[skyhawk133]

As if we didn't already know that the US/Isreal had at least a hand in the whole Stuxnet virus and attacking Iran with it, there's some new reports out that seem to further confirm or support the theory. The accompanying video in this article is interesting as well: http://www.slashgear...ments-01231244/

What are the short term and long term ramifications of this sort of cyber-warfare? A friend thinks commercial entities may be targets of future attacks. For instance, what if a virus was able to shut down major production lines, or introduce faults or vulnerabilities in to the design/code of chips used in almost everything we rely on? Then one day, years in the future, everything just... poof... stops working. Cars, factories, power plants, phones, computers, everything.

Scary stuff when you think it's sitting in the wild where anyone can hack away at it.

[modi123_1]

Sure.. what about this 'Flame' thing running around? It shocks me that the 500k Stuxnet was an interesting spear, but a 20mb malware running around in your background? Sheesh.. Welcome to the world of stupid-big attack vectors.

Flame - what is it?

Quote

Kaspersky describes Flame as a backdoor and a Trojan with worm-like features. The initial point of entry for the virus is unknown -- spearphishing or infected websites are possibilities -- but after the initial infection, the virus can spread through USB sticks or local networks.

What it does...

Quote

Flame is meant to gather information from infected PCs

the virus can sniff out information from input boxes, including passwords hidden by asterisks, record audio from a connected microphone and take screenshots of applications that the virus deems important, such as IM programs. It can also collect information about nearby discoverable Bluetooth devices. The virus then uploads all this information to command and control servers, of which there are about a dozen scattered around the world.

Fattie fattie two-by-four, someone shoved you a twenty mb back door!

Quote

The virus is reminiscent of the Stuxnet worm that wreaked havoc on Iran in 2010, but Kaspersky says Flame is much complex, with its modules occupying more than 20 MB of code. “Consider this: it took us several months to analyze the 500K code of Stuxnet. It will probably take year to fully understand the 20MB of code of Flame,” the firm said.

How long has this sucker been out and how was it caught?

Quote

Flame has been in the wild since 2010, according to Kaspersky, but its creation date is unclear. The virus was discovered a month ago after Iran's oil ministry learned that several companies' servers had been attacked. That finding led to more evidence of attacks on other government ministries and industries in Iran.

No.. not quite Wiper.

Quote

Iran has claimed that the attacks also wiped the hard drives of some machines, but Kaspersky claims that the malware responsible, called Wiper, isn't necessarily related. Wiper attacks were isolated to Iran, while Flame has been found in other countries.

cite

[tlhIn`toq]

skyhawk133, on 01 June 2012 - 12:21 PM, said:

For instance, what if a virus was able to shut down major production lines, or introduce faults or vulnerabilities in to the design/code of chips used in almost everything we rely on? Then one day, years in the future, everything just... poof... stops working. Cars, factories, power plants, phones, computers, everything.

This isn't anything new... just the attack method.
The guys that made the power grid software have been saying for years that when they developed it in the 1960's & 1970's it was never imagined that anyone would WANT to dial into to their computers: What would be the point? And that it was never imagined that individuals could ever own computers: They were hundreds of thousands of dollars and would only be owned by governments and corporations.

In the 60's and 70's nobody every thought about 'terrorism'. That was something for Ireland's IRA but Ward and June Cleaver American barely heard of Muslim. We were riding high on the victory of the Space Race and the idea that America would ever suffer an attack on our own land was a fantasy. We were the biggest, strongest military in the world and nobody would ever dare fuck with us.

Nobody every thought about hi-jacking a plane until it happened. Nobody ever thought of a plane as a missile, until it happened. All of use developers do our best every day to anticipate the need and the cyber landscape 10 years in advance: That's our job. And we all succeed and fail to varying degrees. We are all shooting at a moving target.

In society's ever increasing greed every company wants to increase their bottom line by cutting labor. That means nobody to update the 30+ year old code that defends these major infrastructure systems. But at least the stockholders are happy for another year and some MBA gets another million dollar bailout bonus.

The programers who built those systems have warned people for decades and been ignored. Now its coming back to bite their employers in the ass.

This post has been edited by tlhIn`toq: 01 June 2012 - 12:04 PM

[CTphpnwb]

Not only is is not new, it's low grade. Why spend the money on attacking businesses when you can use those businesses to attack our way of life? China for example, has been rigging it's currency and subsidizing its manufacturers for decades while we've been shedding jobs. The irony is that they (Communist China!) have managed to make it look like this has been "free market" economics at work!

Recently, we've made it even easier for others like Al Qaeda to attack us. All they have to do now is buy a few businesses, form a few super PACs, and they can control our government while making money too!

With attacks like these made easy, a relatively high risk technical attack on individual businesses doesn't make much sense.

[trevster344]

CTphpnwb, on 01 June 2012 - 10:57 PM, said:

Not only is is not new, it's low grade. Why spend the money on attacking businesses when you can use those businesses to attack our way of life? China for example, has been rigging it's currency and subsidizing its manufacturers for decades while we've been shedding jobs. The irony is that they (Communist China!) have managed to make it look like this has been "free market" economics at work!

Recently, we've made it even easier for others like Al Qaeda to attack us. All they have to do now is buy a few businesses, form a few super PACs, and they can control our government while making money too!

With attacks like these made easy, a relatively high risk technical attack on individual businesses doesn't make much sense.

Saudi families already own a massive proportion of american business. Not terrorists, but still an example.

