May 04 2021

ON THE INTERNET THE “COLD” WAR HAS TURNED HOT

Category: Cyber War,Digital cold warDISC @ 9:20 am

America has a serious infrastructure problem.

America’s most urgent infrastructure vulnerability is largely invisible and unlikely to be fixed by the Biden administration’s $2 trillion American Jobs Plan.

I’m thinking about vulnerabilities that lurk in your garage (your car), your house (your computer), and even your pocket (your phone). Like those devices of yours, all connected to the Internet and so hackable, American businesses, hospitals, and public utilities can also be hijacked from a distance thanks to the software that helps run their systems. And don’t think that the American military and even cybersecurity agencies and firms aren’t seriously at risk, too.

Such vulnerabilities stem from bugs in the programs — and sometimes even the hardware — that run our increasingly wired society. Beware “zero-day” exploits — so named because you have zero days to fix them once they’re discovered — that can attract top-dollar investments from corporations, governments, and even black-market operators. Zero days allow backdoor access to iPhones, personal email programs, corporate personnel files, even the computers that run dams, voting systems, and nuclear power plants.

It’s as if all of America were now protected by nothing but a few old padlocks, the keys to which have been made available to anyone with enough money to buy them (or enough ingenuity to make a set for themselves). And as if that weren’t bad enough, it was America that inadvertently made these keys available to allies, adversaries, and potential blackmailers alike.

The recent SolarWinds hack of federal agencies, as well as companies like Microsoft, for which the Biden administration recently sanctioned Russia and expelled several of its embassy staff, is only the latest example of how other countries can hack basic American infrastructure. Such intrusions, which actually date back to the early 2000s, are often still little more than tests, ways of getting a sense of how easy it might be to break into that infrastructure in more serious ways later. Occasionally, however, the intruders do damage by vacuuming up data or wiping out systems, especially if the targets fail to pay cyber-ransoms. More insidiously, hackers can also plant “time bombs” capable of going off at some future moment.

ON THE INTERNET THE “COLD” WAR HAS TURNED HOT

The Coming Cyber War

Tags: Cyber-warfare, cybergeddon, cyberwar, cyberwarfare

Jul 08 2009

Cyber attacks on US Government websites

Category: CybercrimeDISC @ 4:51 pm

cyberattack
Image by Boyce Duprey via Flickr
Associated Press reported by Hyung-jin Kim, Wed Jul 8 “South Korean intelligence officials believe North Korea or pro-Pyongyang forces committed cyber attacks that paralyzed major South Korean and U.S. government Web sites, aides to two lawmakers said Wednesday.”

See the details at the link below:
Cyber attacks on South Korean and U.S. government Web sites

Information Warfare: How to Survive Cyber Attacks

Cyber Threat

Cyber Security





Tags: cyber attack, cyber attacks, cyber crime, cyber criminals, cyber security, cyber terrorism, cyber threats, Cyber-warfare, cybergeddon

Jan 14 2009

Cyber warfare and possibility of cybergeddon

Category: Information WarfareDISC @ 1:56 am

 

Background and Risks Associated with Various SCADA Systems | Envista Forensics

Cyber warfare poses a serious threat to critical infrastructure of a country. It has been a major challenge for DoD officials, cyber attackers have already stolen tera byte of data from their infrastructure.

 

Most of the security expert and FBI agree that cyber attacks pose biggest threat to US vital infrastructure. “Cybergeddon” our daily economy which depend on inter connected vital network infrastructure is hacked by cyber attacker.

SCADA (Supervisory Control and Data Acquisition – control power grids in all the utilities) “systems are used in industry to monitor and control plant status and provide logging facilities and are highly configurable“. SCADA system is a connection between control systems and the switches.

Cyber attackers have already led to multicity power outage outside of US. Recent attacks show that cyber attackers are getting more knowledgeable about SCADA system. In the past SCADA use to be exclusive system but now slowly getting integrated with the rest of the infrastructure and utilizing IP addressing scheme. Both introduce new threats and raise the risk of cyber attack.

Utilities are the most critical infrastructure in a sense because of other vital infrastructure dependency on power supply. Cyber attack on SCADA system has a potential of cybergeddon and should be protected as a very critical asset by both public and private sectors. Security through obscurity is not the answer for SCADA anymore.

 

In SCADA system, reasonable security can be achieved by embracing ISO 27k standard as a policy and eventually acquiring ISO 27001 (ISMS) certification. Organizations may start the certification process with limited scope (of critical processes) in the beginning, and increment the scope in each recertification attempt based on the resources available and management risk appetite. Information Security Management System (ISMS) can be a great value added process to manage ongoing monitoring, maintaining and for process improvement of SCADA. ISMS as a process in-place provides reasonable security safeguard to zero day attacks.

 

How do I prepare for a power outage?

 


 

“SCADA system has been poorly managed for decades”

What is SCADA?

Tags: Cyber-warfare, cybergeddon, Information Security Management System, Information Warfare, International Organization for Standardization, ira winkler, iso 27001, SCADA, Security