Free Republic

SAN FRANCISCO: Computer security experts are studying a scary new cyber weapon: a software smart bomb that may have been crafted to find and sabotage a nuclear facility in Iran. Malicious software, or malware, dubbed "Stuxnet" is able to recognise a specific facility's control network and then destroy it, according to German computer security researcher Ralph Langner. "Welcome to cyber war," Langner said in a post at his website. "This is sabotage." Langner has been analyzing Stuxnet since it was discovered in June and said the code had a technology fingerprint of the control system it was seeking and would...

The world’s first cyber ‘super weapon’ may have been designed to attack a nuclear power station in Iran, experts believe. A computer virus called Stuxnet has been described as the most sophisticated 'worm' ever created and has already infected more than 45,000 networks worldwide. A 'worm' is a type of computer virus that can reproduce by sending copies of itself to any PC that is connected to the infected machine. Now internet security experts fear that Stuxnet, which was first detected in June, is the first 'worm' specifically created to target real-world infrastructure such as power stations and water plants....

A foreign spy agency pulled off the most serious breach of Pentagon computer networks ever by inserting a flash drive into a U.S. military laptop, a top defense official said Wednesday.

Israel has long had troops dedicated to Cyber War activities, but now they are introducing a new twist to this. Israel is using the same screening and recruiting techniques they employ for commando units, to form an elite Cyber War unit. Thus the Israelis are not just seeking men (or women) with the right technical skills, but also with the mental toughness characteristic of the regular commandos. Israel wants to use this Cyber War unit to deal with the most difficult, and dangerous Cyber War situations. Thus if there's a Cyber War attack, using an unknown, and seemingly devastating new...

"Dismantling of Saudi-CIA Web site illustrates need for clearer cyberwar policies" By Ellen Nakashima Washington Post Staff Writer Friday, March 19, 2010; A01 SNIPPET: "By early 2008, top U.S. military officials had become convinced that extremists planning attacks on American forces in Iraq were making use of a Web site set up by the Saudi government and the CIA to uncover terrorist plots in the kingdom. "We knew we were going to be forced to shut this thing down," recalled one former civilian official, describing tense internal discussions in which military commanders argued that the site was putting Americans at...

The United States would lose a cyberwar if it fought one today, a former US intelligence chief has warned. Michael McConnell, a retired US Navy vice admiral who served as ex-president George W. Bush's director of national intelligence, also compared the danger of cyberwar to the nuclear threat posed by the Soviet Union during the Cold War. "If we went to war today in a cyberwar, we would lose," McConnell told a hearing Tuesday on cybersecurity held by the Senate Committee on Commerce, Science and Transportation. "We're the most vulnerable, we're the most connected, we have the most to lose....

Michael McConnell, former director of national intelligence, warns that the threat of a cyberattack rivals nuclear weapons in terms of seriousness.The risk of a catastrophic cyberattack is approaching the gravity of the nuclear risk, according to the Bush administration's top spy. "The cyber risk has become so important that, in my view, it rivals nuclear weapons in terms of seriousness," Michael McConnell, former director of national intelligence, said Tuesday at a hearing of the Senate committee on commerce, transportation, and technology. McConnell warned in striking terms that the United States was not prepared either for cyber warfare or cyber criminals....

The United States is at risk of a crippling cyber attack that could "wreak havoc" on the country because the "technological balance" makes it much easier to launch a cyber strike than defend against it, Director of National Intelligence Dennis Blair said Tuesday.

CHANGSHA, China — With a few quick keystrokes, a computer hacker who goes by the code name Majia calls up a screen displaying his latest victims. “Here’s a list of the people who’ve been infected with my Trojan horse,” he says, working from a dingy apartment on the outskirts of this city in central China. “They don’t even know what’s happened.” As he explains it, an online “trapdoor” he created just over a week ago has already lured 2,000 people from China and overseas — people who clicked on something they should not have, inadvertently spreading a virus that allows...

It's not just a defensive game; cyber-security includes attack plans too, and the U.S. has already used some of them successfully. In May 2007, President Bush authorized the National Security Agency, based at Fort Meade, Md., to launch a sophisticated attack on an enemy thousands of miles away without firing a bullet or dropping a bomb. At the request of his national intelligence director, Bush ordered an NSA cyberattack on the cellular phones and computers that insurgents in Iraq were using to plan roadside bombings. The devices allowed the fighters to coordinate their strikes and, later, post videos of the...

This week's 60 Minutes broadcast should make everyone afraid, very afraid, of the real, looming specter of cyberwarfare attacks. As I recently blogged, government agencies are already going full-bore to come up with guidelines to protect federal networks. So when an Admiral goes on national television to say hackers have the ability to take down our power grid, he's doing it to deliver a warning. I was actually poised to turn off the segment, which I happened upon by accident following Sunday's last-minute Giants loss. Half-expecting the usual security for dummies piece, I was surprised to see an unusually detailed...

