero Days in that manner…After penetrating the Windows 7 operating system, the code then targeted the “frequency converters” that ran the centrifuges. To do that it used specifications from the manufacturers of the converters…worm then ordered the centrifuges to rotate extremely fast, and then to slow down precipitously. This damaged the converter, the centrifuges and the bearings, and it corrupted the uranium in the tubes. It also left Iranian nuclear engineers wondering what was wrong, as computer checks showed no malfunctions in the operating system….Estimates are that this went on for more than a year, leaving the Iranian program in chaos. And as it did, the worm grew and adapted throughout the system…worms reported back to two servers that had to be run by intelligence agencies, one in Denmark and one in Malaysia. The servers monitored the worms and were shut down once the worm had infiltrated Natanz. Efforts to find those servers since then have yielded no results…“the lives of the scientists working in the facility have become a living hell because of counter-intelligence agents brought into the plant” to battle the breach. Ironically, even after its discovery, the worm has succeeded in slowing down Iran’s reputed effort to build an atomic weapon…

 

Playstations for defense

December 7, 2010 Leave a comment
  1. http://www.upi.com/Science_News/2010/11/30/US-builds-supercomputer-with-game-units/UPI-81941291147058/

 

U.S. Air Force used 1,760 Sony Playstation 3 video game consoles to create a supercomputer at about a tenth the normal cost for such a setup…Named the Condor Cluster and to be unveiled Wednesday, it’s the fastest interactive computer the Defense Department has…Researchers under the command of Wright Patterson Air Force Base near Dayton, Ohio, harnessed the computing power of off-the-shelf PlayStation 3 consoles linked to more traditional graphical processing computer components…Condor Cluster can be used to solve image-matching problems and assist in surveillance situations, using radar enhancement and pattern recognition capabilities…total cost of $2 million is about 10 to 20 times cheaper than what a tradition supercomputer system would cost…

 

Fingerprinting the digital world

December 7, 2010 Leave a comment

http://online.wsj.com/article/SB10001424052748704679204575646704100959546.html?mod=WSJ_hp_LEFTTopStories

 

David Norris wants to collect the digital equivalent of fingerprints from every computer, cellphone and TV set-top box in the world…Norris’s start-up company, BlueCava Inc., has identified 200 million devices…Advertisers no longer want to just buy ads. They want to buy access to specific people. So, Mr. Norris is building a “credit bureau for devices” in which every computer or cellphone will have a “reputation” based on its user’s online behavior, shopping habits and demographics. He plans to sell this information to advertisers willing to pay top dollar for granular data about people’s interests and activities…Each has a different clock setting, different fonts, different software and many other characteristics that make it unique.  Every time a typical computer goes online, it broadcasts hundreds of such details as a calling card to other computers it communicates with. Tracking companies can use this data to uniquely identify computers, cellphones and other devices, and then build profiles of the people who use them…Tracking companies are now embracing fingerprinting partly because it is much tougher to block than other common tools used to monitor people online, such as browser “cookies,” tiny text files on a computer that can be deleted…Federal Trade Commission is expected to release a privacy report calling for a “do-not-track” tool for Web browsers…Deep packet inspection, a potentially intrusive method for peering closely into the digital traffic that moves between people’s computers and the broader Internet, is being tested in the U.S. and Brazil as a future means to deliver targeted advertising…Akamai Technologies Inc., an Internet-infrastructure giant that says it delivers 15% to 30% of all Web traffic, is marketing a technique to track people’s online movements in more detail than traditional tools easily can…There’s not yet a way for people to delete fingerprints that have been collected. In short, fingerprinting is largely invisible, tough to fend off and semi-permanent….typical computer broadcasts hundreds of details about itself when a Web browser connects to the Internet. Companies tracking people online can use those details to ‘fingerprint’ browsers and follow their users…Device fingerprinting is legal. U.S. Rep. Bobby Rush (D.,Ill.), proposed legislation in July that would require companies that use persistent identifiers, such as device fingerprints, to let people opt out of being tracked online…companies are racing to meet the $23 billion U.S. online-ad industry’s appetite for detailed consumer behavior…Another anti-fraud company, iovation Inc. of Portland, Ore., says it is exploring the use of device profiles to help websites customize their content….BlueCava says it doesn’t collect personal information such as people’s names. Its privacy policy says it gathers “just boring stuff that most people couldn’t care less about.”… using fingerprinting to track devices is “fair game” because websites automatically get the data anyway…41st Parameter found it could generate a fingerprint about 89% of the time. By comparison, Steel House was able to use cookies for tracking on only about 78% of visits, because some people blocked or deleted cookies…Our intent is that it can completely replace the use of cookies…Computers need to broadcast details about their configuration in order to interact smoothly with websites and with other computers. For example, computers announce which specific Web browsers they use, along with their screen resolution, to help websites display correctly….There are hundreds of parameters. “We call them the ‘toys on the table,'”…first customers was Palo Alto, Calif.-based IMVU Inc., which operates an online game where 55 million registered players can build virtual identities and chat in 3-D. It wanted to combat fraudsters who were setting up multiple accounts to buy virtual clothing and trinkets with stolen credit-card numbers…Mr. Dasch of IMVU says he doesn’t mind fingerprints of IMVU customers being added to the exchange, provided that they don’t contain personally identifiable information such as user names, and that his company can use other exchange data in return…idea behind BlueCava’s exchange is to let advertisers build profiles of the people using the devices it has identified…Blue Cava also is seeking to use a controversial technique of matching online data about people with catalogs of offline information about them, such as property records, motor-vehicle registrations, income estimates and other details…”I think cookies are a joke,” Mr. Norris says. “The system is archaic and was invented by accident. We’ve outgrown it, and it’s time for the next thing.”…

