Home » News » Around the Globe » A Cyber Assassination Confirmed?

A Cyber Assassination Confirmed?

by christian on September 29, 2010

By Kevin Coleman — Defense Tech Cyber Warfare correspondent

Almost three years ago here on DefenseTech we blogged about cyber assassination and received some ‘interesting’ feedback on and off the blog. Some events that were made public recently demand we revisit this topic.  Just recently, a news article appeared in the Daily Sun – Voice of the Nation that prompted a flood of conversations.  The article, “Cyber Terrorism Hits Nigeriaopenly disclosed a cyber assignation of a mob boss that took place not that long ago. 

In Italy, not too long ago, a mob boss was shot but survived the shooting. That night, while he was in the hospital, the assassins hacked into the hospital computer and changed his medication so that he would be given a lethal injection. He was a dead man a few hours later. They then changed the medication order back to its correct form, after it had been incorrectly administered, to cover their tracks so that the nurse would be blamed for the “accident.”

In March 2009 Joseph Weiss, a control systems expert and Managing Partner of Applied Control Solutions, testified before the Senate Commerce, Science and Transportation Committee stating that networks powering industrial control systems have been breached more than 125 times in the past decade, with one breach resulting in American deaths.

Clearly the evidence is mounting that cyber attacks are not only disruptive, but deadly.

Share |

{ 31 comments… read them below or add one }

Jacob September 29, 2010 at 5:13 pm

I guess it's time to disconnect our hospitals from electronic networks.

Reply

Stephen Russell September 29, 2010 at 8:37 pm

Cyberassisination can include pre rigged packages, wrong address, "faulty" GPS,
wrong text message, wrong email, etc can Doom one.
NO way to stop.
Very scary indeed..
Imagine changing a GPS map so target car turns OFF the road over a cliff at night, very doable.
& many other venues to use.

Reply

Hunter78 September 29, 2010 at 8:43 pm

This is a great area of US vulnerability. I can tell you corp IT depts are, defensively speaking, primarily concerned with protecting top management, and secondarily the corp, from potential prosecutions and lawsuits by setting up email and record deletion programs. These efforts are doomed, because it is really hard to kill an e-record. Protecting the corp's operations is not happening, because it is not recognized by management as a priority, and because IT has a very weak understanding of the corp's operations.

Reply

Dennis Miller September 29, 2010 at 10:54 pm

The cyber assassins were watching 'The Net'

Reply

chaos0xomega September 30, 2010 at 12:42 am

I don't understand why people don't realize that you can have a network that is not externally accessible… There is absolutely no reason I can think of why a hospital medical system that has patient information and scheduling, etc. should be linked to the internet. It provides a certain level of convenience, this is true, but I can think of plenty of reasons why it wouldn't be safe.

Likewise, a lot of our nations vital infrastructure has its control systems linked to the internet… why? Shouldn't that exist on a separate network entirely? I mean really, what could possibly be gained from connection to the internet? Is it so Joe the nuclear power plant worker can send an email to his body over at the water treatment facility? Or is it so Jake the rail traffic controller can check out some pornography in his down time?

Reply

Greg September 30, 2010 at 9:39 am

I agree that most networks don't need to be connected to the Internet, but I see no indication that the medical network in this article was hacked from the Internet. It's a fairly simple matter in most hospitals to bring a laptop on site and find an unsecured connection. My local hospital is all abuzz about the possibilities of wireless technology, ignoring the gaping holes that punches in security in favor of the convenience of not having to plug in to a cable and drag it around behind you.

Reply

@echomrg September 30, 2010 at 4:05 am

the sun news article quote about the italian assassination is a little devoid of details and difficult to check, it sounds more like something someone heard from a friend who heard it from a friend who heard it from a guy on the bus.

being from Italy i can say that nothing like this ever got to the mainstream news outlets and they usually carry a lot of details about everything regarding the mob and wouldn't have lost such a opportunity for a "juicy news". a quick search on the net still doesn't yield any result about anything remotely similar.

i doubt that the event reported ever happened.
i'm not saying that it wouldn't be possible. simply doubting the source.

