Tag Archives: Osama bin Laden

Stuxnet Mutants All Over The Web

The application security management firm, Idappcom, say they detected 52 new pieces of malicious software last month that are designed in a similar way as the feared Stuxnet worm. Stuxnet have been caracterized as the worlds first cyber weapon, aimed at critical public  facilities like power plants and water supply systems.

“There are lots of other countries which realise that you can do this, and gain access to systems which are running critical infrastructure. We will see copycats, maybe modified versions of Stuxnet, copies of which aren’t hard to find at all.”

Mikko Hypponen


According to Mikko Hypponen, chief security researcher at F-Secure, there has been a revolution in malware with Stuxnet. At the same time security management firm, Idappcom, reports 52 new threats targeted at supervisory control and data acquisition systems – Scada- the sort hit by the infamous Stuxnet worm.

Scada systems are found in a variety of industrial plants ranging from water and waste treatment to food and pharmaceuticals and even nuclear power plants.

“We quickly realised this was too much of a significant blip to be an anomaly. It may be an indicator towards a worrying trend.”

“Our records go back to 2004 and I’ve never recorded any sort of significant blip on the radar in an area like this previously.” says Tony Haywood, chief technology officer at Idappcom.

“We quickly realised this was too much of a significant blip to be an anomaly. It may be an indicator towards a worrying trend,” Haywood says.

Some of the xploits found are causing DOS (Denial Of Service), bringing systems to halt.

Scada systems are often at greater risk because they are connected to legacy operating systems such as Windows 95 for which there are no service packs or automatic updates.

Day by day, its getting harder to secure the SCADA systems.

“The worst case scenario is that Al-Qaeda or another organisation could gain access to this type of knowledge and information, and make use of it to launch attacks on critical infrastructure.”

“The worst case scenario is that Al-Qaeda or another organisation could gain access to this type of knowledge and information, and make use of it to launch attacks on critical infrastructure – like blow up nuclear power plants or do something to our food chain,” Mikko Hypponen says.

Discovered at the middle of last year, Stuxnet has become a major puzzle for those involved in computer security, but more than that, also among those interested in international espionage.

“There will be copies of Stuxnet, from the same source and elsewhere.”

Mikko Hypponen

“I think Stuxnet is a new phenomenon, the first example of its kind, and will be something we will look back at in years to come,” says Hypponen, whose information security experience spans many years and who was involved in classified briefings regarding the new threat.

“There will be copies of Stuxnet, from the same source and elsewhere,” he predicts.

Stuxnet is a Windows worm that is propagated on USB sticks and over private networks, but with one very unique feature – it doesn’t replicate over the Internet.

Malware that we generally see on computers is generally designed to spread as far as possible, as cyber criminals aren’t too worried about what it will infect.

But Stuxnet is different, because it wants to reach environments that are disconnected from the Internet on purpose, like the nuclear programme in Iran.

But that’s not to say that it won’t infect your Windows PC.

Hypponen points: “It infects any Windows PC that you put an infected USB stick in. But when it infects a PC it does nothing. It will only replicate on any other USB stick you put into it.”

This means that Stuxnet is a worm that can go around the world silently, doing nothing to the systems it infects, waiting for a precise moment to strike. And it will strike, but only if it reaches a Windows PC that has a specific type of program installed.

“It’s called Step 7, made by Siemens and which is used to program Programmable Logic Control (PLC) devices,” the researcher explains.

“These boxes control factories, pumps, general purpose systems. These are running their own operating system, which isn’t Windows as it isn’t reliable enough.”

“It’s trying to find a specific environment with a specific configuration of high frequency power converters made by two different manufacturers.”

But the PLC boxes need to be programmed by a Windows computer before they are sent over to a factory or wherever they need to go.

If a USB stick has transferred Stuxnet to one of these computers, this is the point where Stuxnet will start to make its move, if it finds itself on a system that has a specific type of PLC box connected.

