The near impossible battle against Hackers

By Hum
in Back Page News

 Share

Recommended Posts

Grand Master

Hum

Posted
Posted

SAN FRANCISCO (Reuters) - Dire warnings from Washington about a "cyber Pearl Harbor" envision a single surprise strike from a formidable enemy that could destroy power plants nationwide, disable the financial system or cripple the U.S. government.

But those on the front lines say it isn't all about protecting U.S. government and corporate networks from a single sudden attack. They report fending off many intrusions at once from perhaps dozens of countries, plus well-funded electronic guerrillas and skilled criminals.

Security officers and their consultants say they are overwhelmed. The attacks are not only from China, which Washington has long accused of spying on U.S. companies, many emanate from Russia, Eastern Europe, the Middle East, and Western countries. Perpetrators range from elite military units to organized criminal rings to activist teenagers.

"They outspend us and they outman us in almost every way," said Dell Inc's chief security officer, John McClurg.

The big fear is that one day a major company or government agency will face a severe and very costly disruption to their business when hackers steal or damage critical data, sabotage infrastructure or destroy consumers' confidence in the safety of their information.

Elite security firm Mandiant Corp on Monday published a 74-page report that accused a unit of the Chinese army of stealing data from more than 100 companies. While China immediately denied the allegations, Mandiant and other security experts say the hacker group is just one of more than 20 with origins in China.

Chinese hackers tend to take aim at the largest corporations and most innovative technology companies, using trick emails that appear to come from trusted colleagues but bear attachments tainted with viruses, spyware and other malicious software, according to Western cyber investigators.

Eastern European criminal rings, meanwhile, use "drive-by downloads" to corrupt popular websites, such as NBC.com last week, to infect visitors. Though the malicious programs vary, they often include software for recording keystrokes as computer users enter financial account passwords.

Others getting into the game include activists in the style of the loosely associated group known as Anonymous, who favor denial-of-service attacks that temporarily block websites from view and automated searches for common vulnerabilities that give them a way in to access to corporate information.

An increasing number of countries are sponsoring cyber weapons and electronic spying programs, law enforcement officials said. The reported involvement of the United States in the production of electronic worms including Stuxnet, which hurt Iran's uranium enrichment program, is viewed as among the most successful.

Iran has also been blamed for a series of unusually effective denial-of-service attacks against major U.S. banks in the past six months that blocked their online banking sites. Iran is suspected of penetrating at least one U.S. oil company, two people familiar with the ongoing investigation told Reuters.

"There is a battle looming in any direction you look," said Jeff Moss, the chief information security officer of ICANN, a group that manages some of the Internet's key infrastructure.

"Everybody's personal objectives go by the wayside when there is just fire after fire," said Moss, who also advises the U.S. Department of Homeland Security.

Industry veterans say the growth in the number of hackers, the software tools available to them, and the thriving economic underground serving them have made any computer network connected to the Internet impossible to defend flawlessly.

full story

Grand Master

Detection

Posted
Posted

I am sure a power plant could work without giving critical parts of it a network connection :rolleyes:

I was about to say, didn't power plants work fine before the net ?

Disconnect them, have one sandboxed machine/network for accessing the net, NOT connected to the rest of the plant

Mentor

pack34

Posted
Posted

and whos stupid idea that power plants need to be connected to the internet ?

Power plants are networked for efficiency and load balancing. Being able to talk to the substations allows them to put out the right amount of power to the right places at the right times.

Mentor

pack34

Posted
Posted

It's a good idea but it seems to me it would be better to place them on private networks not connected to the Internet at large.

That wouldn't exactly be very cheap to have that much dedicated fiber running throughout the country. Plus, sometimes it doesn't really matter. All it takes is an infected phone or flash drive to touch the power plant's internal network for them to be compromised with a nasty piece of malware. .

Grand Master

farmeunit

Posted
Posted

no such thing as 'steal data' as the original data isn't lost,

it should read/write as 'copying/duplicating data'

It is stealing data, as in they didn't have that data/knowledge before. It can be used against a corporation, or governement entity. It's not like it's "just music" or something else.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • The Trump administration doesn't want you to use OpenAI's GPT-5.6 without its approval

      By ad47uk · Posted

      The only reason I want to know where you from is because if you are not from the U.K, then why should you care what we in the U.K do or don't do? Racist I am not, I am fed up with the amount coming over here and feel they can come over here and think we need to support them. Do you know how much it costs this country to support these people coming over here? Even when we give them a place to live it is not good enough. We had a barge that was being used to house immigrants, oh but that was not good enough. A mate said to me at the time, when he was homeless, he would have been happy to live on the barge, instead of ending up sleeping on a bench on the beach. I am not scared to say what my family heritage is, unlike you who is scared to say where they are from or where they live. Father side U.S, mother side Wales, still have family living in the U.S. A mate who sadly died a few years ago, had a load of people from different races recording in his studio, I got on with all of them. Skin colour don't bother me, where they are from don't bother me. Religion don't bother me as long as they don't push it onto me and it is not crazy stuff. I am not religious. But if you are not living in the U.K, then why should you care if we are in the E.U or not? This the problem, too many people poking their noses into where it don't belong. But you believe what you believe, if you think I am racist, then be it, I really do not care. Just grow a pair
    • Why it's almost impossible to produce a smartphone in the United States

      By dismuter · Posted

      If he hasn't been able to figure that out, then why is he obsessed with tariffs? Because that's one of the most prominent tools to level the playing field when you have high cost of labor.
    • Microsoft released Windows 11 KB5102558, KB5095615 Setup and Recovery updates

      By hellowalkman · Posted

      Microsoft released Windows 11 KB5102558, KB5095615 Setup and Recovery updates by Sayan Sen This past week Microsoft released the newest preview update (C-release) under KB5095093. Alongside those, Microsoft also released new dynamic updates. For those who may not know, dynamic updates bring improvements to the Windows Recovery process in the form of Windows Recovery Environment (WinRE) updates, which are also called Safe OS updates. The dynamic updates also affect the Setup file binaries in the form of Setup updates. These Dynamic Update packages are meant to be applied to existing Windows images prior to their deployment. Dynamic Updates also help preserve Language Pack (LP) and Features on Demand (FODs) content during the upgrade process. VBScript, for example, is currently an FOD on Windows 11 24H2. This time both recovery and setup updates were released for Windows 11. The company writes: "KB5095186: Safe OS Dynamic Update for Windows 11, version 26H1: June 23, 2026 This update makes improvements to the Windows recovery environment (WinRE). After installing this update, the WinRE version installed on the device should be 10.0.28000.2335. KB5102558: Setup Dynamic Update for Windows 11, versions 24H2 and 25H2: June 23, 2026 This update makes improvements to Windows setup binaries or any files that setup uses for feature updates in Windows 11, version 24H2 and Windows 11, version 25H2. KB5095615: Safe OS Dynamic Update for Windows 11, versions 24H2 and 25H2: June 23, 2026 This update makes improvements to the Windows recovery environment (WinRE). After installing this update, the WinRE version installed on the device should be 10.0.26100.8737." Microsoft notes that both the Recovery and Setup updates will be downloaded and installed automatically via the Windows Update channel.
    • Politically funny images of the World

      By +Edouard · Posted

    • Why it's almost impossible to produce a smartphone in the United States

      By TsarNikky · Posted

      The high cost of labor and operating within the US. Donald hasn't been able to figure that out--pathetic.

  • Recent Achievements

    • Conversation Starter
      jessse3334 earned a badge
      Conversation Starter
    • Reacting Well
      JuvenileDelinquent earned a badge
      Reacting Well
    • One Month Later
      Excellence2025 earned a badge
      One Month Later
    • Week One Done
      Excellence2025 earned a badge
      Week One Done
    • Week One Done
      flexorcist earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      508
    2. 2
      +Edouard
      200
    3. 3
      PsYcHoKiLLa
      151
    4. 4
      Steven P.
      73
    5. 5
      macoman
      62
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!