*The notion that Chinese hackers are noodling around blacking-out
American cities at will is a truly extraordinary assertion. Makes the wildest fantasies of 1950s McCarthyism look quite tame.
"A big week for cyber security news stories. Newsbites editor Ed Skoudis put it in perspective, "Consider this NewsBites in its totality (nation state espionage, power grid vulnerabilities, nuclear facilities, radiation dispersal rumors, congressman discussing threats, and more), and you can see we're in the midst of a sea change in the willingness to discuss the threats we now face. It's not just petty cyber crime any more. Increasingly, there are national security implications and massive safety issues associated with information security vulnerabilities in our critical infrastructure. Lives are at stake."
(((Are you happy to hear that? Me neither!)))
TOP OF THE NEWS
–Growing Evidence Suggests China Poses Significant Cyber Threat
(May 31, 2008)
US government officials and cyber security experts say there is mounting evidence that China may have gained access to both government and private sector computer networks, and that Chinese hackers may have been responsible for two major US power blackouts in the last few years.
Although there has never been a direct accusation that China was behind the attacks, neither has the government explicitly said that China was not involved. There is also growing evidence that Chinese hackers are gaining access to US computer systems to gather proprietary information.
In one case, a businessman traveling to China discovered once he got there that the people he was meeting with already knew the bottom line of every negotiating point.
http://www.nationaljournal.com/njmagazine/print_friendly.php?ID=cs_20080531_6948
[Editor's Note (Veltsos): The scenario described is eerily similar to one described in the book "The Spy's Guide: Office Espionage" by Melton,
Piligian, & Swierczynski (ISBN-13: 978-1931686600).]
(((So either the journalist's making it up or the Chinese pirated the book.)))
–Commerce Dept. Laptop May Have Been Breached During Dec. Trip to China
(May 29, 2008)
Anonymous sources say (((always a trustworthy bunch when it comes to cybarmageddon))) that an investigation is underway into whether the contents of a government laptop were copied during Commerce Secretary
Carlos M. Gutierrez's December trip to China. The information may have been used to gain access to Commerce computers; following Gutierrez's return, US CERT was called to the Department of Commerce three times to manage serious intrusion attempts.
http://www.themonitor.com/articles/department_12470___article.html/china_commerce.html
[Editor's Note (Veltsos): When traveling overseas, corporate and government officials must ensure that the data entrusted to them is appropriately protected from unauthorized access, disclosure, or modification. Full-disk encryption and two-factor authentication mechanisms should be present on laptops containing sensitive data. Some security professionals further recommend that travel laptops should be devoid of sensitive data; instead the data should be accessed once on-site by retrieving it from a secure, online, source.]
(((And of course that's ESPECIALLY urgent whenever you are attempting to enter the sinister United States.)))
– Societe Generale Releases Breach Investigation Findings
(May 28, 2008)
Societe Generale has released the findings of an investigation it conducted along with PricewaterhouseCoopers regarding the US $7 billion loss (((I'm used to it now, but I still have to stare when I see that figure))) incurred as a result of surreptitious transactions conducted by trader Jerome Kerviel. According to the report, Kerviel's skill at evading "the system of checks and balances ... designed to prevent such overtrading" combined with his supervisor's lack of understanding of the system allowed the situation to go on for as long as it did.
http://www.darkreading.com/document.asp?doc_id=155024&f_src=darkreading_informationweek
[Editor's Note (Honan): I recommend that you read the report, http://www.efinancialnews.com/downloadfiles/2008/05/2350755836.pdf.
(((Oh, I will, I will.))) It highlights how a combination of insufficient technical, procedural and personnel controls can combine to create opportunities for exploitation.]
HOMELAND SECURITY & GOVERNMENT SYSTEMS SECURITY
–Attackers Take Down Nuclear Plant Websites to Coincide with Rumors
(May 23, 2008)
Websites that allow users to check real-time radiation levels for
Russian nuclear power plants were attacked and rendered unavailable for a time after false rumors appeared on a number of Internet forums about a nuclear accident in the northwestern part of the country. The phony reports said there were radioactive emissions from a plant near St.
Petersburg. The Automatic Radiation Environment Control System (ASKRO)
is designed to allow users to have access to radiation security information; the system has been restored.
http://en.rian.ru/russia/20080523/108202288.html
(((A dismal business, this... Imagine that kind of rumor combined with a successful urban blackout.)))
