The near impossible battle against Hackers

By Hum
in Back Page News

 Share

Recommended Posts

Grand Master

Hum

Posted
Posted

SAN FRANCISCO (Reuters) - Dire warnings from Washington about a "cyber Pearl Harbor" envision a single surprise strike from a formidable enemy that could destroy power plants nationwide, disable the financial system or cripple the U.S. government.

But those on the front lines say it isn't all about protecting U.S. government and corporate networks from a single sudden attack. They report fending off many intrusions at once from perhaps dozens of countries, plus well-funded electronic guerrillas and skilled criminals.

Security officers and their consultants say they are overwhelmed. The attacks are not only from China, which Washington has long accused of spying on U.S. companies, many emanate from Russia, Eastern Europe, the Middle East, and Western countries. Perpetrators range from elite military units to organized criminal rings to activist teenagers.

"They outspend us and they outman us in almost every way," said Dell Inc's chief security officer, John McClurg.

The big fear is that one day a major company or government agency will face a severe and very costly disruption to their business when hackers steal or damage critical data, sabotage infrastructure or destroy consumers' confidence in the safety of their information.

Elite security firm Mandiant Corp on Monday published a 74-page report that accused a unit of the Chinese army of stealing data from more than 100 companies. While China immediately denied the allegations, Mandiant and other security experts say the hacker group is just one of more than 20 with origins in China.

Chinese hackers tend to take aim at the largest corporations and most innovative technology companies, using trick emails that appear to come from trusted colleagues but bear attachments tainted with viruses, spyware and other malicious software, according to Western cyber investigators.

Eastern European criminal rings, meanwhile, use "drive-by downloads" to corrupt popular websites, such as NBC.com last week, to infect visitors. Though the malicious programs vary, they often include software for recording keystrokes as computer users enter financial account passwords.

Others getting into the game include activists in the style of the loosely associated group known as Anonymous, who favor denial-of-service attacks that temporarily block websites from view and automated searches for common vulnerabilities that give them a way in to access to corporate information.

An increasing number of countries are sponsoring cyber weapons and electronic spying programs, law enforcement officials said. The reported involvement of the United States in the production of electronic worms including Stuxnet, which hurt Iran's uranium enrichment program, is viewed as among the most successful.

Iran has also been blamed for a series of unusually effective denial-of-service attacks against major U.S. banks in the past six months that blocked their online banking sites. Iran is suspected of penetrating at least one U.S. oil company, two people familiar with the ongoing investigation told Reuters.

"There is a battle looming in any direction you look," said Jeff Moss, the chief information security officer of ICANN, a group that manages some of the Internet's key infrastructure.

"Everybody's personal objectives go by the wayside when there is just fire after fire," said Moss, who also advises the U.S. Department of Homeland Security.

Industry veterans say the growth in the number of hackers, the software tools available to them, and the thriving economic underground serving them have made any computer network connected to the Internet impossible to defend flawlessly.

full story

Grand Master

Detection

Posted
Posted

I am sure a power plant could work without giving critical parts of it a network connection :rolleyes:

I was about to say, didn't power plants work fine before the net ?

Disconnect them, have one sandboxed machine/network for accessing the net, NOT connected to the rest of the plant

Mentor

pack34

Posted
Posted

and whos stupid idea that power plants need to be connected to the internet ?

Power plants are networked for efficiency and load balancing. Being able to talk to the substations allows them to put out the right amount of power to the right places at the right times.

Mentor

pack34

Posted
Posted

It's a good idea but it seems to me it would be better to place them on private networks not connected to the Internet at large.

That wouldn't exactly be very cheap to have that much dedicated fiber running throughout the country. Plus, sometimes it doesn't really matter. All it takes is an infected phone or flash drive to touch the power plant's internal network for them to be compromised with a nasty piece of malware. .

