'Nitro' : who hacked US chemical companies, and why?
Quote:
Chinese hackers tried to penetrate the computer systems of 48 chemical and military-related companies in a late summer cyber attack to steal design documents, formulas and manufacturing processes, a security firm reported Tuesday.
The attack ran from late July to mid-September and appeared to be aimed at collecting intellectual property for competitive advantage, reported Symantec, which code-named the attack Nitro, because of the chemical industry targets. Hackers went after 29 chemical companies and 19 other businesses that made advanced materials primarily used in military vehicles.
The attackers were the same Chinese group that targeted human rights organizations from late April to early May and the U.S. auto industry in late May. China and the U.S. have accused each other of industrial espionage for some time. China, which leads the world in the number of people online, is a hotbed for Internet crime, according to experts. The country has often been accused of cyber spying, which the government denies, while claiming to also be a target.
http://www.crn.com/news/security/231...LQg**.ecappj02
Quote:
Symantec said it traced the attacks back to a computer system that was a virtual private server (VPS) located in the United States.
However, the system was owned by a 20-something male located in the Hebei region in China. We internally have given him the pseudonym of Covert Grove based on a literal translation of his name. He attended a vocational school for a short period of time specializing in network security and has limited work experience, most recently maintaining multiple network domains of the vocational school.
Covert Grove claimed to have the U.S.-based VPS for the sole purpose of using the VPS to log into the QQ instant message system, a popular instant messaging system in China. By owning a VPS, he would have a static IP address. He claims this was the sole purpose of the VPS. And by having a static IP address, he could use a feature provided by QQ to restrict login access to particular IP addresses. The VPS cost was RMB200 (US$32) a month.
While possible, with an expense of RMB200 a month for such protection and the usage of a US-based VPS, the scenario seems suspicious. We were unable to recover any evidence the VPS was used by any other authorized or unauthorized users. Further, when prompted regarding hacking skills, Covert Grove immediately provided a contact that would perform ‘hacking for hire’. Whether this contact is merely an alias or a different individual has not been determined.
We are unable to determine if Covert Grove is the sole attacker or if he has a direct or only indirect role. Nor are we able to definitively determine if he is hacking these targets on behalf of another party or multiple parties.
http://www.zdnet.com/blog/security/n...companies/9754
Quote:
"The question is: Who is 'they?' " writes James Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies (CSIS), a Washington think tank, in an e-mail interview. "The Chinese government encourages economic espionage [for illicit acquisition of technology], but that does not mean it directs all economic espionage."
http://www.alaskadispatch.com/articl...mical-industry
Fusion Center priority No.1 is?
A classic, hence my emphasis and thanks for the link to The Wired article Adam G.
Quote:
Asked if the fusion center is investigating how information that was uncorroborated and was based on false assumptions got into a distributed report, spokeswoman Bond said an investigation of that sort is the responsibility of DHS and the other agencies who compiled the report. The center’s focus, she said, was on how Weiss received a copy of the report that he should never have received.
“We’re very concerned about the leak of controlled information,” Bond said. “Our internal review is looking at how did this information get passed along, confidential or controlled information, get disseminated and put into the hands of users that are not approved to receive that information. That’s number one.”
So we have an industrial malfunction at a water plant that has nothing to do with cyber warfare, an intelligence assessment circulated widely and maybe beyond it's intended recipients - an assessment that is simply wrong and missed some basic research.
A classic on many levels.
Panetta: Cyber warfare could paralyze U.S.
Quote:
(CBS News) Back in 2010, the Pentagon established cyber command to wage war and defend America's computer systems. It's a top priority for Secretary of Defense Leon Panetta. In an interview for "60 Minutes," CBS Evening News anchor Scott Pelley spoke with Panetta while he was touring the Middle East last month, flying in a command post that's rigged to conduct nuclear war if need be. The Secretary told CBS News cyber war is one of his biggest worries.
http://www.cbsnews.com/8301-18563_16...alyze-country/
Cyber search engine Shodan exposes industrial control systems to new risks
Quote:
Government and business leaders in the United States and around the world are rushing to build better defenses -- and to prepare for the coming battles in the digital universe. To succeed, they must understand one of the most complex, man-made environments on Earth: cyberspace.
Quote:
Matherly and other Shodan users quickly realized they were revealing an astonishing fact: Uncounted numbers of industrial control computers, the systems that automate such things as water plants and power grids, were linked in, and in some cases they were wide open to exploitation by even moderately talented hackers.
http://www.washingtonpost.com/invest...KCV_story.html