“It will reprogram the PLC, so that any changes are hidden. And it will wait, hoping that somebody disconnects the PLC from the Windows computer and takes it to a factory.”

If that should happen, Stuxnet will still do nothing, apart from check what kind of factory the PLC box is supposed to be controlling.

“It’s trying to find a specific environment with a specific configuration of high frequency power converters made by two different manufacturers. When it finds the right kind, then it knows it’s in the right environment.”

The right environment is Iran’s nuclear enrichment facility.

Nuclear centrifuges are being cleaned by the high frequency power converters, which Stuxnet now has the capability to control.

“But even then it does nothing,” Hypponen continues. “It records the normal everyday traffic for two or three days.”

And then like a heist movie where a criminal fiddles with a security camera so a guard sees a film from yesterday rather than what’s happening in the present, Stuxnet floods back the traffic it recorded to the factory’s monitoring system.

Anyone monitoring will see normal operation, but operation from the past.

“Then it starts changing the spinning speed, which ends up breaking the centrifuges or ends up creating lousy uranium.”

The intelligence and technological sophistication of Stuxnet has led experts to believe it was the creation of a multi-million pound operation with state involvement.

There are also claims it was the creation of a joint effort between Israel and the US, a theory Hypponen believes to be true.

But the expert also thinks that it could be a major wake-up call to interested parties, which could be a problem for developed western nations in the future.

“When people think about these extremists, they don’t think about them having these types of technology skills. They typically think of unintelligent Talibans riding camels in the desert. That’s a dangerous misconception.”

“There are lots of other countries which realise that you can do this, and gain access to systems which are running critical infrastructure. We will see copycats, maybe modified versions of Stuxnet, copies of which aren’t hard to find at all,” he says.

Which led us to Hypponen’s first comment over worst case scenarios if jihadists ever find a way of attacking Western nations with modified Stuxnet technology, now available easily through a search of the web.

He said, “When people think about these extremists, they don’t think about them having these types of technology skills. They typically think of unintelligent Talibans riding camels in the desert. That’s a dangerous misconception.”

Hypponen show The INQUIRER a copy of “Inspire”, a lifestyle publication written in English that is best described as a jihadist magazine aimed at new recruits.

Among the news articles, poems, songs, Osama Bin Laden speeches and right alongside a section on making bomb making equipment, there is a section on how to do public key encryption.

It describes an open source PGP-like encryption system coded and developed by extremists.

“These guys write pretty good magazines in English and code their own tools. They could easily get Stuxnet itself – it’s far from trivial to modify, but it’s easier to modify than write something from scratch. But I think I’m more worried about the idea of getting copied by other parties.”

Hypponen concludes the interview with the following last thought:

“When George W Bush signed a cyber attack agreement in 2008 against the Iran nuclear program, I do believe the outcome of that signature was Stuxnet.”

Related by the Econotwist’s:

11 Comments

Filed under International Econnomic Politics, Laws and Regulations, Technology

WikiLeaks: The Diversion of A Decade?

There’s a lot serious stuff going on in the world at the moment. But somehow the center of attention is a young man who has managed to piss of some politicians and generals by publishing documents that proves what most people already know – or at least suspected. The WikiLeaks founder Julian Assange is now subject to the most intense manhunt by international authorities since Osama bin-Laden for having sex without a condom. The fact that a stack of reports have been issued, warning about further deterioration of the global economy, currency wars, political instability and exploding social unrest, seems to be mostly overlooked. Am I the only one to  think it’s a little peculiar?

“The WikiLeaks saga is trying its best to offer distraction, but the crisis in the euro zone remains impossible to ignore.”

Robin Bew


It’s been a strange, almost surreal, weekend. Personally I’ve been fighting off a couple of attempts to hack into my computer system, and never in the 15 years I’ve been online have I ran into so many error messages when trying to load pages on the internet. What makes it even more strange is that the WikiLeaks frenzy is happening at the same time as EU and NATO is conducting its first ever cyber war exercise, the US launch a massive operation to seize close to hundred file-sharing web sites and thousands of hackers all over the world gathered at an event organized by Google, Microsoft, NASA and the World Bank.

