Tag Archives: Iran

Kaspersky: “Humanity Not Ready To Deal With The Dangers of Cyber Weapons”

During a debate at the DLD 2013 conference last week, the two internet gurus, Eugene Kaspersky (Kaspersky Labs)  and Mikko Hypponen (F-Secure) made some rather disturbing comments on the development of cyber weapons.   Kaspersky has said that the new cyber weapons may be “cleaner” than traditional weapons but they are “much worse”. Hypponen added that what set cyber-weapons apart from traditional weapons was the fact that anyone could get their hands on one of these weapons, unlike a nuclear bomb, missiles or tanks which only armies would have access to. Both experts believe the situation is critical.

“We are not ready to limit their functionality, we cannot consume less IT, like oxygen or water.”

Eugene Kaspersky

YNNK3NH8NCDS

kaspersky

At the DLD 2013 conference, Kaspersky warned that humanity is not ready to deal with the dangers of cyber weapons and is still very vulnerable. He believes that it’s just a matter of time before a serious incident happens. And, what may be even worse, anyone can get their hands on them. Kaspersky also put forward the idea limited access to certain technologies, because we simply cannot control them, He and the situation to the tragic stories of the Zeppelin and the Concorde, two technologies which were discontinued because of inherent dangers in their original constructions.

 

images (1)According to Mikko Hypponen are we at the moment in the “first stages of a cyber-arms race,” and we are beginning to see many other countries trying to “jump on the same bandwagon” as the US and Israel, who were behind the original cyber-weapon – Stuxnet. Adding that like the nuclear scientists in a similar way lost their innocence in 1945 with the bombing of Hiroshima and Nagasaki, computer scientists lost their innocence in 2009 when Stuxnet infected a Siemens PLC device in the Natanz nuclear enrichment facility in Iran.

Both Kaspersky and Hypponen agree that the next major military engagement will involve a major cyber element, and while the battle won’t be completely online, it will be a major aspect of the war.

“I think we’ve only seen the very beginning of these problems,” Hypponen says.

Weapons of Mass Destruction – Download here!

“Attribution is one of the biggest challenges in this area – and one of the strengths for governments as they can launch a cyber-weapon]and then deny it. The difficultly of attribution is that it is very easy to leave false flags, or false leads,” according to the head of F-Secure, Mikko Hypponen. Adding that what set cyber-weapons apart from traditional weapons was the fact that anyone could get their hands on one of these weapons, unlike a nuclear bomb, missiles or tanks which only armies would have access to.

The conference in Munich took place just one week after the Kaspersky Labs announced the discovery of Red October, a highly complex piece of malware which was used by the owners to spy on embassies, diplomats, scientific organisations and other government organisations for five years without being detected.

It is unclear who is behind this attack.

Kaspersky says that in his opinion there are three possible creators  of the Red October software:

Spying Is Not War!

images (2)The first possibility is a nation-state, though the fact the malware was written in Russian didn’t automatically mean Russia was behind the attack, Kaspersky underlined.

The second possibility would be a hacktivist group like Anonymous, who could use the sensitive data stolen to advance their operations around the globe.

Finally, Kaspersky pointed to the most scary alternative –  that criminals could be behind the attack, selling the classified data to anyone from fellow criminals to governments looking for information on a neighbouring state.

Hypponen, however, do not consider this to be an act of cyber-warfare.

“Spying is not war, espionage is not warfare. The fact we have a lot of online espionage – such as Red October – is not warfare, it’s spying. Cyber]warfare is targeting critical infrastructure, because our infrastructure is run by computers,” he says.

Tech to Hack!

0Leon Panetta, the US defence secretary said back in October that the US faced the threat of a “cyber Pearl Harbour” and was increasingly vulnerable to foreign computer hackers who could attack the nation’s power grid, transportation system, and government.

And Kaspersky believes that we are nowhere near ready to deal with the dangers that are out there. “We are very, very vulnerable.  I agree with Leon Panetta, it is just a matter of time when we have the next very serious incident.”

The Russian internet pioneer, who also have proposed digital passports for entering the web, now talks about limiting access to certain technologies. At the moment, there are a number of certain digital technologies that should be walked away from due to their danger, he says.

The idea was rejected by the majority of the security expert at te conference, including Kaspersky himself, arguing that it would be difficult to do so, or to limit the function of certain digital technology.

