Jump to content



Photo

The near impossible battle against Hackers

u.s. government electronic guerrillas dell inc stuxnet internet infrastructure major tech companies

  • Please log in to reply
20 replies to this topic

#1 Hum

Hum

    totally wAcKed

  • 61,987 posts
  • Joined: 05-October 03
  • Location: Odder Space
  • OS: Windows XP, 7

Posted 24 February 2013 - 14:51

SAN FRANCISCO (Reuters) - Dire warnings from Washington about a "cyber Pearl Harbor" envision a single surprise strike from a formidable enemy that could destroy power plants nationwide, disable the financial system or cripple the U.S. government.

But those on the front lines say it isn't all about protecting U.S. government and corporate networks from a single sudden attack. They report fending off many intrusions at once from perhaps dozens of countries, plus well-funded electronic guerrillas and skilled criminals.

Security officers and their consultants say they are overwhelmed. The attacks are not only from China, which Washington has long accused of spying on U.S. companies, many emanate from Russia, Eastern Europe, the Middle East, and Western countries. Perpetrators range from elite military units to organized criminal rings to activist teenagers.

"They outspend us and they outman us in almost every way," said Dell Inc's chief security officer, John McClurg.

The big fear is that one day a major company or government agency will face a severe and very costly disruption to their business when hackers steal or damage critical data, sabotage infrastructure or destroy consumers' confidence in the safety of their information.

Elite security firm Mandiant Corp on Monday published a 74-page report that accused a unit of the Chinese army of stealing data from more than 100 companies. While China immediately denied the allegations, Mandiant and other security experts say the hacker group is just one of more than 20 with origins in China.

Chinese hackers tend to take aim at the largest corporations and most innovative technology companies, using trick emails that appear to come from trusted colleagues but bear attachments tainted with viruses, spyware and other malicious software, according to Western cyber investigators.

Eastern European criminal rings, meanwhile, use "drive-by downloads" to corrupt popular websites, such as NBC.com last week, to infect visitors. Though the malicious programs vary, they often include software for recording keystrokes as computer users enter financial account passwords.

Others getting into the game include activists in the style of the loosely associated group known as Anonymous, who favor denial-of-service attacks that temporarily block websites from view and automated searches for common vulnerabilities that give them a way in to access to corporate information.

An increasing number of countries are sponsoring cyber weapons and electronic spying programs, law enforcement officials said. The reported involvement of the United States in the production of electronic worms including Stuxnet, which hurt Iran's uranium enrichment program, is viewed as among the most successful.

Iran has also been blamed for a series of unusually effective denial-of-service attacks against major U.S. banks in the past six months that blocked their online banking sites. Iran is suspected of penetrating at least one U.S. oil company, two people familiar with the ongoing investigation told Reuters.

"There is a battle looming in any direction you look," said Jeff Moss, the chief information security officer of ICANN, a group that manages some of the Internet's key infrastructure.

"Everybody's personal objectives go by the wayside when there is just fire after fire," said Moss, who also advises the U.S. Department of Homeland Security.

Industry veterans say the growth in the number of hackers, the software tools available to them, and the thriving economic underground serving them have made any computer network connected to the Internet impossible to defend flawlessly.

full story


#2 Enron

Enron

    Windows for Workgroups

  • 8,816 posts
  • Joined: 30-May 11
  • OS: Windows 8.1 U1
  • Phone: Nokia Lumia 900

Posted 24 February 2013 - 14:58

Everyone should just install Norton so they can't get hacked.

#3 Torolol

Torolol

  • 2,820 posts
  • Joined: 24-November 12

Posted 24 February 2013 - 15:07

no such thing as 'steal data' as the original data isn't lost,
it should read/write as 'copying/duplicating data'

#4 OP Hum

Hum

    totally wAcKed

  • 61,987 posts
  • Joined: 05-October 03
  • Location: Odder Space
  • OS: Windows XP, 7

Posted 24 February 2013 - 15:11

Corporations should plant false data -- maybe that would discourage hacks.

#5 exotoxic

exotoxic

    Neowinian Senior

  • 2,138 posts
  • Joined: 04-April 04
  • Location: England

Posted 24 February 2013 - 17:42

I am sure a power plant could work without giving critical parts of it a network connection :rolleyes:

#6 Detection

Detection

    Detecting stuff...

  • 8,369 posts
  • Joined: 30-October 10
  • Location: UK
  • OS: 7 SP1 x64

Posted 24 February 2013 - 17:49

I am sure a power plant could work without giving critical parts of it a network connection :rolleyes:


I was about to say, didn't power plants work fine before the net ?

Disconnect them, have one sandboxed machine/network for accessing the net, NOT connected to the rest of the plant

#7 Torolol

Torolol

  • 2,820 posts
  • Joined: 24-November 12

Posted 24 February 2013 - 17:54

and whos stupid idea that power plants need to be connected to the internet ?

#8 Detection

Detection

    Detecting stuff...

  • 8,369 posts
  • Joined: 30-October 10
  • Location: UK
  • OS: 7 SP1 x64

Posted 24 February 2013 - 17:55

and whos stupid idea that power plants need to be connected to the internet ?


Anonymous'

#9 pack34

pack34

    Professional Electron Wrangler

  • 1,002 posts
  • Joined: 04-July 11

Posted 24 February 2013 - 20:30

and whos stupid idea that power plants need to be connected to the internet ?


Power plants are networked for efficiency and load balancing. Being able to talk to the substations allows them to put out the right amount of power to the right places at the right times.

#10 Rudy

Rudy

    Neowinian Senior

  • 22,397 posts
  • Joined: 30-September 01
  • Location: Ottawa, On

Posted 25 February 2013 - 03:01

Everyone should just install Norton so they can't get hacked.

Not sure if trolling or serious...

#11 1941

1941

    Banned

  • 18,175 posts
  • Joined: 17-July 06

Posted 25 February 2013 - 03:03

Not sure if trolling or serious...


I hope he is not serious.

#12 +Aheer.R.S.

Aheer.R.S.

    I cannot Teach Him, the Boy has no Patience!

  • 11,527 posts
  • Joined: 15-October 10

Posted 25 February 2013 - 03:03

Not sure if trolling or serious...

Obviously trolling, Everyone knows you need Zonealarm :p

#13 goatsniffer

goatsniffer

    Supercalifragilisticexpialidosh

  • 1,091 posts
  • Joined: 11-January 04
  • Location: New York, USA

Posted 25 February 2013 - 03:12

Setup a butt-ton of honeypot networks and monitor what tactics and methods are being used.

#14 LUTZIFER

LUTZIFER

    Resident Evil

  • 2,651 posts
  • Joined: 09-January 02
  • Location: Vancouver Island, BC CANADA
  • OS: Windows 8.1 Pro
  • Phone: Google Nexus 4

Posted 25 February 2013 - 03:13

Everyone should just install Norton so they can't get hacked.

I hope you were just being sarcastic.

#15 Growled

Growled

    Neowinian Senior

  • 41,508 posts
  • Joined: 17-December 08
  • Location: USA

Posted 26 February 2013 - 01:42

and whos stupid idea that power plants need to be connected to the internet ?


It's a good idea but it seems to me it would be better to place them on private networks not connected to the Internet at large.



Click here to login or here to register to remove this ad, it's free!