And all this have been planned long time ahead. The latest release of documents from WikiLeaks was also notified months in advance.

So was the scheduled release of several economic forecasts for 2011 last week. However, these have more or less been drowned in the avalanche of more or less (un)important Wiki-stories filling up both mainstream and alternative medias.

So, I think it’s time to get the focus back where it belongs; on the developments of our global economy, as the Eurogroup meet for another crisis meeting this Monday and Bloomberg reports that the euro’s worst is yet to come.

“The WikiLeaks saga is trying its best to offer distraction, but the crisis in the euro zone remains impossible to ignore. With fears of contagion increasing, our ViewsWire service examines scenarios under which countries might exit the single currency,” chief economist Robin Bew at The Economist Intelligence Unit writes in an email to subscribers. Adding: “We think the euro will ultimately survive, but significant political and economic hurdles will have to be overcome, with Portugal now likely to follow Ireland and Greece in requesting emergency EU/IMF funding.”

Last week EIU released a bunch of reports, based on separate analysis on each topic.

You have to look very hard to find something positive to hold on to. In fact, I can’t remember having read anything like this from The Economist in a very long time.

This is the headlines:

The EIU label the three first predictions with “High Probability,”  the next three as “Moderate Probability” and the two last are seen as “Low Probability”.

As I’ve been pointing out since the financial crisis became visible to most people, we are in fact dealing with a three-part crisis; the financial, the environmental and the social.

There three problems are connected, they interact with each other, feeds on each other, making each other stronger – and it’s impossible to solve one without solving the others.

Robin Bew writes:

“The UN climate summit under way in Cancún, Mexico is highly unlikely to produce a global accord on emissions cuts, though modest gains, such as on forest protection, remain possible.”

Well, the possibility of rescuing a few trees is not gonna make much difference.

As for the social (poverty) crisis, Economist Intelligence Unit concludes:

“The risk is that instability becomes systemic, with political crises in certain countries affecting others through contagion or through the actions of populist new regimes seeking to assert themselves. Potential widespread disruption poses a considerable downside risk to the Economist Intelligence Unit’s global economic forecasts.”

That’s right. Sovereign debt problems isn’t the only thing that is contagious.

The Economist Intelligence Unit‘s baseline global forecast assumes some increase in social and political unrest, but with serious fallout largely avoided. If economic circumstances were to worsen again, however, there is a danger though that incidents of unrest turn into far more intense and long-lasting events: armed rebellions, military coups, civil conflicts and perhaps even wars between states. In such circumstances, a repetition of the pressures that transformed global politics in the 1930s, though a far-removed worst-case scenario, could not be dismissed.”

In other words: If the economy gets worse, we may face a World War II scenario.

Now, take a look at the top three scenarios again…

First: Sovereign debt

“There are considerable concerns about the sustainability of public debt positions in a number of countries. Heavily indebted sovereigns – including developed economies, notably in the euro zone – could struggle to raise private financing even at higher interest rates, and some could default.”

“The US and the UK also face drastically increased fiscal deficits. They could moderate their debt burdens through inflation and devaluation but this risks undermining their bond markets, and the resultant spike in bond yields could force an acceleration of fiscal tightening, with highly negative implications for economic recovery.”

“Emerging-market defaults would create some ructions more widely, but as developed-country sovereign bonds have traditionally been considered risk-free, developed-country defaults in particular would wreak havoc on investor psychology. Banks would face write-downs on their government debt portfolios, and financial-sector guarantees by governments that default would be exposed as worthless.”

(Forecast: High probability, high impact, risk level 16)

Second: New Asset Bubble

“A flood of cheap money from stimulus measures, in particular carry trades drawing on record-low interest rates in the US, prompted a strong rally in a range of assets in the second half of 2009 and in 2010, particularly emerging-market stocks and bonds, but also in risky asset classes such as equities, high-yield bonds and commodities more broadly.”

“New bubbles could continue to grow for a considerable period of time, potentially several years, during which they will help to boost growth in the economies concerned. But they would burst suddenly, and still-fragile risk appetite could be a factor in this – a decline in risk tolerance could see investors pull their money out of emerging-market assets. Indeed, the rally in asset markets has been subject to periodic reversals in 2010 as concerns about the outlook for the global economy have re-emerged.”

“New asset bubbles may be vulnerable to painful corrections as central banks in emerging markets tighten monetary policy, fiscal stimulus is withdrawn, and the weak foundations of recovery become apparent. The resultant dislocations, including a shock to banks and a renewed rise in risk aversion, would reinforce and deepen a new economic slowdown.”

(Forecast: High probability, high impact, risk level 16)

Third: Currency Manipulation

“Tensions are rising over attempts by some countries to weaken their currencies, and the US and China remain at odds over the value of the renminbi. A global “currency war” would raise the danger of protectionist responses.”

“Tensions over exchange-rates have risen in recent months. The US Congress has been holding hearings on China’s exchange-rate policy, with a view to potential legislation to punish China for what the US regards as a mercantilist strategy of keeping the renminbi artificially low. A growing cohort of other countries are also worried about the strength of their currencies, including Brazil, Switzerland, Japan and South Korea. Market interventions by policymakers in some countries to weaken their currencies prompted Brazil’s finance minister, Guido Mantega, to warn of an “international currency war”.”

“Given the closely integrated nature of the global economy, governments will find it difficult to close off many aspects of trade, even if they want to. But trade disputes are likely to increase as populist policies clash with countries’ international obligations.”

(Forecast: High probability, high impact, risk level 16)

All eight summaries are uploaded on Scribd.

By the way – here’s the latest WikiLeaks stories:

WikiLeaks founder Julian Assange arrested in UK (BBC)

Feds block workers from WikiLeaks (CNET.com)

MasterCard pulls plug on WikiLeaks payments (CNET.com)

Swiss Bank Closes WikiLeaks Founder’s Bank Accounts (RadioFreeEurope)

WikiLeaks‘ Swedish servers come under attack again (The Herald Tribue)

Barack Omama Is More Dangerous Than WikiLeaks (American Enterprise Institute for Public Policy Research)

WikiLeaks Releases List of “Vital” US Facilities (Slate.com)

Google refuses to disclose whether they’d allow users to repost Wikileaks‘ State Department cables (The Atlantic)

Related by The Swapper:

3 Comments

Filed under International Econnomic Politics, National Economic Politics, Philosophy, Technology

Julian Assange: Journalist, Activist or Informant?

The Wikileaks.org is back in focus after another massive publications of classified documents, and  series of TV performances by the website‘s founder and editor in chief, Julian Assange. He promotes his business as “scientific journalism.” The former criminal computer-hacker encourage whistle-blowers and other informants to leak secrets to the public website in the name of freedom of speech, and the principles of a free press.

“My greatest fear is that we will be too successful too fast and won’t be able to do justice to the material.”

Julian Assange

Julian Assange

When I was a kid, we were taught that  squealing on friends and neighbors was wrong. It was a very important lesson Norwegians learned under the German occupation during World War II when many peoples, and several resistance groups, lives depended on it.

Back in the late 90’s, the director of the Norwegian Broadcasting Corporation, (and my boss at the time), Einar Førde refused to run a governmental TV commercial that promoted the police’s “tip-off-phone” for drug crimes.

Mr, Førde’s argument was that encouraging people to squeal on each other, anonymously, could have more negative effects than benefits.

I believe he made a wise decision.

Einar Førde died in 2004, but left behind a big bundle of wisdom. Some it expressed in – now famous – quotes, like;

“The society isn’t exactly characterized by common sense.”

That’s why the critics of Wikileak may have point; some things might not be suitable for publishing.

The Age of The Whistle-blower

Julian Assange, said yesterday that the organization is working through a “backlog” of further secret material and was expecting a “substantial increase in submissions” from whistle-blowers after one of the biggest leaks in US military history.

Speaking in London after his website published more than 92,000 classified military logs relating to the war in Afghanistan, Assange said that he hoped for an “age of the whistle-blower” in which more people would come forward with information they believed should be published.

Assange said that the site, which currently operates with a small dedicated team but has a network of about 800 volunteers, had a “backlog” of more material which only “just scratched the surface”.

While he would not be drawn into commenting on the nature of the material, he said that the organization held “several million files” that “concern every country in the world with a population over 1 million”.

He said the site had undergone a “publishing haitus” since December during a period of re-engineering.

Assange suggested a clear step-up of operations and said that there were difficulties in changing from a small to large organisation while ensuring it would still be able to work in a secure way.

“My greatest fear is that we will be too successful too fast and won’t be able to do justice to the material,” he said.

Contagious

He also said that from past experience the organization was expecting more material to add to the backlog.

He told the audience that after the site leaked details of one incident that killed 51 people in Afghanistan, “we received substantial increase in submissions”.

“Courage is contagious,” he added. “Sources are encouraged by the opportunities they see in front of them.”

He then added that a further 15,000 potentially sensitive reports had been excluded from today’s leak and were being were being reviewed further. Some of this material would be released once it was deemed safe to do so, he said, adding  that the majority of this material was threat reports and that it included more than 50 embassy cables.

Assange’s plans will cause concern in government agencies, which argue that the site’s leaks are “irresponsible” and pose a threat to military operations in Afghanistan and elsewhere.

Assange, however, said that the site have applied “harm minimization” procedures before publishing material.

I guess they wouldn’t have established a “harm minimization procedure” if they didn’t think it would be needed.

Detained In Kuwait

If the “harm minimization procedures” will help 22 year old US Army Specialist, Bradley Manning, doesn’t Assange say anything about.

The US soldier was arrested last month after the release of a classified video showing a 2007 helicopter attack that killed a dozen people in Baghdad, including two Reuters news staff.

According to Wired Magazine is may also be Manning who have leaked the recent published documents on Afghanistan.

WikiLeaks released 90,000 classified documents about the war in Afghanistan, Sunday, and again the website ran on overload, as US officials fired massive accusation attack on the site for putting the nations security in danger.

Monday, the mysterious Julian Assange, who usually is almost as easy to get hold off as Osama bin-Laden, appeared on the Larry King Show on CNN, talking about the Afghanistan files:

Convicted Criminal

Julian Assange was once a physics and mathematics student, that turned into on of the worlds most famous computer  hackers.

In the early 90’s he was convicted of attacks on the US intelligence, and publishing a magazine which inspired crimes against the Commonwealth.

Wikileaks was founded in 2006. Julian Assange now sits on its nine-member advisory board, and have become a prominent media spokesman on its behalf.

This is how he’s being characterized:

“One of the most intriguing people in the world”

“Internet’s freedom fighter”

“Extremely cynical”

“Assange is serving our democracy and serving our rule of law precisely by challenging the secrecy regulations, which are not laws in most cases, in this country.”

Wikileak have won a bunch of media awards, among others, the 2009 Amnesty International Media Award (New Media) and the 2008 Economist Index on Censorship Award.

Assange brags about that Wikileaks has released more classified documents than the rest of the world press combined, saying:

“That’s not something I say as a way of saying how successful we are – rather, that shows you the parlous state of the rest of the media. How is it that a team of five people has managed to release to the public more suppressed information, at that level, than the rest of the world press combined? It’s disgraceful.”

It’s certainly true that the financial press failed in front of the financial crises, and its true that the traditional medias more or less have abandon their role as news providers.

But Mr. Assange and Wikileaks are still walking on a thin line.

*

Enhanced by Zemanta

4 Comments

Filed under International Econnomic Politics, National Economic Politics