The Chinese government may be rational, I wouldn't bet on all their officers in their cyber command, they might want to take a page out of the playbook of the Imperial Japanese Army and start a war by themselves. :ph34r:
http://usnews.nbcnews.com/_news/2013/02/19/17019005-successful-hacker-attack-could-cripple-us-infrastructure-experts-say?lite
Quote
Successful hacker attack could cripple U.S. infrastructure, experts say
By Erin McClam, Staff Writer, NBC News
A report tying the Chinese military to computer attacks against American interests has sent a chill through cyber-security experts, who worry that the very lifelines of the United States — its energy pipelines, its water supply, its banks — are increasingly at risk.
The experts say that a successful hacker attack taking out just a part of the nation's electrical grid, or crippling financial institutions for several days, could sow panic or even lead to loss of life.
"I call it cyberterrorism that makes 9/11 pale in comparison," Rep. Mike Rogers, a Michigan Republican and chair of the House Intelligence Committee, told NBC News on Tuesday.
An American computer security company, Mandiant, reported with near certainty that members of a sophisticated Chinese hacking group work out of the headquarters of a unit of the Chinese army outside Shanghai.
The report was first detailed in The New York Times, which said that the hacking group's focus was increasingly on companies that work with American infrastructure, including the power grid, gas lines and waterworks.
The Chinese embassy in Washington told The Times that its government does not engage in computer hacking.
As reported, the Chinese attacks constitute a sort of asymmetrical cyberwarfare, analysts said, because they bring the force of the Chinese government and military against private companies.
"To us that's crossing a line into a class of victim that's not prepared to withstand that type of attack," Grady Summers, a Mandiant vice president, said on the MSNBC program "Andrea Mitchell Reports."
The report comes as government officials and outside security experts alike are sounding ever-louder alarms about the vulnerability of the systems that make everyday life in the United States possible.
A new report confirmed by U.S. intelligence officials has pinpointed a building in Shanghai where those working for the Chinese military launched cyberattacks against 141 US companies spanning 20 industries. NBC's Andrea Mitchell reports.
Outgoing Defense
Secretary Leon Panetta warned in October that the United States was facing a threat that amounted to "cyber Pearl Harbor" and raised the specter of intentionally derailed trains, contaminated water and widespread blackouts.
"This is a pre-9/11 moment," Panetta told business executives in New York. "The attackers are plotting."
The Times report described an attack on Telvent, a company that keeps blueprints on more than half the oil and gas pipelines in North and South America and has access to their systems.
A Canadian arm of the company told customers last fall that hackers had broken in, but it immediately cut off the access so that the hackers could not take control of the pipelines themselves, The Times reported.
Dale Peterson, founder and CEO of Digital Bond, a security company that specializes in infrastructure, told NBC News that these attacks, known as vendor remote access, are particularly worrisome.
"If you are a bad guy and you want to attack a lot of different control systems, you want to be able to take out a lot," he said. "The dirty little secret in these control systems is once you get through the perimeter, they have no security at all. They don't even have a four-digit pin like your ATM card."
The 34-minute blackout at the Super Bowl earlier this month highlighted weak spots in the nation's power system. A National Research Council report declassified by the government last fall warned that a coordinated strike on the grid could devastate the country.
That report considered blackouts lasting weeks or even months across large parts of the country, and suggested they could lead to public fear, social turmoil and a body blow to the economy.
Vital systems do not have to be taken down for very long or across a particularly widespread area, the experts noted, to cause social disorder and to spread fear and anxiety among the population.
Last fall, after Hurricane Sandy battered the Northeast, it took barely two days for reports of gasoline shortages to cause hours-long lines at the pumps and violent fights among drivers.
Peterson described being in Phoenix, Ariz., during a three-day gas pipeline disruption "when people were waiting in line six hours and not going to work. You can imagine someone does these things maliciously, with a little more smarts, something that takes three months to replace."
Similarly, hacking attacks last fall against major American banks — believed by some security experts and government officials to be the work of Iran — amounted to mostly limited frustration for customers, but foreshadowed much bigger trouble if future attacks are more sophisticated.
What worries Dmitri Alperovitch, co-founder of the computer security company CrowdStrike, is a coordinated attack against banks that modifies, rather than destroys, financial data, making it impossible to reconcile transactions.
"You could wreak absolute havoc on the world's financial system for years," he said. "It would be impossible to roll that back."
While the report Tuesday focused on China, the experts also highlighted Iran as a concern. That is because China, as a "rational actor" state, knows that a major cyberattack against the United States could be construed as an act of war and would damage critical economic cooperation between the U.S. and China.
"With the Iranians in the game," Rogers said, "what's worrisome is they don't care. They have no economic lost opportunity."
