http://defensetech.org/2008/01/19/more-cyber-war-gouge/ The Future of the Military, Law Enforcement and National Security Fri, 10 Feb 2012 05:05:24 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://defensetech.org/2008/01/19/more-cyber-war-gouge/#comment-173597 steve Mon, 21 Jan 2008 22:09:05 +0000 http://deftech.usmilblog.com/?p=3800#comment-173597 See the difference, stealing data, attacking databases, Chinese, shutting down networks, extortion, criminals, typically Eastern European. No need for diagrams, a lazy IT worker hooks up to the internet for an update, classic. No, no, don't download the update, check for viriii, burn to CD and deploy, just take down all security, it's easier. See the difference, stealing data, attacking databases, Chinese, shutting down networks, extortion, criminals, typically Eastern European. No need for diagrams, a lazy IT worker hooks up to the internet for an update, classic. No, no, don’t download the update, check for viriii, burn to CD and deploy, just take down all security, it’s easier.

]]> http://defensetech.org/2008/01/19/more-cyber-war-gouge/#comment-68236 Kevin Sun, 20 Jan 2008 23:52:00 +0000 http://deftech.usmilblog.com/?p=3800#comment-68236 I wish I could draw you a diagram of the incident I uncovered at one company it would be easier to explain how the grid control systems got cross connected to computers with internet connections. But since I don't let me give you the text versions. 1. A vendor software packages needed on the control system for the company had a maintenance application that used the internet. 2. On individual whose PC was on the internal control network put a wireless hub on his PC so he could connect to the internet. 3. A back-up server for load balancing that could be assigned to support both internal control networks and non-control networks thus providing a bridge between the two. Those are the three that I have seen. I bet the other readers can come up with other possibilities. I wish I could draw you a diagram of the incident I uncovered at one company it would be easier to explain how the grid control systems got cross connected to computers with internet connections. But since I don’t let me give you the text versions.
1. A vendor software packages needed on the control system for the company had a maintenance application that used the internet.
2. On individual whose PC was on the internal control network put a wireless hub on his PC so he could connect to the internet.
3. A back-up server for load balancing that could be assigned to support both internal control networks and non-control networks thus providing a bridge between the two.
Those are the three that I have seen. I bet the other readers can come up with other possibilities.

]]> http://defensetech.org/2008/01/19/more-cyber-war-gouge/#comment-173595 Chris Sun, 20 Jan 2008 23:43:18 +0000 http://deftech.usmilblog.com/?p=3800#comment-173595 Those of us in the pen test business have been telling customers for years that they need to improve internal security and audit capabilities. They never do...until something happens. On a side note. Kevin is right on in his assessment of the professional state of the IT and engineering careers in the US. Far too many corporations look to other countries for cheap (notice I didn't say inexpensive). I once listened to Sam Palmisano (CEO of IBM) tell over a hundred engineers at one of its US development centers that they executives were NOT looking to the US for future talent. We're fighting a losing battle. As one of the most technologically advanced countries in the world, we're dependent on an infrastructure we can't even defend. Those of us in the pen test business have been telling customers for years that they need to improve internal security and audit capabilities.
They never do…until something happens.
On a side note. Kevin is right on in his assessment of the professional state of the IT and engineering careers in the US. Far too many corporations look to other countries for cheap (notice I didn’t say inexpensive). I once listened to Sam Palmisano (CEO of IBM) tell over a hundred engineers at one of its US development centers that they executives were NOT looking to the US for future talent.
We’re fighting a losing battle. As one of the most technologically advanced countries in the world, we’re dependent on an infrastructure we can’t even defend.