 

Malware implicated in plane crash

August 27, 2010 Leave a comment

http://www.msnbc.msn.com/id/38790670/ns/technology_and_science-security/?gt1=43001

Authorities investigating the 2008 crash of Spanair flight 5022 have discovered a central computer system used to monitor technical problems in the aircraft was infected with malware…infected computer failed to detect three technical problems with the aircraft, which if detected, may have prevented the plane from taking off…Flight 5022 crashed just after takeoff from Madrid-Barajas International Airport two years ago today…reported in a preliminary investigation that the plane had taken off with its flaps and slats retracted — and that no audible alarm had been heard to warn of this because the systems delivering power to the take-off warning system failed. Two earlier events had not been reported by the automated system…malware on the Spanair computer has been identified as a type of Trojan horse. It could have entered the airline’s system in a number of ways…

Twitter ‘is a weapon in cyber warfare’

February 19, 2010 Leave a comment

http://www.independent.co.uk/news/media/online/twitter-is-a-weapon-in-cyber-warfare-1900535.html

Air Chief Marshal Sir Stephen Dalton highlighted how the Israeli Air Force used the internet in the battle over international public opinion during last year’s conflict as an example of harnessing new technology…”Accurate and timely information has always been critical to the military but its importance is increasing as societies become more networked,” he stated. “This is intimately linked to developments in space and cyber-space; as we saw in the conflict in Gaza in early 2009, operations on the ground were paralleled by operations in cyber-space and an ‘info ops’ campaign that was fought across the internet: the Israeli Air Force downloaded sensor imagery onto YouTube, tweets warned of rocket attacks and the ‘help-us-win.com‘ blog was used to mobilise public support.”… Israeli attack on Gaza, with its large number of civilian casualties, led to widespread international criticism. However, the use of the internet by the Israeli forces attempting to show Hamas fighters employing local people as cover and the supposedly “surgical” nature of some of the bombing is thought to have countered some of the adverse publicity… But our current enemies are already using effective information operations and propaganda (via the internet) about civilian casualties to try and influence our public’s opinion and thus constrain our activities

War game reveals U.S. lacks cyber-crisis skills

February 19, 2010 Leave a comment

http://www.washingtonpost.com/wp-dyn/content/article/2010/02/16/AR2010021605762.html?hpid=moreheadlines

war game, sponsored by a nonprofit group and attended by former top-ranking national security officials, laid bare Tuesday that the U.S. government lacks answers… staged the war game to demonstrate to a complacent public the plausibility of an attack that could in many ways be as crippling as the Sept. 11, 2001, terrorist strikes. Organizers said they wanted to prod Congress and the Obama administration to act… war game, held over four hours at the Mandarin Oriental Hotel, three wide-screen monitors flashed maps of the United States showing network coverage and electric power ebbing. The breakdown was covered by a faux news network, GNN. Senior administration officials watched the reporting of the unfolding crisis — 40 million people without power in the eastern United States; more than 60 million cellphones out of service; Wall Street closed for a week; Capitol Hill leaders en route to the White House… Jamie S. Gorelick pressed the issue of individual privacy. In a crisis, she said, “Americans need to know that they should not expect to have their cellphone and other communications to be private — not if the government is going to have to take aggressive action to tamp down the threat.” …She recommended that the Obama administration seek legislation for comprehensive authority to deal with a cyber emergency… also wrangled over how far to go in regulating the private sector, which owns the vast majority of the “critical” infrastructure that is vulnerable to a cyber attack

Categories: cybersecurity