Web Links Directory - Free human edited web sites directory  - Article Details
STATISTICS
  • Active Links: 293864
  • Pending Links: 782488
  • Todays Links: 773
  • Total Articles: 2460
  • Total Categories: 14
  • Sub Categories: 687

Designer Malware and Custom Trojans, the Newest Threats to Cyber Security

Date Added: December 01, 2011 09:40:26 AM
Author: Astal Mark
Category: Computers & Internet
Stuxnet – cyber security and SCADA networks DA VINCI CODE OR CYBER SECURITY THREAT? A rumour that Israel was behind Stuxnet gained strength when the word ‘myrtus’ was found in the worm’s code and linked to Queen Esther, said to have saved the Persian Jews from genocide in the 4th century BC. The Israeli theory persisted into 2011 and in January, the New York Times gave it more teeth with evidence that Stuxnet ‘was an American-Israeli project to sabotage the Iranian nuclear program. Indeed all five attacks between June 2009 and May 2010 had been on organisations with a presence in Iran. The media speculation and hype had already gone into overdrive in 2010: the potent mix of cyber spies, designer viruses and nuclear power was simply irresistible. This was unfortunate because the risks posed by Stuxnet and similar types of malware are very real: the worm had in fact infiltrated SCADA systems all the way from Germany to India. Yet designer Trojans like Stuxnet aren’t new or rare. ‘Anyone who looks at it carefully can build something like it’ according to Ralph Langner. Designer Trojans are typical of the Advanced Persistent Threat (APT) attacks we’ve seen in growing numbers in the last few years. APT campaigns are highly targeted, sophisticated, persistent and very hard to stop or even detect with traditional IT security systems. In a previous White Paper e-Espionage-How Real is the Risk?, we discussed highly organised attacks against high value public and private sector targets, from governments to finance and resource companies. Critical national infrastructure such as communications and logistic hubs, power stations, and industrial plants are obvious next targets. ISLANDS NO MORE Long before the Internet, industrial networks and their control systems were quarantined from the rest of a plant’s network. ‘Security through obscurity’ was provided by specialised protocols and proprietary program codes connecting physical assets via Remote Terminal Units (RTUs) and Programmable Logic Controllers (PLCs). That changed in the 1990’s when the makers of SCADA systems embraced Windows PC platforms as operational front-ends to gain richer functionality and reduce duplication and cost. Industrial systems were soon connected to business systems to make operational data more accessible to maintenance teams, plant managers and business units. Today, most industrial networks are connected to corporate IP networks. While this has resulted in business and system efficiencies, it has also exposed SCADA and ICS systems to internet-borne attacks. OLD WORLD SECURITY As the Stuxnet story unfolded, it was revealed that Siemens’ SCADA systems operated on hard-coded default passwords. Security analysts shook their heads in dismay when Siemens warned that changing these passwords could make its systems inoperable. In the old world when SCADA systems were islands, hard-coded passwords weren’t a problem; in a connected environment, this is unacceptable practice. Any security newbie knows that removable media pose the highest risk in cyber security. A recent example was IBM handing out infected USB sticks to attendees of the 2010 AusCERT conference. For historic reasons, SCADA systems are typically upgraded via removable media like USB drives, and Stuxnet was designed specifically to exploit this anachronism. In reality, engineers apply patches only when absolutely necessary since SCADA systems control crucial water supplies, power grids and gas pipelines in real time. In this scenario, a faulty patch could lead to ‘a multi-billion dollar disaster with hundreds of dead, injured and long term disabled people’. It follows that rigorous processes for patch updates are in place that include • Control systems to be updated only by authorised staff; • Systems updates to be carried out under strict supervision; • Removable media for SCADA upgrade to be scanned beforehand; and • The number of files contained to be verified with the CRC or hash totals for each file.
Ratings
You must be logged in to leave a rating.
Average rating: (0 votes)
Comments

No Comments Yet.


You must be logged in to leave a Comment.
ARTICLES
How to remove link from Wldirectory
Here is the short description, how to remove your link, if you no longer need it.
Get started with jewellery online shopping and find yourself many discounts and offers to avail
Today, Internet is the most versatile tools in the field of marketing. People generally uses it, as to advertise their business and products, as to attaing more and more money and also to get some merchandise.
Shared Hosting Cons And Professionals
Tie this to the fact that Bluehost offer a one month, full money back guarantee if you are unsatisfied for just about any cause. This would be particularly so as it pertains to multiple web hosting.of datacenters.
Monster Beats Headphones Outlet
A center channel is also included. When you are experienced enough, try your hand on starting your own recording studio.
Are you purchasing quality furniture?
When it comes to purchasing furniture you have so many places to choose from.