Ramblings of an old Doc

 

 

Last week, McAfee reported attacks on our energy companies of a sophisticated nature.

They originated in China, however it could not be determined whether they came from a governmental, corporate or criminal entity.

Security researchers at McAfee have sounded an alarm for what is described as “coordinated covert and targeted cyberattacks” against global oil, energy, and petrochemical companies.
McAfee said the attacks began November 2009 and combined several techniques — social engineering, spear phishing and vulnerability exploits — to load custom RATs (remote administration tools) on hijacked machines.

As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal.

In the case of spear phishing, however, the apparent source of the e-mail is likely to be an individual within the recipient's own company and generally someone in a position of authority.

According to an article in the New York Times, spear phishing attempts are not typically initiated by "random hackers" but are more likely to be conducted by "sophisticated groups out for financial gain, trade secrets or military information."

This is a very brief summary of the (nineteen page) McAfee White Paper found HERE:

"1. Company extranet web servers compromised through SQL-injection techniques, allowing remote command execution.  
2. Commonly available hacker tools are uploaded on compromised web servers, allowing attackers to pivot into the company’s intranet and giving them access to sensitive desktops and servers internally.
3. Using password cracking and pass-the-hash tools, attackers gain additional usernames and passwords, allowing them to obtain further authenticated access to sensitive internal desktops and servers."

Initially using the company’s compromised web servers as command and control (C&C) servers, the attackers discovered that they needed only to disable Microsoft Internet Explorer (IE) proxy settings to allow direct communication from infected machines to the Internet.
Using the RAT malware, they proceeded to connect to other machines (targeting executives) and extracting email archives and other sensitive documents.

Source:  http://tinyurl.com/2v67fy7


Comments (Page 2)
5 Pages1 2 3 4  Last
on Feb 13, 2011

These attacks began in 2007

No, 2009.

Why are people worried about this connecting to an internet off switch?

Not worried. Explaining.

It's all oil company related

No, it goes further, and it's implications far more.

The internet itself is robust.

The Internet's most serious vulnerability is due to the way it works, Khardis. You will be able to read more about that later today.

on Feb 14, 2011

The Internet's most serious vulnerability is due to the way it works, Khardis. You will be able to read more about that later today.

So we have noted.  Great article, although this one I had already read about.  Industrial espionage.  China is bursting at the seems, and it cannot keep up fast enough economically.  So it has to steal what it does not have (instead of buying or inventing it).

That is the consensus I take away from this and similar episodes occurring in other industries (in my organization, we know of Chinese infiltrations very well).

on Feb 14, 2011

So we have noted. Great article, although this one I had already read about. Industrial espionage. China is bursting at the seems, and it cannot keep up fast enough economically. So it has to steal what it does not have (instead of buying or inventing it).
I think you mean technologically.The Chinese economy is huge, and getting huger. And while they are currently behind the US in most technological areas, with all the cash they're pouring into new universities and research centers, I doubt that they'll stay there.

on Feb 14, 2011

Well, now that the Republicans are back in control in Congress and looking to cut back on almost everything you can bet China will have no problem with catching up and soon after passing us right on by. They always manage to cut off their nose to spite their face.

BTW - In reading the white paper MacAffee wrote it sounds more like spam than anything else in that it seems to be pushing all the different applications they have for combating Night Dragon. Lets see ... if I were a conspiracy theorist I'd say MacAffee created Night Dragon, hacked into the global energy net and is now playing the hero. Now that is really stretching it, right?

on Feb 14, 2011

Why are these important infrastructure systems even connected to the WEB. These people need to get off their ass and go to work like everyone else. They should watch the latest Battlestar Galactica where there are no inter connected systems at all but no, lets wait until everything falls apart before we do something as usual.

on Feb 14, 2011

I'm assuming they were stupid enough to put their "intra"net on the same servers that manage, for instance, the company web site.

on Feb 14, 2011

It is very easy to have 1 office managing the web server or even most companies outsource that stuff.

It is a combination of sheer stupidity and absolute laziness that you cant walk from one machine to another when you want to check your damn face book page or surf porn while you are at work.

Maybe it is that they want to outsource all there data entry people to India and other countries making the WEB connection a must. In that case it deserves to have a back door operation in place that the enemy can flick a switch 5 years from now when the war begins.

on Feb 15, 2011

Scoutdog

I think you mean technologically.The Chinese economy is huge, and getting huger. And while they are currently behind the US in most technological areas, with all the cash they're pouring into new universities and research centers, I doubt that they'll stay there.

No, their economy will fail with out it.  yes, they need technology, but that is just to drive the economy.  They have to keep up the breakneck speed of growth in their economy or risk revolution.  That is what killed the USSR.  When you give people the taste of the good life, it is hard to put them back in mud huts.

on Feb 15, 2011

No, their economy will fail with out it. yes, they need technology, but that is just to drive the economy. They have to keep up the breakneck speed of growth in their economy or risk revolution. That is what killed the USSR. When you give people the taste of the good life, it is hard to put them back in mud huts.
You're going off sideways, but I think you're saying kind of the same thing I am. Technological and economic growth feed into each other, of course, and China has been expanding economically at an incredible rate without much technological growth, especially when you consider the ungodly mess the cultural revolution created just a few decades ago. That will soon change. But I don't think they want to wait for homegrown R&D to get up to speed, which is why the powers that be over there seem not to care too much about industrial espionage going on.

on Feb 15, 2011

the powers that be over there seem not to care too much about industrial espionage going on.

Quite the opposite. They encourage it by doing nothing to suppress it and reap the 'benefits' on the side. It eases my fears somewhat that their system is basically corrupt.

What bothers me so much is that on the average person level there is little or no security awareness and that permeates the systems developed. Security is the IT guy's job. It also bothers me that the hackers are state and crime supported.

on Feb 15, 2011

Quite the opposite. They encourage it by doing nothing to suppress it and reap the 'benefits' on the side. It eases my fears somewhat that their system is basically corrupt.
By "not caring" I meant doing nothing. It's obvious that they are tacitly encouraging it. They might even be buying the end products themselves.

Or, of course, it's possible that China's lack of cooperation is just China being paranoid, and they are in fact furiously hunting the hackers down internally. But It's also possible that Dr. Guy is really a group of seventeen Russian pastry chefs who post by committee.

on Feb 15, 2011

The Chinese have several advantages over the west when it comes to geo-political contests/stresses/conflicts.

1) They are a tad more homogeneous - meaning racial/ethic issues consume a smaller percentage of their efforts... Right or wrong, the Chinese insist that ALL their people ALL buy into the prevailing cultural mores.  They have no illusions, multi-culturalism does not a strong nation state make. If you are going to live in China, don't expect to demand bi-lingual schools, or religious courts just for your group. And don't even think you will force your religious laws on everyone else if you just agitate enough ...  The Chinese government has a simple understanding about living in China.  If you emigrate there, you become Chinese, you are expected to (and 'encouraged') to embrace core Chinese values.   Immigrate there, and you are expected to become Chinese, not remain whatever you were before you arrive.

Many western European nations are being strangled politically / socially because they have significant immigrated populations now living there who have no (little) interest in embracing the core values of western civilization.  Sadly, (for purposes of having a strong nation state) many of these immigrant communities actually despise Core Western values.  No unity, more energy spent on in-fighting, etc.

2) Sheer volume, 1/5 humans on the planet are Chinese...consider, that in one year China graduates more engineering students than exist in the entire USA.   Eventually, this will, by sheer numbers of engineers (or whatever/sales/marketing/etc) earn them a masterful advantage.

3) The west (or usa) operates very short term.  Corporations, (the entities through which the ultra rich and powerful upper crust of the USA, operate, and control society) generally make decisions based on short term considerations:  what ever move will increase this years stock dividend is what gets done.  Humans (employees) are now peasants to be thrown away for very small causes.

4) The USA, in some ways, doesn't seem very concerned about leaving our secret technology in places where it is easily accessed.   The Chinese just flew their first stealth plane.  Where did the tech come from, since they are (supposedly) several generations behind in aviation tech?  From a downed US stealth plane, in the former Yugoslavia area.  Chinese 'procurers' merely went and scavenged the parts from that plane.  Why didn't the US go pick up the sensitive parts of the wreckage?  USA?  There is no "I" in US, it wasn't my job... lol.

5) Unlike the West, the Chinese have a long view, and long term plans to implement their societal goals.  They can plot a course, and implement it,  no matter what.  Western democracies, with ever changing government figures tend to view things in the short term... getting re-elected.

Now, please do not misunderstand me.  I am a daughter of the West, and I embrace the core values of Western Civilization, liberalism, individualism, etc.  I also recognize that the genius of western values that i embrace has both pluses and minuses when it comes to making a strong nation.  And right now, those values, when playing out in the geo-political world stage are weakening western nations while a more unified giant, (uber-panda China) is taking center stage.

And they are clever enough to continue to present themselves as a non-threatening, cuddly panda...

But make no mistake, self-interest seems to be a universal human motivation.  And they will do what is best for themselves, no matter the cost to others.  We do, too.

 

 

 

 

 

 

on Feb 15, 2011

I've thought about a lot of the same things. I've considered spending some time in China just before/during/after college. It's a fascinating place. I wouldn't live there for any significant portion of my life the way it is now- too many restrictions on free speech and information- but if that was reformed (as I suspect it will be in my lifetime, probably yours too) I'd consider it a viable place to settle down and start a career. The cultural homogeneity is interesting because while people are expected to be "Chinese", a lot of people I know from there say that the big question in society is "What is Chinese?", as some parts of China are very, very Westernized. I for one think that Western civilization has some great ideas, culturally, but so do the great Asian civilizations. By combining the best attributes of both, I think we could create something truly wonderful.

on Feb 15, 2011

The Han Chinese make up 91.9% of China's population. The Han people dominate all of China culturally and politically.

China's 55 recognized minority groups total about 8% of the nation's population. Major ethnic groups in China are:

Zhuang
Uigur
Hui
Yi
Tibetan
Miao
Manchu
Mongol
Buyi
Korean

on Feb 16, 2011

Scoutdog

You're going off sideways, but I think you're saying kind of the same thing I am. Technological and economic growth feed into each other, of course, and China has been expanding economically at an incredible rate without much technological growth, especially when you consider the ungodly mess the cultural revolution created just a few decades ago. That will soon change. But I don't think they want to wait for homegrown R&D to get up to speed, which is why the powers that be over there seem not to care too much about industrial espionage going on.

I see that we probably are, just that I am accenting the economic, and you the Technology.  But it is hard to separate the 2 in this day and age.  I guess my degree in econ is trumping my experience in technology.

5 Pages1 2 3 4  Last