Ramblings of an old Doc

 

 

Last week, McAfee reported attacks on our energy companies of a sophisticated nature.

They originated in China, however it could not be determined whether they came from a governmental, corporate or criminal entity.

Security researchers at McAfee have sounded an alarm for what is described as “coordinated covert and targeted cyberattacks” against global oil, energy, and petrochemical companies.
McAfee said the attacks began November 2009 and combined several techniques — social engineering, spear phishing and vulnerability exploits — to load custom RATs (remote administration tools) on hijacked machines.

As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal.

In the case of spear phishing, however, the apparent source of the e-mail is likely to be an individual within the recipient's own company and generally someone in a position of authority.

According to an article in the New York Times, spear phishing attempts are not typically initiated by "random hackers" but are more likely to be conducted by "sophisticated groups out for financial gain, trade secrets or military information."

This is a very brief summary of the (nineteen page) McAfee White Paper found HERE:

"1. Company extranet web servers compromised through SQL-injection techniques, allowing remote command execution.  
2. Commonly available hacker tools are uploaded on compromised web servers, allowing attackers to pivot into the company’s intranet and giving them access to sensitive desktops and servers internally.
3. Using password cracking and pass-the-hash tools, attackers gain additional usernames and passwords, allowing them to obtain further authenticated access to sensitive internal desktops and servers."

Initially using the company’s compromised web servers as command and control (C&C) servers, the attackers discovered that they needed only to disable Microsoft Internet Explorer (IE) proxy settings to allow direct communication from infected machines to the Internet.
Using the RAT malware, they proceeded to connect to other machines (targeting executives) and extracting email archives and other sensitive documents.

Source:  http://tinyurl.com/2v67fy7


Comments (Page 3)
5 Pages1 2 3 4 5 
on Feb 17, 2011

“Night Dragon” An Attack on our Energy Infrastructure"

 

You know, I looked under my bed and I didn't see a single Chinese godless commie there. This could be because of their personal stealth armor which renders them invisible. Or it could be due to the fact I am unable to see what isn't there.

 

Personally, from my own experience on this forum, I worry more about shoddy internet advice from "helpers" with an agenda, than I worry about the phantom Chinese menace. But I could be wrong, according to this impeccable evidence:

 

International Chinese Communist Conspiracy

 

http://www.youtube.com/watch?v=TGv2wqJJmbc

on Feb 17, 2011

 

Canada hit by cyber-attack from China computers:

 

Trump speaks about china. Finally someone does

on Feb 17, 2011

Agree with you, MyFist0.

The "P"RC is not an ally, and behaves on one level lie a civilized, non aggressive country when in truth it seeks primacy through any means. Interestingly, the Canadian response was immediate cut off of the attacked entities from the internet (the 'off switch').

Sorry, scratchthepitch. China is too large to be under your bed, and isn't wearing invisible armor (not to my eyes).

There is no question that we need either a fool proof defensive system (unfortunately there are more fools than 'proofs'), or a way to trigger immediate isolation of the target and the attacker.

Personally? I wish there were a way to mark the attacker digitally such that he/she/they could never access the net anonymously again, and to find out who is sponsoring them and fully ostracize that government/corporation, etc. and it's leader, and seize it's assets (fruit of illicit activity).

on Feb 17, 2011

Oh ty  .

Thought I might get a bit of a lashing for that post.

Mephistopheles

on Feb 17, 2011

China's obviously just trying to advance its own interests, often through underhanded means, but then again, so is the US. In fact, pretty much every developed or developing country is. China's just doing it better than most.

on Feb 17, 2011

DrJBHL
The "P"RC is not an ally, and behaves on one level lie a civilized, non aggressive country when in truth it seeks primacy through any means. Interestingly, the Canadian response was immediate cut off of the attacked entities from the internet (the 'off switch').

Scoutdog
China's obviously just trying to advance its own interests, often through underhanded means, but then again, so is the US. In fact, pretty much every developed or developing country is. China's just doing it better than most.

Here is a good place to bring up the maxim of international politics.  Both the Doc and Scout touched on it, but did not say it outright.

Countries do not have friends.  They have commonality of interests.  So the goals and allegiances change over time.  We were not always friends with England (indeed, before the 20th century they were our worst enemy), nor France always our antagonist.  China has a commonality of interest, but many differences.  So some can see them (or mis-perceive them) as a "friend", but they are not. When we start looking at countries as "friends" we run the risk of being betrayed. When we understand that they have their own goals that do not totally mesh with ours, we are forewarned.

on Feb 17, 2011

I'll agree solidly with Dr Guy on this.

on Feb 17, 2011

Yeah, I would tend to agree too.