“Are we ready for that? Can we survive without new digital technologies? I recognise the situation as critical. We are not ready to limit their functionality, we cannot consume less IT, like oxygen or water.”

A Stage of War Is Set!

imagesHypponen says that we now are in the “first stages of a cyber-arms race” and we are beginning to see many other countries trying to “jump on the same bandwagon” as the US and Israel, who were behind the original cyber-weapon – Stuxnet.

Hypponen told the audience in Munich that in a similar way to nuclear scientists losing their innocence in 1945 with the bombing of Hiroshima and Nagasaki, computer scientists lost their innocence in 2009 when Stuxnet infected a Siemens PLC device in the Natanz nuclear enrichment facility in Iran.

Both Kaspersky and Hypponen agree that the next major military engagement will involve a major cyber element, and while the battle won’t be completely online, it will be a major aspect of the war.

(Source: International Business Times)

Related by the econoTwist’s:

.

All Human Rights Reserved (h) 2013

4 Comments

Filed under International Econnomic Politics, Laws and Regulations, Technology

The Stuxnet – Visualized

A video blogger named Hungry Beast is behind this fascinating visualisation of the dangerous computer virusStuxnet – know to be the first cyber weapon ever to be constructed by mankind. You’ll hopefully understand why I’m focusing on what’s going on online at the moment…

Pandora’s box has been opened; on the new battlefield the aggressors are anonymous, the shots are fired without starting wars and the foot soldiers can pull their triggers without leaving their desks.

In June last year, a computer virus called Stuxnet was discovered lurking in the data banks of power plants, traffic control systems and factories around the world. Hungry Beast introduce the video:

Pandora’s box has been opened; on the new battlefield the aggressors are anonymous, the shots are fired without starting wars and the foot soldiers can pull their triggers without leaving their desks.

Last week the United States government announced they would retaliate to a cyber-attack with conventional force. The threat is real, and the age in which a computer bug could cost lives has begun.

Comments Off on The Stuxnet – Visualized

Filed under International Econnomic Politics, Technology

Stuxnet Mutants All Over The Web

The application security management firm, Idappcom, say they detected 52 new pieces of malicious software last month that are designed in a similar way as the feared Stuxnet worm. Stuxnet have been caracterized as the worlds first cyber weapon, aimed at critical public  facilities like power plants and water supply systems.

“There are lots of other countries which realise that you can do this, and gain access to systems which are running critical infrastructure. We will see copycats, maybe modified versions of Stuxnet, copies of which aren’t hard to find at all.”

Mikko Hypponen


According to Mikko Hypponen, chief security researcher at F-Secure, there has been a revolution in malware with Stuxnet. At the same time security management firm, Idappcom, reports 52 new threats targeted at supervisory control and data acquisition systems – Scada- the sort hit by the infamous Stuxnet worm.

Scada systems are found in a variety of industrial plants ranging from water and waste treatment to food and pharmaceuticals and even nuclear power plants.

“We quickly realised this was too much of a significant blip to be an anomaly. It may be an indicator towards a worrying trend.”

“Our records go back to 2004 and I’ve never recorded any sort of significant blip on the radar in an area like this previously.” says Tony Haywood, chief technology officer at Idappcom.

“We quickly realised this was too much of a significant blip to be an anomaly. It may be an indicator towards a worrying trend,” Haywood says.

Some of the xploits found are causing DOS (Denial Of Service), bringing systems to halt.

Scada systems are often at greater risk because they are connected to legacy operating systems such as Windows 95 for which there are no service packs or automatic updates.

Day by day, its getting harder to secure the SCADA systems.

“The worst case scenario is that Al-Qaeda or another organisation could gain access to this type of knowledge and information, and make use of it to launch attacks on critical infrastructure.”

“The worst case scenario is that Al-Qaeda or another organisation could gain access to this type of knowledge and information, and make use of it to launch attacks on critical infrastructure – like blow up nuclear power plants or do something to our food chain,” Mikko Hypponen says.

Discovered at the middle of last year, Stuxnet has become a major puzzle for those involved in computer security, but more than that, also among those interested in international espionage.

“There will be copies of Stuxnet, from the same source and elsewhere.”

Mikko Hypponen

“I think Stuxnet is a new phenomenon, the first example of its kind, and will be something we will look back at in years to come,” says Hypponen, whose information security experience spans many years and who was involved in classified briefings regarding the new threat.

“There will be copies of Stuxnet, from the same source and elsewhere,” he predicts.