Grand Master

farmeunit

Posted
Posted

no such thing as 'steal data' as the original data isn't lost,

it should read/write as 'copying/duplicating data'

It is stealing data, as in they didn't have that data/knowledge before. It can be used against a corporation, or governement entity. It's not like it's "just music" or something else.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • MPC-BE 1.9.0

      By Copernic · Posted

      MPC-BE 1.9.0 by Razvan Serea Media Player Classic - BE is a free and open source audio and video player for Windows. Media Player Classic - BE is based on the original "Media Player Classic" project (Gabest) and "Media Player Classic Home Cinema" project (Casimir666), contains additional features and bug fixes. The BE mod (Black Edition Mod) is a skinned version of Media Player Classic Home Cinema, much better looking than the plain old MPC. MPC-BE 1.9.0 changelog: Splitters Fixed crashes in some situations. AudioSplitter Added support for the RF64 format. Fixed reading of channel layout for some WavPack files. Added support for ID3 tags for Wave64 files. Unknown Wave64 chunks are now ignored. AviSplitter Added support for 'y408' video. Improved support for 'HEVC' video. FLVSplitter Added support for VVC video. MP4Splitter Improved handling of corrupted files. MatroskaSplitter Expanded support for V_UNCOMPRESSED video codecs. Fixed support for frame rotation (ProjectionPoseRoll). Improved support for "V_MS/VFW/FOURCC / HEVC". MpcDvdVideoDecoder Fixed conversion to YUY2. Fixed display of menus for some DVD-Videos. RoQVideoDecoder Output in NV12 and YV12 formats is allowed. Full range is used. MPC Video Decoder RGB32 format will be output as a top-down bitmap by default. Added support for the "IID_MediaSideDataDOVIMetadataV2" interface. Removed support for the deprecated "IID_MediaSideDataDOVIMetadata" interface. Fixed retrieving the name of the video adapter when using NVDEC. Fixed crashes in some situations. MPC Video Converter Added support for AYUV video format. MpcAudioRenderer Improved input format validation. Optimized retrieval of supported formats for exclusive mode. Added the "Keep audio device active when paused" setting. Fixed crashes and freezes in various situations. Subtitles Added the ability to open the properties of an external subtitle renderer in the "Subtitles" settings panel. Fixed external subtitle connections for VSFilter. Fixed a crash when rendering PGS/SUP subtitles when using AVX2. YouTube Improved support for yt-dlp. The built-in YouTube parser is no longer used. Player The HTTP read strategy has been changed. If the playlist contains one entry, more key combinations can be used to control the player (jump through chapters, adjust volume). Improved support for reading ASX playlists. The translation of the MediaInfo report for Chinese, Korean and Japanese has been removed. Added blocking of 32-bit filter "PICVideo Lossless JPEG Decompressor" (pvljpg20.dll), because it crashes. Added blocking of the system filter "AVI Decompressor", which will eliminate the crash of VFW codecs. Fixed a rare crash when using the "/slave" key. Fixed a crash when getting a list of fonts for OSD. Added the ability to load an external audio file using hotkeys. Fixed opening a network path starting with \?\UNC. The "Determine duration when adding" playlist setting now works for YouTube video URLs. The "Online media services" settings panel has been redesigned. Added a "Merge files using FFmpeg" option to the file saving dialog. This option is activated when playing multiple streams obtained using yt-dlp. Added loading of local .dpl playlists ("DAUMPLAYLIST"). Fixed a hang when the user closes the player during the URL opening process. Various interface fixes. Installer Updated MPC Video Renderer 0.10.5. Updated MPC Script Source 0.2.17. Added MPC Image Source 0.3.6. Translations Updated Japanese translation (by tsubasanouta). Updated Chinese (Traditional) and Dutch translation (by beter). Updated Romanian translation (by Andrei Miloiu). Updated Hungarian translation (by mickey). Updated Turkish translation (by cmhrky). Updated German translation (by Klaus1189). Updated Chinese (Simplified) translation (by wushantao). Updated Italian translation (by mapi68). Updated Korean translation (by Hackjjang). Updated Chinese (Traditional) (by udfbe). Updated libraries dav1d 1.5.3-6-g04b69f9; ffmpeg n8.2-dev-1857-g4653e68aab; libpng git-v1.6.55-9-g7d52a8087; Little-CMS git-lcms2.18-26-gf739cda; MediaInfo git-v26.05-38-g702c9b7fd; ZenLib git-v0.4.41-91-g073f297; zlib 1.3.2. Download: MPC-BE 64-bit | Portable MPC-BE 64-bit | ~20.0 MB (Open Source) Download: MPC-BE 32-bit | Portable MPC-BE 32-bit Link: Media Player Classic - BE Home Page Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Apple reportedly looks to blacklisted Chinese memory chips as RAM prices climb

      By Karthik Mudaliar · Posted

      Apple reportedly looks to blacklisted Chinese memory chips as RAM prices climb by Karthik Mudaliar Image via Apple Apple is reportedly trying to get a clearance from the Trump administration to buy memory from ChangXin Memory Technologies (CXMT) to get some relief from soaring DRAM prices. As per a report by the Financial Times, Apple approached the Commerce Department more than a month ago and also spoke to other officials and allies in Washington. For starters, CXMT is a company that's already been placed on the Pentagon's list of Chinese military companies. The Chinese company is the country's top DRAM maker. For Apple, the timing is certainly awkward but not surprising. Tim Cook had recently warned that Apple would have to raise prices because AI companies are buying up large amounts of memory for data centers, and just like that, Apple raised MacBook and iPad prices. Micron also recently revealed that customers have committed billions of dollars to secure memory supply years in advance, which shows us how aggressive securing infrastructure has become. This gives suppliers such as Samsung, SK Hynix, and Micron more leverage, while pushing hardware makers to look for alternatives. CXMT is one of those alternatives, but not the simplest one. Apple has spent many years trying to diversify parts of its supply chain away from China, especially for final assembly, while still depending heavily on Chinese manufacturing and suppliers. Even domestic brands from China are moving towards CXMT and YMTC instead of relying on Samsung, Micron, and SK Hynix. For Apple, though, it would invite more scrutiny than local Chinese companies. For now, this is more like a lobbying effort rather than a confirmed supply deal. There's no official statement from either of the parties. What is clearer, though, is the pressure behind such a request. AI demand has certainly made hardware a bottleneck, and companies are trying everything they can to bring things back to normal, even if that means making politically sensitive choices. Source: Financial Times
    • You've tried DuckDuckGo and Brave Search, now get serious with SearXNG

      By datacenter · Posted

      I did test it a month or so back, but ... the results I expect to be on the first page are not there.
    • 4TB TEAMGROUP MP44Q, 2TB T-Force G50, and 2TB WD My Passport SSDs drop to great prices

      By ryansurfer98 · Posted

      Neowin is saying these are good prices? Thats crazy. As others have said they are just ######. Time for big tech to bring down the prices for real not this fake crap.
    • Hands on with iFlyTek AINote 2 E-Ink tablet: insanely thin and smart

      By The Werewolf · Posted

      The iFlyTek AINote 2 is among the thinnest E-Ink tablets. It has an EMR stylus, a built-in fingerprint reader, and plenty of built-in AI features. You had me until "and plenty of built-in AI features." That and any company that still does the iProduct naming trope is an immediate pass. It suggests the company isn't very imaginative or creative and is trying to piggyback off another company's success. Extremely lame. Also kind of expensive. Better choices at lower prices out there.

  • Recent Achievements

    • Week One Done
      flexorcist earned a badge
      Week One Done
    • One Month Later
      Woland13 earned a badge
      One Month Later
    • Week One Done
      Woland13 earned a badge
      Week One Done
    • One Year In
      bernmeister earned a badge
      One Year In
    • Week One Done
      Scoobystu earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      486
    2. 2
      +Edouard
      220
    3. 3
      PsYcHoKiLLa
      147
    4. 4
      Steven P.
      74
    5. 5
      FloatingFatMan
      70
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!