Security experts have for years expressed concern, if not outrage, that the nation's critical infrastructure remains so vulnerable so long after Sept. 11, 2001.
But the escalating threats from hackers in China and Iran, in addition to Russia and North Korea, appear to be lending new urgency to efforts to make sure companies and government agencies are better prepared.
President Barack Obama announced in his State of the Union message last week that he had signed an executive order directing federal agencies to share certain unclassified reports of cyber threats with American companies.
Advertise | AdChoices
The next day, Rogers and Rep. Dutch Ruppersberger, a Maryland Democrat, reintroduced legislation designed in part to help companies share information. The bill passed the House last year but stalled in the Senate.
State Department spokeswoman Victoria Nuland said Tuesday that the United States has "substantial and growing" concerns about threats to the U.S. economy and national security posed by cyberattacks.
"I think as recent public reports make clear, we're obviously going to have to keep working on this," she said. "It's a serious concern."
Peterson said that oil, gas and electric companies had led the way in developing security perimeters, with water companies "kind of in the middle" and transportation and mining companies lagging.
But even the protections enacted by companies so far leave too many holes, he said.
"They're all in the same situation," Peterson said. "If you get through the perimeter, you can do whatever you want."
We need to strengthen our cyberdefenses at all cost.
Cyber-order must be achieved and maintained at all costs!
There must not be a cyber gap!
might be handy to get your vital infrastructure off the net.
Tim: relax.
Quote from: Caliga on February 20, 2013, 02:48:53 PM
Tim: relax.
Tim must keep up his vigilance so the rest of us don't have to.
Quote from: Caliga on February 20, 2013, 02:48:53 PM
Tim: relax.
The reason we sleep soundly in our beds at night is because ROUGH TIMMAYS are ready to commit HARDCORE FORUM POSTS on our behalf.
Quote from: Crazy_Ivan80 on February 20, 2013, 02:42:29 PM
might be handy to get your vital infrastructure off the net.
That would make things a lot more difficult and expensive in, for example, energy or water treatment & distribution networks. They tend to have dozens or hundreds of automated, small facilities scattered over a large area, all supervised centrally via VPNs and radio links (for redundancy).
Quote from: fahdiz on February 20, 2013, 03:26:21 PM
Quote from: Caliga on February 20, 2013, 02:48:53 PM
Tim: relax.
The reason we sleep soundly in our beds at night is because ROUGH TIMMAYS are ready to commit HARDCORE FORUM POSTS on our behalf.
:Embarrass: You've shamed me, sir.
We must harden our cyber defenses at any cost.
Also, this has been an issue for over 15 years and will be an issue for another 15.
Why not simply explain to cyberwarrior states that Internet-based incursion will be retaliated against with physical infrastructure loss brought about my massive nuclear counterattack?
Quote from: Ideologue on February 20, 2013, 04:21:08 PM
Why not simply explain to cyberwarrior states that Internet-based incursion will be retaliated against with physical infrastructure loss brought about my massive nuclear counterattack?
Because that's not a good idea. We don't want the Iranians to get the idea that it's alright to set off a nuke in New York because 4chan DDoSed the Revolutionary Guard's website.
Quote from: Iormlund on February 20, 2013, 03:36:02 PM
Quote from: Crazy_Ivan80 on February 20, 2013, 02:42:29 PM
might be handy to get your vital infrastructure off the net.
That would make things a lot more difficult and expensive in, for example, energy or water treatment & distribution networks. They tend to have dozens or hundreds of automated, small facilities scattered over a large area, all supervised centrally via VPNs and radio links (for redundancy).
Instead of spending the money to upgrade the cyber infrastructure necessary to meet the regulatory requirements to remote fire up peaking plants from control facilities, we simply unplugged them. Gotta send somebody out to them to bring them online now.
Quote from: CountDeMoney on February 21, 2013, 08:40:24 AM
Instead of spending the money to upgrade the cyber infrastructure necessary to meet the regulatory requirements to remote fire up peaking plants from control facilities, we simply unplugged them. Gotta send somebody out to them to bring them online now.
Well at least that'll keep the unions happy.
Quote from: Iormlund on February 21, 2013, 08:44:22 AM
Quote from: CountDeMoney on February 21, 2013, 08:40:24 AM
Instead of spending the money to upgrade the cyber infrastructure necessary to meet the regulatory requirements to remote fire up peaking plants from control facilities, we simply unplugged them. Gotta send somebody out to them to bring them online now.
Well at least that'll keep the unions happy.
We had no unions.
Quote from: Caliga on February 20, 2013, 02:48:53 PM
Tim: relax.
That's just what people said to those warning about the dangers of Islamic terrorism in the 90s and look what happened.