M

Reply

dave September 30, 2010 at 5:45 am

Mmm, yes, I always go to the Nigerian popular press when i want to keep up to date with events in Italy.

Reply

Kevin September 30, 2010 at 8:32 am

Sounds like an inside leak – ok that was what I was told.

Reply

Mike September 30, 2010 at 9:21 am

Wow, this sounds like a credible story.

Reply

patchworkjumble September 30, 2010 at 11:37 am

A "cyber-assignation" doesn't sound so bad, really. Kinky perhaps, but not bad. (see paragraph 1 of your blog).

Michele

Reply

Brian September 30, 2010 at 12:45 pm

I call BS. First, you're citing the Sun as your source. I look at the article and I get "How to give your woman earth-shaking orgasms" at the bottom. Second, their article mentions ZERO verifiable facts. "Some time ago" and "a mob boss" that happened somewhere "in Italy"? Impossible to verify. Finally, if it did happen, and these cyber-assassins went in and covered up their tracks, HOW THE HELL DID YOU FIND OUT ABOUT IT?

Money where your mouth is, Kevin. Who is the nurse who was blamed for it? Was there a trial? When did this happen, specifically? I want a date. What was the mob boss' name? Can you answer ANY of these questions? I'm betting the answer is a big fat "no".

Reply

ceejayoz September 30, 2010 at 12:57 pm

It's not even The Sun, it's a different site that stole The Sun's logo.

Reply

Kevin September 30, 2010 at 4:26 pm

Brian

I guess by your comments you are not familiar with criminal investigations or cyber investigations for that matter. One source said "It is an ongoing and open criminal case!"

I have multiple sources!

Supporting Data
<a href="http://webcache.googleusercontent.com/search?q=cache:bIJttNNFhzsJ :www.thedailystar.net/magazine/2003/10/03/tech.htm+assassins+hacked+into+the+hospital+computer+and+changed+his+medication&cd=8&hl=en&ct=clnk&gl=us&lr=lang_ar|lang_zh-CN|lang_ru|lang_en” target=”_blank”>http://webcache.googleusercontent.com/search?q=ca…” target=”_blank”>:www.thedailystar.net/magazine/2003/10/03/tech.htm+assassins+hacked+into+the+hospital+computer+and+changed+his+medication&cd=8&hl=en&ct=clnk&gl=us&lr=lang_ar|lang_zh-CN|lang_ru|lang_en http://www.thedailystar.net/magazine/2003/10/03/t

CASE # <a href="http://3http://csc iwww.etsu.edu/gotterbarn/stdntppr/cases.htm” target=”_blank”>3http://csc <a href="http://iwww.etsu.edu/gotterbarn/stdntppr/cases.htm” target=”_blank”>iwww.etsu.edu/gotterbarn/stdntppr/cases.htm
<a href="http://webcache.googleusercontent.com/search?q=cache:jrrIM5wnG8sJ :www.squidoo.com/harm+assassins+hacked+into+the+hospital+computer+and+changed+his+medication&cd=4&hl=en&ct=clnk&gl=us&lr=lang_ar|lang_zh-CN|lang_ru|lang_en” target=”_blank”>http://webcache.googleusercontent.com/search?q=ca…” target=”_blank”>:www.squidoo.com/harm+assassins+hacked+into+the+hospital+computer+and+changed+his+medication&cd=4&hl=en&ct=clnk&gl=us&lr=lang_ar|lang_zh-CN|lang_ru|lang_en

Reply

ceejayoz October 27, 2010 at 11:22 am

It's not even the real Sun. They just stole the logo.

Reply

TIGERONE September 30, 2010 at 2:23 pm

The terrorist have been using the internet to communicate with each other for a few years. Whear do you think "electronic chatter" comes from? Furthermore, the US Army Doctor that killed US Army Troops, on the base, was researching the Taliban, Al Qaida, Islamic Radicals, via the internet, as a research project, if I remember correctly! Point is, it IS HERE!

Cyber Security is also here – to help combat it – oh, look, the US Air Force has a CYBER COMMAND TOO!

Reply

Chinese_Gordon September 30, 2010 at 5:54 pm

Brian and Patchworkjumble appear to have sorted it: The Sun, reporting on a story heisted from the Nigerian press, about mob boss in Italy, and linking back to an article promising "earth-shaking orgasms." Sounds as if the original text – "cyber assignations" – was the more accurate.