Stuxnet is a Windows worm that is propagated on USB sticks and over private networks, but with one very unique feature – it doesn’t replicate over the Internet.

Malware that we generally see on computers is generally designed to spread as far as possible, as cyber criminals aren’t too worried about what it will infect.

But Stuxnet is different, because it wants to reach environments that are disconnected from the Internet on purpose, like the nuclear programme in Iran.

But that’s not to say that it won’t infect your Windows PC.

Hypponen points: “It infects any Windows PC that you put an infected USB stick in. But when it infects a PC it does nothing. It will only replicate on any other USB stick you put into it.”

This means that Stuxnet is a worm that can go around the world silently, doing nothing to the systems it infects, waiting for a precise moment to strike. And it will strike, but only if it reaches a Windows PC that has a specific type of program installed.

“It’s called Step 7, made by Siemens and which is used to program Programmable Logic Control (PLC) devices,” the researcher explains.

“These boxes control factories, pumps, general purpose systems. These are running their own operating system, which isn’t Windows as it isn’t reliable enough.”

“It’s trying to find a specific environment with a specific configuration of high frequency power converters made by two different manufacturers.”

But the PLC boxes need to be programmed by a Windows computer before they are sent over to a factory or wherever they need to go.

If a USB stick has transferred Stuxnet to one of these computers, this is the point where Stuxnet will start to make its move, if it finds itself on a system that has a specific type of PLC box connected.

“It will reprogram the PLC, so that any changes are hidden. And it will wait, hoping that somebody disconnects the PLC from the Windows computer and takes it to a factory.”

If that should happen, Stuxnet will still do nothing, apart from check what kind of factory the PLC box is supposed to be controlling.

“It’s trying to find a specific environment with a specific configuration of high frequency power converters made by two different manufacturers. When it finds the right kind, then it knows it’s in the right environment.”

The right environment is Iran’s nuclear enrichment facility.

Nuclear centrifuges are being cleaned by the high frequency power converters, which Stuxnet now has the capability to control.

“But even then it does nothing,” Hypponen continues. “It records the normal everyday traffic for two or three days.”

And then like a heist movie where a criminal fiddles with a security camera so a guard sees a film from yesterday rather than what’s happening in the present, Stuxnet floods back the traffic it recorded to the factory’s monitoring system.

Anyone monitoring will see normal operation, but operation from the past.

“Then it starts changing the spinning speed, which ends up breaking the centrifuges or ends up creating lousy uranium.”

The intelligence and technological sophistication of Stuxnet has led experts to believe it was the creation of a multi-million pound operation with state involvement.

There are also claims it was the creation of a joint effort between Israel and the US, a theory Hypponen believes to be true.

But the expert also thinks that it could be a major wake-up call to interested parties, which could be a problem for developed western nations in the future.

“When people think about these extremists, they don’t think about them having these types of technology skills. They typically think of unintelligent Talibans riding camels in the desert. That’s a dangerous misconception.”

“There are lots of other countries which realise that you can do this, and gain access to systems which are running critical infrastructure. We will see copycats, maybe modified versions of Stuxnet, copies of which aren’t hard to find at all,” he says.

Which led us to Hypponen’s first comment over worst case scenarios if jihadists ever find a way of attacking Western nations with modified Stuxnet technology, now available easily through a search of the web.

He said, “When people think about these extremists, they don’t think about them having these types of technology skills. They typically think of unintelligent Talibans riding camels in the desert. That’s a dangerous misconception.”

Hypponen show The INQUIRER a copy of “Inspire”, a lifestyle publication written in English that is best described as a jihadist magazine aimed at new recruits.

Among the news articles, poems, songs, Osama Bin Laden speeches and right alongside a section on making bomb making equipment, there is a section on how to do public key encryption.

It describes an open source PGP-like encryption system coded and developed by extremists.

“These guys write pretty good magazines in English and code their own tools. They could easily get Stuxnet itself – it’s far from trivial to modify, but it’s easier to modify than write something from scratch. But I think I’m more worried about the idea of getting copied by other parties.”

Hypponen concludes the interview with the following last thought:

“When George W Bush signed a cyber attack agreement in 2008 against the Iran nuclear program, I do believe the outcome of that signature was Stuxnet.”

Related by the Econotwist’s:

11 Comments

Filed under International Econnomic Politics, Laws and Regulations, Technology