Don't worry, Tim. Obama just signed an executive order calling for voluntary industry standards and shit. If that doesn't stop the Chinese, nothing will.
Quote from: jimmy olsen on February 21, 2013, 09:25:11 AM
That's just what people said to those warning about the dangers of Islamic terrorism in the 90s and look what happened.
I never said that. But now, I'm telling you to relax... and I'm large and in charge, so do it.
Well, you are large. :yes:
Quote from: jimmy olsen on February 21, 2013, 09:25:11 AM
Quote from: Caliga on February 20, 2013, 02:48:53 PM
Tim: relax.
That's just what people said to those warning about the dangers of Islamic terrorism in the 90s and look what happened.
What happened? Islamic terrorism is peanuts in actual damage compared to just about anything else. Just because it's blown out of proportion doesn't mean it's a serious threat to our way of life.
Quote from: Kleves on February 21, 2013, 09:38:31 AM
Don't worry, Tim. Obama just signed an executive order calling for voluntary industry standards and shit. If that doesn't stop the Chinese, nothing will.
:lol:
Coworkers are not happy.
http://worldnews.nbcnews.com/_news/2013/03/20/17393609-cyber-attack-on-south-korea-said-to-come-from-chinese-address?lite
QuoteCyber attack on South Korea said to come from Chinese address
By Jack Kim, Reuters
SEOUL - A hacking attack on the servers of South Korean broadcasters and banks originated from an IP address based in China, officials in Seoul said on Thursday, raising suspicions the intrusion came from North Korea.
An unnamed official from South Korea's presidential office was quoted by the Yonhap news agency as saying the discovery of the IP address indicated Pyongyang was responsible for the attack on Wednesday.
A previous attack on a South Korean newspaper that the government in Seoul traced back to North Korea also used a Chinese IP address.
"We've identified that a Chinese IP is connected to the organizations affected," a spokesman for South Korea's Communications Commission told a press conference.
The attack brought down the network servers of television broadcasters YTN, MBC and KBS as well as two major commercial banks, Shinhan Bank and NongHyup Bank. South Korea raised its alert levels in response.
Investigations of past hacking incidents on South Korean organizations have been traced to Pyongyang's large army of computer engineers trained to infiltrate the South's computer networks.
"There can be many inferences based on the fact that the IP address is based in China," the communications commission's head of network policy, Park Jae-moon said. "We've left open all possibilities and are trying to identify the hackers."
It took the banks hours to restore operations. Damage to the servers of the TV networks was believed to be more severe, although broadcasts were not affected.
About 32,000 computers at the six organizations were affected, according to the South's state-run Korea Internet Security Agency, adding it would take up to five days to fully restore their functions.
North Korea has in the past targeted South Korea's conservative newspapers, banks and government institutions.
The biggest hacking effort attributed to Pyongyang was a 10-day denial of service attack in 2011 that antivirus firm McAfee, part of Intel Corp, dubbed "Ten Days of Rain". It said that attack was a bid to probe the South's computer defenses in the event of a real conflict.
North Korea last week said it had been a victim of cyber attacks, blaming the United States and threatened retaliation.
Quote from: Neil on February 20, 2013, 04:29:36 PM
Quote from: Ideologue on February 20, 2013, 04:21:08 PM
Why not simply explain to cyberwarrior states that Internet-based incursion will be retaliated against with physical infrastructure loss brought about my massive nuclear counterattack?
Because that's not a good idea. We don't want the Iranians to get the idea that it's alright to set off a nuke in New York because 4chan DDoSed the Revolutionary Guard's website.
:D
Quote from: jimmy olsen on February 21, 2013, 09:25:11 AM
Quote from: Caliga on February 20, 2013, 02:48:53 PM
Tim: relax.
That's just what people said to those warning about the dangers of Islamic terrorism in the 90s and look what happened.
What happened?
It just keeps getting worse. <_<
http://redtape.nbcnews.com/_news/2013/04/03/17575854-bank-website-attacks-reach-new-high-249-hours-offline-in-past-six-weeks?lite
QuoteBank website attacks reach new high: 249 hours offline in past six weeks
By Bob Sullivan, Columnist, NBC News
Major U.S. bank websites have been offline a total of 249 hours in the past six weeks, perhaps the clearest indication yet that American companies are prime targets in an unrelenting, global cyber conflict. The heavier-than-usual outages are the result of a remarkable, sustained attack that began seven months ago and repeatedly knocks banks offline for hours at a time, frustrating consumers and bank security professionals alike.
"Literally, these banks are just in war rooms, sitting at controls trying to stop (the attacks)," said Avivah Litan, a bank security analyst with Gartner Group, a consulting firm. "The frightening thing is (the attackers) are not using as much resources as they have on call. The attacks could be bigger."
