*So, I wonder who's hacking oil companies. My #1 guess would be oil company guys.
*via SANS, and I reckon there's gonna be plenty more where this is coming from.
TOP OF THE NEWS
–Major US Oil Companies' Networks Infiltrated by Spies
(January 25, 2010)
Three major US oil companies were targeted by sophisticated espionage
attacks in 2008; they were unaware of the scope of the problem until the
FBI notified them in late 2008 and in 2009. The attacks appeared to be
focused on stealing "bid data," valuable proprietary information about
the location and likely yield of oil discoveries around the world. The
attackers appear to have taken control of the companies' networks and
sent data to computers elsewhere. In at least one instance, the data
stream was traced to a computer in China, but there is no hard evidence
linking that country's government to the attacks. The attacks are
sophisticated, targeted, and surreptitious, suggesting that those behind
the attacks are well organized and have ample support.
http://www.csmonitor.com/USA/2010/0125/US-oil-industry-hit-by-cyberattacks-Was-China-involved
Note that the SCADA Security Summit at the end of March in Orlando will
provide in-depth information about how these intrusions and the
comparably effective intrusions into electric power companies were
carried out, the two primary defenses that can be arrayed, and methods
of operating securely when your networks must be treated as "contested
territory". The current tools and techniques being offered by control
system vendors and most security vendors provide only a thin and
ineffective layer of defense. Summit seats are being reserved faster
than in any prior year. If you want to come, register at
http://www.sans.org/scada-security-summit-2010/
[Editor's Note (Schultz): My experience with the petroleum industry
leads me to believe that it is better than average in its information
security practices. I now fear it is only a matter of time before other
critical areas of this infrastructure will fall prey to similar attacks.
(Ullrich): Not good if the call from the FBI comes ahead of a call from
your IDS department.]
–No Easy Deterrent for Cyber Warfare
(January 26, 2009)
In a far ranging and insightful article, New York Times reporters Thom
Shanker, David Sanger, and John Markoff analyze the United States'
currents capabilities in deterring cyber attacks. Not very encouraging.
http://www.nytimes.com/2010/01/26/world/26cyber.html?hp=&pagewanted=print
–Chinese Human Rights Sites Hit With DDoS Attack
(January 25, 2010)
Over the weekend, five Chinese human rights groups, including the
Chinese Human Rights Defenders, experienced attacks on their websites.
The sites were hobbled for 16 hours by a distributed denial-of-service
(DDoS) attack. Malware placed on the sites prior to the attack is now
being removed.
http://news.cnet.com/8301-30685_3-10440342-264.html
http://www.computerworld.com/s/article/9147938/Chinese_human_rights_sites_hit_by_DDoS_attack?source=rss_security
http://www.thetechherald.com/article.php/201004/5140/Chinese-human-rights-domains-hit-by-Denial-of-Service-attack
THE REST OF THE WEEK'S NEWS
–Google Attack Fallout Underscores China's Culture of Censorship and
Surveillance
(January 25, 2010)
The recent disclosure of cyber attacks on Google and other US
companies and the allegations that they originated in China has shined
a spotlight on China's practices of surveillance and censorship that
have been requirements for multinational companies wanting to conduct
business in that country. In the wake of the attacks, Google
announced that it will no longer filter search results and has
suggested that it might pull out of China altogether if the government
refuses to allow that.
http://www.usatoday.com/tech/news/2010-01-23-googlechina25_cv_N.htm
–China Denies Hacking Allegations; Accuses US
(January 23 & 25, 2010)
The Chinese government has categorically denied allegations that it is
behind a series of attacks on Google and other American companies. It
has called accusations that it encouraged or sponsored the attacks
"groundless." A Chinese official has said that a speech by US Secretary
of State Hillary Clinton in which she asked that China investigate the
attacks and spoke negatively about China's stranglehold on the free flow
of information to its citizens could "undermine China-US relations."
http://www.h-online.com/security/news/item/China-denies-involvement-in-attacks-on-Google-912636.html
http://www.nytimes.com/2010/01/26/world/asia/26google.html?ref=technology
http://www.cnn.com/2010/TECH/01/24/china.cyber.attacks/index.html?eref=rss_tech&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+rss%2Fcnn_tech+%28RSS%3A+Technology%29
http://www.washingtonpost.com/wp-dyn/content/article/2010/01/22/AR2010012201090.html
http://www.nextgov.com/nextgov/ng_20100122_4585.php?oref=topnews
Update:
China has now accused America of using "online warfare".
http://www.guardian.co.uk/world/2010/jan/24/china-us-iran-online-warfare
