Malware hits industrial equipment

[xoxoxoBruce]

These new profesional viruses are from Kaspersky. They're spreading them around so they can find them and build street creds.

[Lamplighter]

Here is a fascinating l-o-n-g article about the reverse-engineering
of the malware known as Flame, which was designed to attack the Iranian nuclear site computers.

I won't spoil it for laymen/geeks that want to read it for themselves.
But this article is almost enough for someone to make a movie of the story
--- even though the denouement is not quite finished.

Wired
Kim Zetter
0/17/12
Coders Behind the Flame Malware Left Digital Clues on Control Servers

Quote:

The attackers behind the nation-state espionage tool known as Flame
accidentally left behind tantalizing clues that provide information about their identity
and that suggest the attack began earlier and was more widespread than previously believed.

Researchers have also uncovered evidence that the attackers may have produced
at least three other pieces of malware or variants of Flame that are still undiscovered.

The information comes from clues the attackers inadvertently left behind
on two command-and-control servers they used to communicate with infected machines
and steal gigabytes of data from them.

<snip>

[Lamplighter]

The "what" of Stuxnet has been widely described and discussed.
But the "who" was not known, even though many suspected Israel.

... Now the U.S. (NSA) and Israel are being publicly identified.


Washington Post
Greg Miller and Sari Horwitz
6/27/13

Justice Dept. targets general in leak probe
A retired four-star Marine Corps general who served as the nation’s second-ranking military officer
is a target of a Justice Department investigation into a leak of information about
a covert U.S.-Israeli cyberattack on Iran’s nuclear program, a senior Obama administration official said.

Retired Gen. James E. “Hoss” Cartwright served as deputy chairman of the Joint Chiefs of Staff
and was part of President Obama’s inner circle on a range of
critical national security issues before he retired in 2011.
<snip>

Stuxnet was part of a broader cyber campaign called Olympic Games that was disclosed
by the New York Times last year as one of the first major efforts by the United States
to use computer code as a destructive weapon against a key adversary.

The investigation into the Stuxnet leak was launched in June 2012
by Attorney General Eric H. Holder Jr. and gained momentum in recent months
amid indications that prosecutors were putting pressure on a range of
current and former senior officials suspected of involvement.

The leaks surrounding Stuxnet exposed details about what had been
one of the most closely held secrets in the U.S. intelligence community,
an ambitious effort by the National Security Agency in collaboration
with the Israeli government to devise computer code that could cripple
Iran’s alleged effort to pursue a nuclear bomb.

[Lamplighter]

I have been fascinated by the concept of the Stuxnet attacks
... "the malware programs thought to have been jointly developed by the U.S. and Israel
that targeted the Iranian nuclear program, but quickly made its way into the digital wild".

I've often thought this could become a great movie genre,
but so far there has not been a lot of public information.
That is changing.

This article in the Washington Post has links to all sorts of information,
starting at the U.S. group called "Technical Access Operations"

Washington Post
Andrea Peterson
8/29/13

The NSA has its own team of elite hackers

Quote:

Our Post colleagues have had a busy day.
First, they released documents revealing the U.S. intelligence budget
from National Security Agency (NSA) leaker Edward Snowden.
Then they recounted exactly how the hunt for Osama bin Laden went down.
In that second report, Craig Whitlock and Barton Gellman shared a few tidbits
about the role of the government’s hacking unit, Tailored Access Operations (TAO) in the hunt,
writing that TAO “enabled the NSA to collect intelligence from mobile phones
that were used by al-Qaeda operatives and other ‘persons of interest’ in the bin Laden hunt.”

So just what is Tailored Access Operations?
According to a profile by Matthew M. Aid for Foreign Policy, it’s a highly secret
but incredibly important NSA program that collects intelligence about foreign targets
by hacking into their computers, stealing data, and monitoring communications.
Aid claims TAO is also responsible for developing programs that could destroy
or damage foreign computers and networks via cyberattacks if commanded to do so by the president.
<snip>

[Lamplighter]

Stuxnet is now being attributed to the NSA.

And NSA doesn't need the internet ISP's because it's not just hacking the software.
This hardware works even when the computer is "turned off".

NY Times
DAVID E. SANGER and THOM SHANKER
JAN. 14, 2014

N.S.A. Devises Radio Pathway Into Computers

Quote:

WASHINGTON — The National Security Agency has implanted software in nearly
100,000 computers around the world that allows the United States to conduct
surveillance on those machines and can also create a digital highway for launching cyberattacks.

The technology, which the agency has used since at least 2008, relies on a covert channel of
radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously
into the computers.

In some cases, they are sent to a briefcase-size relay station
that intelligence agencies can set up miles away from the target.
<snip>
The N.S.A.'s efforts to reach computers unconnected to a network have relied
on a century-old technology updated for modern times: radio transmissions.

But the Iranians and others discovered some of those techniques years ago.

The hardware in the N.S.A.'s catalog was crucial in the cyberattacks on Iran’s nuclear facilities,
code-named Olympic Games, that began around 2008 and proceeded through the summer of 2010,
when a technical error revealed the attack software, later called Stuxnet.<snip>

The people may have been right all along.

[glatt]

So how did they get those circuit boards into those computers?

At the manufacturer?

Or a cat burglar type black ops nerd rappelling down through a skylight and sneaking past all the laser beam alarm systems with his toolbox of torx wrenches and grounding wrist straps?

[Lamplighter]

Quote:

...So how did they get those circuit boards into those computers...

You may be using a similar USB devise in your own daily life...



As I understand these things, once you set up receiving on your tv,
you can turn off your (controlling) computer ... the tv-show continues.

[Molasar]

http://www.bbc.co.uk/news/technology-25780908

even domestic appliances are getting in on the act now.
fridges sending spam, FFS, what next?

[xoxoxoBruce]

This rush to be able to control everything you own/rent, car, thermostat, lights, appliances, baby monitor, security, from your phone, is 50% for convenience, 50% for look-what-I-got.

Stop, drop, roll, think. If you can do it, someone else can do it.
Do you want to trade your safety/security for the gee-whiz-factor, or the I-forgot-but-I-can-do-it-from-here?