topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 1:58 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: The worm as a 'cyber missile'  (Read 3420 times)

Fred Nerd

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 278
    • View Profile
    • Donate to Member
The worm as a 'cyber missile'
« on: December 01, 2010, 05:02 AM »
This is absolutely crazy technology,

http://www.foxnews.c...s-nuclear-ambitions/

This sounds like fun. Imagine being able to write code like that....

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: The worm as a 'cyber missile'
« Reply #1 on: December 01, 2010, 05:28 AM »
What's absolutely crazy is that systems controlling important infrastructure is
1) buggy as hell.
2) insecure.
3) CONNECTED TO THE INTERNET.

Most of the .us power grid could probably be taken offline because of SCADA insecurity - I'm amazed it hasn't happened yet.
- carpe noctem

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: The worm as a 'cyber missile'
« Reply #2 on: December 01, 2010, 05:39 AM »
Very cool!

Reads like a segment out of John Brunner's 1975 sci-fi classic The Shockwave Rider which I believe was the first time the notion of a cyber "worm" was put forth.

Interesting article. And a good read. But since it comes from Fox, I wonder how much of the story they got right - and how much of it they got wrong.

Their record for accuracy when reporting on computer and web tech isn't too stellar. And their political agenda tends to color their coverage.


Eóin

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,401
    • View Profile
    • Donate to Member
Re: The worm as a 'cyber missile'
« Reply #3 on: December 01, 2010, 05:48 AM »
f0dder, in the stuxnet case the control systems weren't connected to the internet, the worm got onto them through infected USB sticks. That's also crazy too I know.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: The worm as a 'cyber missile'
« Reply #4 on: December 01, 2010, 05:49 AM »
What's absolutely crazy is that systems controlling important infrastructure is
1) buggy as hell.
2) insecure.
3) CONNECTED TO THE INTERNET.

re: #3

Who says they have to be connected? In 2008, the US took a major hit to one of it's secure military networks courtesy of a USB flash drive. Foreign Affairs had an article on it here:

In 2008, the U.S. Department of Defense suffered a significant compromise of its classified military computer networks. It began when an infected flash drive was inserted into a U.S. military laptop at a base in the Middle East. The flash drive's malicious computer code, placed there by a foreign intelligence agency, uploaded itself onto a network run by the U.S. Central Command. That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control. It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary.

 8)

-----
Addendum: Oops! Looks like Eóin beat me to it.  ;D

« Last Edit: December 01, 2010, 05:50 AM by 40hz »

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: The worm as a 'cyber missile'
« Reply #5 on: December 01, 2010, 05:59 AM »
Even if a system isn't internet-facing, I view it as (indirectly) connected to the internet if it's available through the LAN, VPN connections, whatever. Really critical systems shouldn't be IP-exposed to anything that is, however indirectly, connected to the internet.

If you don't want to haul your ass to a dedicated control interface, you could have a machine that can access the control network and is reachable from other machines on the network - but without exposing the control interface directly. Let this machine be available through - AND ONLY THROUGH - (a secure version of) remote desktop. Yes, a dedicated hacker can still access the control network this way, but at least you won't be able to scan the control network directly once a machine has been compromised.
- carpe noctem