Best regards,
Steven.

on Feb 17, 2011

The larger the country is, the more they are incline to betray their "friends". People with power tend to be bullies ...

on Feb 17, 2011

Countries do not have friends. They have commonality of interests. So the goals and allegiances change over time. We were not always friends with England (indeed, before the 20th century they were our worst enemy), nor France always our antagonist. China has a commonality of interest, but many differences. So some can see them (or mis-perceive them) as a "friend", but they are not. When we start looking at countries as "friends" we run the risk of being betrayed. When we understand that they have their own goals that do not totally mesh with ours, we are forewarned.
I would agree, with a qualifier. The aims of America are not always in the best interests of its people.

on Feb 17, 2011

tazgecko
The larger the country is, the more they are incline to betray their "friends". People with power tend to be bullies ...

For many of the IR folks, the theoretical talk is roughly comparing nations to individual people (albeit fundamentally selfish people). I wish the analogy had more real-world impact, at least if the bullying theory talk I read this week is accurate. It seems possible that the top-of-the-pops kids let go of the bullying that helped get them to the top.

I would agree, with a qualifier. The aims of America are not always in the best interests of its people.

I would agree, except for the reification error. There is no singular 'America' to blame for actions or claim for values ("best interests"). We're a messy democratic republic made of 50 smaller democratic republics that are in continuous conflict over how much authority our central government should have.

Alright, maybe I'd agree a little more than that, at least when I put on my Fight the Oligarchy hat and wonder just how much anti-democratic collusion there might really be amongst the top 2% of U.S. wealth-holders...

on Feb 17, 2011

I would agree, except for the reification error. There is no singular 'America' to blame for actions or claim for values ("best interests"). We're a messy democratic republic made of 50 smaller democratic republics that are in continuous conflict over how much authority our central government should have.

Alright, maybe I'd agree a little more than that, at least when I put on my Fight the Oligarchy hat and wonder just how much anti-democratic collusion there might really be amongst the top 2% of U.S. wealth-holders...

I've kind of developed a specified "jargon" in that area:

  • America: the federal government and all of its policies. Although there are many discrete actors within "America", the majority-rules "democratic" process ensures that there is one overarching code of laws and actions that (in theory) allows me to think of it as more of a single entity with many different personalities. This works reasonably well for the foreign-policy issues I focus on, but not as well for domestic or economic policies- for those, it's better to think of America as a bunch of little entities like you seem to.
  • The American people: anyone within the territorial bounds of the United States, whether they be citizens, legal residents, or illegal residents.
  • Americans: actual US citizens who follow what I would loosely describe as "American culture" (which I have a hard time really defining, as I only just started an intro soc class this semester).
on Feb 17, 2011

Ladies and gentleman, do you know Chinese? Now is probably a good time to learn. Get a jump on your fellow citizens for the future. It's coming. You don't want to be caught mono-lingual when the crunch comes. Chinese speakers will get the cush jobs and contracts. A good place to start on your path to a better life in the future:

 

http://www.chinaledu.com/?gclid=CIql5tnhkKcCFRxqgwodRTT9cQ

 

Meanwhile, those souls who still fret the night away worrying about the Chiacoms under the bed, there is a solution. It's quite painless, too. Attach small pictures of Milton Friedman and Leo Strauss to the skirts on your bed:

 

No Chiacom would ever be brave enough to cross such a threshold. And to be doubly safe, attach small pictures of Milton Friedman and Leo Strauss to your bed canopy:

 

 

It might even be worthwhile to remove the mirror over the bed and replace that with a life size image of Milton Friedman or Leo Strauss

 

BTW, there is another way to prevent Chiacoms hiding under your bed, if you are one of the few truly brave souls. Get a waterbed. The pedestal takes up so much room under the bed, there is no room for a Chiacom to hide. Even one of the smaller, genetically modified or specially bred Chiacom infiltrators would not have enough room to hide. You would see his or her feet sticking out, a tell tale sign your underbed has been compromised.

 

And one further piece of advice. Get rid of those Chiapets you still have laying around. These are one of the favorite hiding places of of Chiacoms. And play your country music at all times and very loud. This frightens away Chiacoms more than even the images of Milton Friedman and Leo Strauss does.

 

Remember the old Boy Scout motto:

 

Be prepared.

 

on Feb 17, 2011

scratchthepitch
...Be prepared.

Oi, amigo...

on Feb 17, 2011

DrJBHL
Major ethnic groups in China are:

Zhuang
Uigur
Hui
Yi
Tibetan
Miao
Manchu
Mongol
Buyi
Korean

If I'm not mistaken, Doc, isn't a growing part of China religiously Christian? I know I read an article somewhere a while back about the rapidly growing number of Christians in China.

5 Pages1 2 3 4 5