Monday, February 28, 2011

Tech News 21 Feb 2011 - "Night Dragon", oil industry besieged?

Companies in the oil industry have for many years now, been attacked by hackers using various schemes in an attempt to gain confidential information about the oil companies. However, recently those oil companies worst nightmares has but come true. Earlier in the month McAfee had detected intrusions (McAfee named this series of breaches "Night Dragon") in those oil companies' networks, showing that a group of well co-ordinated hackers had broken into the companies' information systems. McAfee, who gives a detailed description in the links below of how the company networks were breached, said that the attacks originated from Chinese IP Addresses. The attack was known to have been somewhat successful, since the hackers had looked mostly at files that were relating to oil and gas field production and financial documents. In my blog last week, I had mentioned about the Siemens industrial devices that had been hacked. We could be looking at the beginning of a similar situation. The hackers that breached the oil companies had also accessed files that contained SCADA ( supervisory control and data acquisition) information that involves the operational processes within oil pipelines and refineries. Something similar to that of Stuxnet, is certainly something that the oil industry would not like to have to worry about in the future.

global energy cyberattacksnightdragon

global energy industry hit in night dragon attacks

Monday, February 21, 2011

Tech News - Week 14 Feb 2011 - Stuxnet, The Beginning of Cyberwarfare?

Stuxnet, a sophisticated cyber-weapon that terrifies many industrial system managers around the globe. Looking back at June 2010, an Iranian nuclear program was halted by the attack of a worm that infiltrated their systems and targeted electromechanical devices at five different nuclear plants in Iran. The worm was designed to attack systems that use Siemens devices, which control and monitor industrial processes. The worm achieved its goal in disrupting plant activity by pushing motoring devices towards breaking point. Another feature of this worm was its rootkit ability to imbed itself in the operating systems, without being detected. The worm then transmits false readings of the plants activity back to the people who were monitoring the systems. After the incident at the Iranian plants, investigations were ordered into determining how the worm made its way into the systems and who was behind it. Experts that were in charge of the unveiling of the worm's inner parts, said that what had been created here was something far more complex than the average worm spreading the internet today. They had concluded that the code inside the worm was 
developed by two parties, notably two groups that were very funded, on a nation budget level.

So let us have a look at the bigger picture here. We have two countries (allegedly involved, according to The New York Times) teaming up with each other to focus on slowing down the development of nuclear arms of an Islamic nation. Surely this collaboration of espionage against a country, can be deemed as warfare? Israel, said to have a nuclear installation almost identical to that of Iran's nuclear facility, where a joint operation between Israel and America is being conducted. So Israel can be said to have had a mock-up of Iran's facilities... The perfect place to test the operations of a worm, like Stuxnet.

Turning our heads towards more recent matters involving Stuxnet, we discover something quite disturbing. HBGary, a security research company,  had its security breached and a decrypted version of the Stuxnet code was stolen from their databases by AnonymousSecurity advisors saying that the worst is already out there, may just be getting a little bit ahead of themselves with that statement. Note that, Stuxnet is  a military grade worm containing very complex code, which is almost impossible to comprehend. However, there are definitely experts out there who are willing to share their knowledge on pulling apart the Stuxnet worm and determining what its core innards are capable of. It can sound a little bit scary for some, but keeping yourself aware on what security companies are doing to thwart these threats and how you can protect your information on the internet, may become a necessity for the average internet user, not just large corporations.

Thursday, February 10, 2011

Tech News - Week 8 Feb 2011 - Google offers $20,000 prize for finding vulnerabilities in Chrome

Back in 2009, Google entered the annual Pwn2own("Pawn-to-own") hacking contest with its newly developed Chrome browser. The Pwn2own contest is held at the annual CanSecWest Security conference and features all of the popular web browsers, which will have their security tested by hackers. Since it's entry into the contest, Chrome's security has remained without exploit due its innovative implementation of the Sandbox security feature. Although bugs have been discovered, exploiting them has been another mission altogether.

Every year Pwn2own's host, TippingPoint, has provided the prizes for the contest winners. However, Google has stepped forward, somewhat audaciously, to offer $20 000 cash prize to the contestant who can find vulnerabilities in Google's Chrome browser.

Of course Google is allowed to be confident in their browser application, they have put in the effort required to beat hackers who overturned the security of IE, Firefox and Safari on the first day of the contest. Charlie Miller won the contest by hacking Safari on Mac OS and taking control of the operating system, within a few seconds of starting the contest. This, clearly showing that vulnerabilities in a browser lead to more sensitive areas in the operating system it is being run on. But showing too much confidence with the introduction of Chrome OS(Google's browser-based operating system) around the corner, hacking of the browser may bring about some concern of whether Google's OS is ready for introduction to the public sector. "There are bugs in Chrome but they're very hard to exploit", said Charlie Miller after winning the contest in 2009.

Google bets 20k Chrome cant be hacked

Questions for pwn2own hacker Charlie Miller