As to the other – "assassination" by cyber means: in a world where assassines have been known to use umbrella "guns" to inject their targets with lethally potent doses of radio active poisons, murder by computer hacking seems possible. In the instant case, timing it to catch the gent in hospital would have been crucial – otherwise you are looking at a method chosen out of opportunity. All this from a [sub] culture whose sense of subtlety traditionally has risen no higher than a bomb or a "lupo?"

Reply

Alfonse September 30, 2010 at 6:34 pm

Stuxnet doesn't target those systems, I believe.

Reply

Oblat September 30, 2010 at 11:52 pm

Confirmed by the Nigerian Sun. I'm sure this will turn out to be just another in the long line of made up cyber-frauds that Kevin peddles. But if you are a believer then send me your banking details so we can do lucrative business together.

Reply

crackedlenses October 1, 2010 at 9:29 am

Lay off, blight is getting it checked out. Just because you don't think it sounds reasonable doesn't mean it isn't true….

Reply

ohwilleke October 1, 2010 at 7:40 pm

I misunderstood. The hospital was in Italy. Makes more sense now.

Reply

blight October 1, 2010 at 10:48 pm

The oldest reports on the matter I could find dated to 1998 in a "student report", and it said "mobster", which no evidence of nationality. Nationality was plugged in later, which makes me all skeptical and suspicious…

Reply

Kevin October 2, 2010 at 1:39 pm

I have to disagree somewhat. The treatment equipment vendors provide wireless connection to update their systems. Many use built in cell phone technology and call the specific piece of equipment to make changes and updates.

Reply

Oblat October 4, 2010 at 9:32 am

This is the sort of made up nonsense that shows just how little Kevin knows about these areas and just extrapolates from windows on his laptop.

Having down-loadable updates to treatment machines like many critical systems is doesn't occur because even in a world with zero viruses you don't want the vendors modifying your equipment without your permission.

Reply

blight October 4, 2010 at 9:10 pm

Correct. If you have people messing around with your hardware, you are liable when a patient dies. Kind of the same reason why hardware vendors hate overclocking and Steve Job's iOS is totally locked down without a jailbreak.

Reply

@Joel_Harding October 6, 2010 at 2:02 pm

As much as I've looked I can't find any corroborating evidence of the Italy mob cyber hit. I almost wish it were true. I hope Snopes can dig to the bottom of this one.

Reply

Hestia October 12, 2010 at 3:06 pm

On the contrary, some medical systems vendors refuse to allow local patch management because they believe that this would invalidate their FDA certification. See Ram Dantu, PhD., Herman Oosterwijk, Prakash Kolan, Husain Husna, Securing medical networks, Network Security, June 2007, p. 13. Essentially, the vendors have a back door gateway to the radiology system and they go ahead and apply their patches at will. Whether this is allowed by pharmacy systems, I am not sure. But, I’ll bet that smaller hospitals do this because they don’t have sufficient staff to handle it safely themselves. I have been at 200 bed hospitals with a single part time IT administrator. No way they can handle complex updates alone.

Reply

mahdi iranpoor November 16, 2010 at 11:29 am

IN THE NAME OF GOD

Hi im iranian -im hacker in ICA -Use our rich resource centre of ICA and other publications-
you are very poor-im hacket yours web – please wait

Reply

Jacob September 30, 2010 at 2:52 am

If cyberassassins are good enough to hack into a hospital's equipment, I'd assume they can easily change the equipment's readouts to make it look like everything is normal.

Reply

Adam September 30, 2010 at 2:44 pm

Don't be so sure! most of the equipment used directly on patients is not networked yet, not to mention changing the operating code of a system (updates) and changing the data in that system (dosages, etc) are entirely different prospects! i'm sure a code-level check with some LD50 information could have averted this, but, as the blight points out, cybersecurity is everyone's last priority.. to their extreme peril.

Reply

Kevin September 30, 2010 at 6:47 pm

GREAT IDEA!!!

Reply

Leave a Comment

Previous post:

Next post: