Cyberterrorism that could make 9/11 pale in comparison

[CountDeMoney]

Instead of spending the money to upgrade the cyber infrastructure necessary to meet the regulatory requirements to remote fire up peaking plants from control facilities, we simply unplugged them.  Gotta send somebody out to them to bring them online now.

Well at least that'll keep the unions happy.

We had no unions.

[jimmy olsen]

Tim: relax.

That's just what people said to those warning about the dangers of Islamic terrorism in the 90s and look what happened.

[Kleves]

Don't worry, Tim. Obama just signed an executive order calling for voluntary industry standards and shit. If that doesn't stop the Chinese, nothing will.

[Caliga]

That's just what people said to those warning about the dangers of Islamic terrorism in the 90s and look what happened.

I never said that.  But now, I'm telling you to relax... and I'm large and in charge, so do it.

[jimmy olsen]

Well, you are large.

[Caliga]

Well, you are large.

I agree.

[Solmyr]

Tim: relax.

That's just what people said to those warning about the dangers of Islamic terrorism in the 90s and look what happened.

What happened? Islamic terrorism is peanuts in actual damage compared to just about anything else. Just because it's blown out of proportion doesn't mean it's a serious threat to our way of life.

[CountDeMoney]

Don't worry, Tim. Obama just signed an executive order calling for voluntary industry standards and shit. If that doesn't stop the Chinese, nothing will.

[jimmy olsen]

Coworkers are not happy.

http://worldnews.nbcnews.com/_news/2013/03/20/17393609-cyber-attack-on-south-korea-said-to-come-from-chinese-address?lite

Cyber attack on South Korea said to come from Chinese address

By Jack Kim, Reuters

SEOUL - A hacking attack on the servers of South Korean broadcasters and banks originated from an IP address based in China, officials in Seoul said on Thursday, raising suspicions the intrusion came from North Korea.

An unnamed official from South Korea's presidential office was quoted by the Yonhap news agency as saying the discovery of the IP address indicated Pyongyang was responsible for the attack on Wednesday.

A previous attack on a South Korean newspaper that the government in Seoul traced back to North Korea also used a Chinese IP address.

"We've identified that a Chinese IP is connected to the organizations affected," a spokesman for South Korea's Communications Commission told a press conference.

The attack brought down the network servers of television broadcasters YTN, MBC and KBS as well as two major commercial banks, Shinhan Bank and NongHyup Bank. South Korea raised its alert levels in response.

Investigations of past hacking incidents on South Korean organizations have been traced to Pyongyang's large army of computer engineers trained to infiltrate the South's computer networks.

"There can be many inferences based on the fact that the IP address is based in China," the communications commission's head of network policy, Park Jae-moon said. "We've left open all possibilities and are trying to identify the hackers."

It took the banks hours to restore operations. Damage to the servers of the TV networks was believed to be more severe, although broadcasts were not affected.

About 32,000 computers at the six organizations were affected, according to the South's state-run Korea Internet Security Agency, adding it would take up to five days to fully restore their functions.

North Korea has in the past targeted South Korea's conservative newspapers, banks and government institutions.

The biggest hacking effort attributed to Pyongyang was a 10-day denial of service attack in 2011 that antivirus firm McAfee, part of Intel Corp, dubbed "Ten Days of Rain". It said that attack was a bid to probe the South's computer defenses in the event of a real conflict.

North Korea last week said it had been a victim of cyber attacks, blaming the United States and threatened retaliation.

[Martinus]

Why not simply explain to cyberwarrior states that Internet-based incursion will be retaliated against with physical infrastructure loss brought about my massive nuclear counterattack?

Because that's not a good idea.  We don't want the Iranians to get the idea that it's alright to set off a nuke in New York because 4chan DDoSed the Revolutionary Guard's website.

[Martinus]

Tim: relax.

That's just what people said to those warning about the dangers of Islamic terrorism in the 90s and look what happened.

What happened?

[Razgovory]

Tim: relax.

That's just what people said to those warning about the dangers of Islamic terrorism in the 90s and look what happened.

What happened?

Y2K.

[jimmy olsen]

It just keeps getting worse.

http://redtape.nbcnews.com/_news/2013/04/03/17575854-bank-website-attacks-reach-new-high-249-hours-offline-in-past-six-weeks?lite

Bank website attacks reach new high: 249 hours offline in past six weeks

By Bob Sullivan, Columnist, NBC News

Major U.S. bank websites have been offline a total of 249 hours in the past six weeks, perhaps the clearest indication yet that American companies are prime targets in an unrelenting, global cyber conflict. The heavier-than-usual outages are the result of a remarkable, sustained attack that began seven months ago and repeatedly knocks banks offline for hours at a time, frustrating consumers and bank security professionals alike.

"Literally, these banks are just in war rooms, sitting at controls trying to stop (the attacks)," said Avivah Litan, a bank security analyst with Gartner Group, a consulting firm. "The frightening thing is (the attackers) are not using as much resources as they have on call. The attacks could be bigger."

The denial of service reports were hardly noteworthy at first, hidden in the wake of news that U.S. embassies were under siege during the week of September 11, 2012. But in short order, Bank of America, Wells Fargo, PNC and a number of other banks suffered hours-long website outages. A group calling itself Izz ad-Din al-Qassam Cyber Fighters released an anonymous statement saying it was attacking banks in sympathy with real-world protestors who were reacting to an anti-Islam film that had been posted online.

Seven months later, the group is still taunting the U.S. financial system, with notice almost daily from another bank that had to apologize for letting down its customers. American Express and Wells Fargo issued statements last week saying they suffered outages. Even with advance notice, the biggest financial institutions in the world can't seem to stop them.

No one interviewed for this story believes that a perceived insult over a Web movie is the attackers' motivation, as the al Qassam messaging has stated. Though some considered that it might be the work of attention-seeking teen-aged hackers, they would likely have grown bored, or run out of resources, long ago.

In the fall, national security officials speaking on background told several media outlets, including NBC News, that they suspected the Iranian government was behind the attacks. It seems certain that an organized group, with both a political motive and the ability to fund the operation, is to blame.

Keynote Systems, which provided the compilation of bank outages exclusively to NBC News, measures website availability by checking sites every five minutes and logging the results. It works with major banks to set up "dummy" accounts so its computers can log in and make sure online banking services are available, and constantly checks the largest 15 U.S. banks. Websites go offline for a variety of reasons — late-night software upgrades, for example — and some outages are to be expected, said Aaron Rudger, a Keynote spokesman.

Still, 249 hours during a six-week period (ending March 31) is significant, indicating those bank websites were unavailable for about 2 percent of the time during that stretch. For comparison, during the same six weeks a year ago, the same bank websites were down 140 hours. Keynote has no way of knowing why a site is unavailable, but Rudger was comfortable inferring that the so-called al-Qassam attacks were responsible for most of the increase.

Rodney Joffe issued chilling advice to banks preparing for an al Qassam-style attack last fall: Prepare a sincere-sounding apology, he said at the time. Given the volume of apologies since then, he turned out to be right.

"It goes on and on and on ... It's like they are kicking sand in someone's face, reminding people that they are there," said Joffe, who is senior technologist at Internet infrastructure company Neustar, which helps companies fight denial of service attacks. "You just have to ask yourself, 'Why?' (The attackers) just seem to enjoy being able to say 'On an ongoing basis, we can make life uncomfortable for your banking industry.'"

Not everyone thinks the bank site outages are such a big deal.

Michael Smith, director of the customer security incident response team at Akamai Technologies Inc., which provides website performance optimization and security for some of the companies targeted in the attacks, points out that customers have plenty of other ways to manage their money, and the outages haven't amounted to much more than an irritant.

More importantly, he says al Qassam has begun targeting smaller banks and other kinds of websites as larger banks become more successful at fending off their attacks or shortening the outages. The attackers also took a hiatus for part of February — Smith says to invent new attack techniques, probably — and have ceased tipping off targets ahead of time with weekly press releases.

"We aren't seeing as many notifications that sites are down as we were. The impact just is not as dramatic as it was," Smith said. "They are changing tactics and trying to generate more attention, more press."

Joffe says this is part of their strategy.

"The bad guys here are using just enough of their firepower to achieve their objectives and not more," Joffe says. "They are creating a disruption to the banking industry. ... We already know if they wanted to make it bigger attack, they could, but it seems pretty clear that's not their intention."

[Phillip V]

I am going to start calling myself a "Cyber Security Analyst".

[CountDeMoney]

I am going to start calling myself a "Cyber Security Analyst".

Hell, I do.  Just that nobody listens.