This post has been edited by trevster344: 02 June 2012 - 09:19 AM

[tlhIn`toq]

So many countries don't allow non-citizens to own property or businesses for exactly this reason. What a silly idea, eh? Only citizens can own land within their country... Only citizens can own businesses in that country so it helps the local economy.

I saw this in Dubai. Our client was partners with a citizen in a chain of restaurants. The citizen could own the chain and have ex-pats as non-majority partners, but the responsibility of ownership and all the legalities still fell in his lap. Funny how having that over your head will cause you to make sure its run right. If a foreigner owns the business why does he care if every last labor law is followed? The worst that can happen is his business gets closed and he opens it elsewhere. But a citizen risks personal fines, tax liens, loss of property, and jail time.

And that doesn't even get into the idea that a citizen should tend to hire more citizens as employees which is good for the country - where a foreigner owning the business will just bring in more foreigners from their country to be employees degrading the country's economy further.

This stuff isn't rocket science. Its the type of stuff that leaders understand. Sadly the days of leaders actually leading a country are gone. Now all we have are politicians whose primary expertise is how to get elected then use their position to make as much money for themselves and their buddies as possible.

[Martyr2]

Well one thing is clear, our jobs as programmers is about to get infinitely tougher. It is things like this which is going to breed overly strict security which will force every program we create to jump through like 10 hoops just to access resources.

It also means that the governments of the world are going to put rules on everything we do on the net in an effort to implement security and "protect the people".

It will also implement harsher sentences on hackers where they will be tried not only computer crimes, but crimes of espionage and treason which I don't have to remind you that in the US those can carry life sentences in jail.

In addition, it means that these noobs we continue to run into on here are going to be going into an industry which is going to be more closed off to learning and resources less likely to be available. Heck, perhaps us pros who are helping them will be forced to stop for fear of being charged in a conspiracy to commit a cyber crime.

Now I hope this doesn't happen, but it very well could if we continue down this path of making programs weapons of war. It means all of us are going to become weapon makers and that my friends can be a dangerous profession.



Edit: Just look at Tony Stark.

This post has been edited by Martyr2: 02 June 2012 - 10:57 AM

[CTphpnwb]

tlhIn`toq, on 02 June 2012 - 12:30 PM, said:

Now all we have are politicians whose primary expertise is how to get elected then use their position to make as much money for themselves and their buddies as possible.

Yes, but one Party just calls that free enterprise.

trevster344, on 02 June 2012 - 12:09 PM, said:

Saudi families already own a massive proportion of american business. Not terrorists, but still an example.

That would explain — in part (Fox News isn't Saudi owned, Rupert's an Aussie!) — the massive amounts of anti-global warming propaganda and the attempts to limit alternative energy programs.

[tlhIn`toq]

Martyr2, on 02 June 2012 - 10:53 AM, said:

Well one thing is clear, our jobs as programmers is about to get infinitely tougher.

I think it really only applies to industries that have their computers on the 'net.
Mine for example doesn't. Ride Photography at amusement parks. Its all closed systems not connected to the 'net. A computer captures the photo, another sells. You don't WANT the working-class computers on the internet because some clerk will start playing Facebook instead of their job. One computer, the server, is on the internet for the sake of selling photos via email. That doesn't concern me: Its the IT manager's job to keep it secured, not the individual program developer. I just make use of the standard .NET namespaces and calls.

I'm sure mine is not the only industry where the average computer is deliberately not on the internet. Good design reduces the points of vulnerability as much as possible, then lays on 50 layers of armor, Kevlar, Black Ice, virtualization, port restrictions, custom communication protocols, missile launchers and every other defensive option you can.

I suppose that then becomes the security problem: Its the job of the OS to be secure and Microsoft just can't do that.

[Martyr2]

Well you would think nuclear facilities and such would have said 50 layers but the virus was still able to penetrate. The problem is that not only do you not have to make sure it is connected to the net but also doesn't allow users from bringing it in (removable storage media etc).

Either way, designing programs to be on such restricted systems was my main point. As programmers we will have to make sure that our programs jump through the 50 layers of armor just to access a file or a remote resource. Connected to the net or not.

Stuff that has to be connected to the net is going to be even tougher even if there is only one entry point. We are not just talking about entrance, we are also talking about the environment our programs will have to operate in.

[linuxgreen]

My biggest worry with cyberwarfare is what I would do if I were a terrorist or state-sponsored attacker:

[1.] use cyberwar malware to knock out the streetlights in a city
[2.] tip off criminals before I do the above
[3.] rinse and repeat with a different city once a month.

I watched a security podcast with Leo Laporte and that Gibson guy. They both thought that cyberwarfare is OK. But I wonder if they would want to live with 1-3. It's not a future that I want.

[no2pencil]

linuxgreen, on 26 June 2012 - 06:09 AM, said:

My biggest worry with cyberwarfare is what I would do if I were a terrorist or state-sponsored attacker:

[1.] use cyberwar malware to knock out the streetlights in a city

Like Detroit?

[denting5]

How are nations going to respond in a proactive manner to the threat of a cyber attack? Back when a- bombs were the big thing, mutually assured destruction prevented a conflict. If Russia nuked New York, the United States would nuke Moscow. But now that the most damaging sort of attack cannot be tracked, it will be impossible to stop anarchy.

[modi123_1]

I am unclear on what you are asking/saying. Are you saying the reaction to an attack is impossible because an attack is not traceable, or that there is no possible retaliatory option to create a MAD scenario?

[denting5]

Sorry for my lack of clarity. I am attempting to say that no deterrent exists for attacks because they can often not be traced. Ex: it is still not known for certain who make stuxnet.