SNIPPET: "After the 4 July DDoS attacks, wrongly attributed to North Korea, it’s wise to treat reports of DPRK security hacks with some caution. Nevertheless, The Korea Times reports the following: Classified Info on Dangerous Chemicals Hacked Hackers stole classified information on dangerous chemicals in their raid on the South Korean army computer network in what was believed to be an attack by North Korea, Yonhap News Agency reported Saturday, quoting government officials." SNIPPET: "The Sydney Morning Herald adds more information: A North Korea cyber warfare unit hacked into a South Korean military command earlier this year and stole some...

Security: A Senate bill lets the president "declare a cybersecurity emergency" relating to "nongovernmental" computer networks and do what's needed to respond to the threat. Didn't they just collect our e-mail addresses?We wish this was just a piece of the fictional "Dr. Strangelove" that fell to the cutting-room floor, but it's not. It is a real piece of disturbingly vague legislation sponsored by Sens. Jay Rockefeller, D-W.Va., Bill Nelson, D-Fla., and Olympia Snowe, R-Maine. Senate Bill 773 would grant the administration emergency powers (where have we heard that before?) in the event of a cyberemergency that the president would have...

Hackers are becoming more organised as a new pool of talent coming from eastern European countries – Russia in particular – becomes available, writes CIARA O’BRIEN A number of attacks involving Russian hackers has hit the headlines in recent weeks. The most recent was the charging of Albert Gonzalez, a former US government informant who has already been jailed in connection with hacking cases. He is accused of stealing 130 million credit and debit card numbers. Two unnamed Russian co-conspirators were also charged in relation to the theft, said to the biggest case of identity theft seen yet. Mr Harbison,...

Perhaps the most nebulous area of national security is cyber defense. What constitutes an act of cyber war? What organization should take the lead when cyber events occur and it is unclear who is behind them? Between criminals, “hacktivists,” terrorists or rogue nation states, you really do not know when these events are unfolding so you cannot determine if it is a federal law enforcement issue or an issue for the Department of Homeland Security (DHS) or is it a Military (DoD) issue. For months and, in some cases years, many people and organizations involved in cyber defense and security...

WASHINGTON -- Russian hackers hijacked American identities and U.S. software tools and used them in an attack on Georgian government Web sites during the war between Russia and Georgia last year, according to new research to be released Monday by a nonprofit U.S. group. In addition to refashioning common Microsoft Corp. software into a cyber-weapon, hackers collaborated on popular U.S.-based social-networking sites, including Twitter and Facebook Inc., to coordinate attacks on Georgian sites, the U.S. Cyber Consequences Unit found. While the cyberattacks on Georgia were examined shortly after the events last year, these U.S. connections weren't previously known. "U.S. corporations...

Profile of a real cyberwar Beware the mayhem of malware on the march By Aaron Mannes and James Hendler | Wednesday, August 5, 2009 The denial-of-service (DoS) attacks that started on July 4 garnered typical headlines about cyberwar, but in fact, from a technical standpoint, those "attacks" may be the opposite of real cyberwar. A much less noticed report in Israel's leading daily, Ha'aretz, on Israel's operations against Iran's nuclear program may give greater insight into how cyberwar actually will work. It is no secret that several countries, including the United States, China, Russia and Israel, have examined cyberwar capabilities....

South Korea's state intelligence organization said Friday it has discovered that a wave of cyber attacks carried out earlier this week into key government and private websites in South Korea and the United States was launched from computers in 16 countries, Yonhap News Agency reported. The National Intelligence Service made the report to a closed-door meeting with members of a parliamentary intelligence committee, Yonhap quoted committee members as saying. North Korea was not among the 16 countries, which include South Korea, the United States, Japan, and Guatemala, Yonhap said. The cyber attacks have been traced to 86 Internet Protocol addresses...

North Korea is suspected of launching a cyber attack that paralysed the websites of South Korean and United States government agencies, banks and businesses, the first such large-scale attack attempted by the isolated communist state.

In the late 1990s, a computer specialist from Israel's Shin Bet internal security service hacked into the mainframe of the Pi Glilot fuel depot north of Tel Aviv. It was meant to be a routine test of safeguards at the strategic site. But it also tipped off the Israelis to the potential such hi-tech infiltrations offered for real sabotage. "Once inside the Pi Glilot system, we suddenly realised that, aside from accessing secret data, we could also set off deliberate explosions, just by programming a re-route of the pipelines," said a veteran of the Shin Bet drill. So began a...