The denial of service reports were hardly noteworthy at first, hidden in the wake of news that U.S. embassies were under siege during the week of September 11, 2012. But in short order, Bank of America, Wells Fargo, PNC and a number of other banks suffered hours-long website outages. A group calling itself Izz ad-Din al-Qassam Cyber Fighters released an anonymous statement saying it was attacking banks in sympathy with real-world protestors who were reacting to an anti-Islam film that had been posted online.
Seven months later, the group is still taunting the U.S. financial system, with notice almost daily from another bank that had to apologize for letting down its customers. American Express and Wells Fargo issued statements last week saying they suffered outages. Even with advance notice, the biggest financial institutions in the world can't seem to stop them.
No one interviewed for this story believes that a perceived insult over a Web movie is the attackers' motivation, as the al Qassam messaging has stated. Though some considered that it might be the work of attention-seeking teen-aged hackers, they would likely have grown bored, or run out of resources, long ago.
In the fall, national security officials speaking on background told several media outlets, including NBC News, that they suspected the Iranian government was behind the attacks. It seems certain that an organized group, with both a political motive and the ability to fund the operation, is to blame.
Keynote Systems, which provided the compilation of bank outages exclusively to NBC News, measures website availability by checking sites every five minutes and logging the results. It works with major banks to set up "dummy" accounts so its computers can log in and make sure online banking services are available, and constantly checks the largest 15 U.S. banks. Websites go offline for a variety of reasons — late-night software upgrades, for example — and some outages are to be expected, said Aaron Rudger, a Keynote spokesman.
Still, 249 hours during a six-week period (ending March 31) is significant, indicating those bank websites were unavailable for about 2 percent of the time during that stretch. For comparison, during the same six weeks a year ago, the same bank websites were down 140 hours. Keynote has no way of knowing why a site is unavailable, but Rudger was comfortable inferring that the so-called al-Qassam attacks were responsible for most of the increase.
Rodney Joffe issued chilling advice to banks preparing for an al Qassam-style attack last fall: Prepare a sincere-sounding apology, he said at the time. Given the volume of apologies since then, he turned out to be right.
"It goes on and on and on ... It's like they are kicking sand in someone's face, reminding people that they are there," said Joffe, who is senior technologist at Internet infrastructure company Neustar, which helps companies fight denial of service attacks. "You just have to ask yourself, 'Why?' (The attackers) just seem to enjoy being able to say 'On an ongoing basis, we can make life uncomfortable for your banking industry.'"
Not everyone thinks the bank site outages are such a big deal.
Michael Smith, director of the customer security incident response team at Akamai Technologies Inc., which provides website performance optimization and security for some of the companies targeted in the attacks, points out that customers have plenty of other ways to manage their money, and the outages haven't amounted to much more than an irritant.
More importantly, he says al Qassam has begun targeting smaller banks and other kinds of websites as larger banks become more successful at fending off their attacks or shortening the outages. The attackers also took a hiatus for part of February — Smith says to invent new attack techniques, probably — and have ceased tipping off targets ahead of time with weekly press releases.
"We aren't seeing as many notifications that sites are down as we were. The impact just is not as dramatic as it was," Smith said. "They are changing tactics and trying to generate more attention, more press."
Joffe says this is part of their strategy.
"The bad guys here are using just enough of their firepower to achieve their objectives and not more," Joffe says. "They are creating a disruption to the banking industry. ... We already know if they wanted to make it bigger attack, they could, but it seems pretty clear that's not their intention."
I am going to start calling myself a "Cyber Security Analyst".
Quote from: Phillip V on April 03, 2013, 07:32:53 PM
I am going to start calling myself a "Cyber Security Analyst".
Hell, I do. Just that nobody listens.
Quote from: Darth Wagtaros on February 20, 2013, 04:09:44 PM
We must harden our cyber defenses at any cost.
Also, this has been an issue for over 15 years and will be an issue for another 15.
I'd mostly be concerned about watching for social engineering attacks. Hell, Iran's centrifuges had a literal physical drawbridge between themselves and the Internet, and they still managed to catch Stuxnet by sheer dint of at least one stupid employee with a flash drive.
Something doesn't add up in that article. Given there are 1,008 hours in a six-week period, websites being down for 249 hours would be closer to 25% downtime than 2%, right? Am I missing some vital piece of information?
Incidentally, considering bank websites to be down for "hours at a time" as warfare really is watering down the term.
It was written by a journalist. Math and logic aren't their strong suits.
Maybe the 249 hour figure is a combined total and the individual sites were only down 2 pct of the time.