]]> http://defensetech.org/2008/01/19/more-cyber-war-gouge/#comment-173594 Arthur Sun, 20 Jan 2008 23:41:07 +0000 http://deftech.usmilblog.com/?p=3800#comment-173594 Kevin, can you please explain to me how it's even possible to attack a utility's network? I mean, why in the world would the utilities have their networks exposed to the Internet? If they do, then they must have complete retards working there. I know for a fact that all the nuclear power stations here in Ontario have absolutely no access to the Internet. If they aren't connected to the Internet, then there shouldn't be any way to hack in. Also, the tremendous drop in Computer Science and IT enrollment has to do with the dot com crash. Now applicants are only people who are interested in the field, not random people off the street who think they can get rich quick if they go into the tech field. Kevin, can you please explain to me how it’s even possible to attack a utility’s network? I mean, why in the world would the utilities have their networks exposed to the Internet? If they do, then they must have complete retards working there. I know for a fact that all the nuclear power stations here in Ontario have absolutely no access to the Internet. If they aren’t connected to the Internet, then there shouldn’t be any way to hack in.
Also, the tremendous drop in Computer Science and IT enrollment has to do with the dot com crash. Now applicants are only people who are interested in the field, not random people off the street who think they can get rich quick if they go into the tech field.

]]> http://defensetech.org/2008/01/19/more-cyber-war-gouge/#comment-173593 steve Sun, 20 Jan 2008 20:16:47 +0000 http://deftech.usmilblog.com/?p=3800#comment-173593 China? Hah, hardly the MO. If there was extortion demands after the cyber attack I would bet the farm that it was Russian or other Eastern European criminals. You can't assume every attack is politically based, you should never forget the basic human condition of simple greed. As a side note, if you have your grid set up so someone can get inside the controls from the internet, you have failed as a IT professional. China? Hah, hardly the MO. If there was extortion demands after the cyber attack I would bet the farm that it was Russian or other Eastern European criminals. You can’t assume every attack is politically based, you should never forget the basic human condition of simple greed. As a side note, if you have your grid set up so someone can get inside the controls from the internet, you have failed as a IT professional.

]]> http://defensetech.org/2008/01/19/more-cyber-war-gouge/#comment-173592 Kevin Sun, 20 Jan 2008 15:38:59 +0000 http://deftech.usmilblog.com/?p=3800#comment-173592 Given the three cities/regions were outside the US, they were in a monitoring and support role to our International friends. At this point no one can say if China played a role and if their supporters provided insider information. Investigating these types of attacks is a long drawn out effort and very complex. Few people are highly skilled at computer forensics. In a cyber war, smarts is the raw material of weapons. That being said the US has seen double digit decreases in students deciding to get computer and information science degrees in the lase several years. We are in a dangerous situation that even if we act right now will take years to change! Given the three cities/regions were outside the US, they were in a monitoring and support role to our International friends. At this point no one can say if China played a role and if their supporters provided insider information. Investigating these types of attacks is a long drawn out effort and very complex. Few people are highly skilled at computer forensics. In a cyber war, smarts is the raw material of weapons. That being said the US has seen double digit decreases in students deciding to get computer and information science degrees in the lase several years. We are in a dangerous situation that even if we act right now will take years to change!

]]> http://defensetech.org/2008/01/19/more-cyber-war-gouge/#comment-68231 pedestrian Sun, 20 Jan 2008 05:02:20 +0000 http://deftech.usmilblog.com/?p=3800#comment-68231 Why was CIA on its move? Was China involved? Were Chinese Americans providing support to the Chicoms to test internal assisted cyber attacks? Why was CIA on its move? Was China involved? Were Chinese Americans providing support to the Chicoms to test internal assisted cyber attacks?

]]> http://defensetech.org/2008/01/19/more-cyber-war-gouge/#comment-68229 SPyGuy Sun, 20 Jan 2008 01:08:55 +0000 http://deftech.usmilblog.com/?p=3800#comment-68229 What is the old saying Art imitates reality or is that now reality imitates art? What is the old saying Art imitates reality or is that now reality imitates art?

]]> http://defensetech.org/2008/01/19/more-cyber-war-gouge/#comment-173591 Patron Vectras Sun, 20 Jan 2008 01:00:52 +0000 http://deftech.usmilblog.com/?p=3800#comment-173591 Glad someone beat me to saying that. If I was the owner, I would be extremely mad to learn that it was done from the inside. Glad someone beat me to saying that.
If I was the owner, I would be extremely mad to learn that it was done from the inside.

]]> http://defensetech.org/2008/01/19/more-cyber-war-gouge/#comment-68227 RJB1012 Sat, 19 Jan 2008 22:38:23 +0000 http://deftech.usmilblog.com/?p=3800#comment-68227 Sounds just like the latest Die Hard movie Sounds just like the latest Die Hard movie

]]>