Tag Archives | Computer Virus

The Stuxnet Computer Virus Has Infected The International Space Station

space_stationWell, we’ve even ruined outer space. io9 writes:

The problem with creating Stuxnet, the world’s most sophisticated malware worm, is that it could eventually go rogue. Which is precisely what has happened. The virus has spread to a Russian nuclear plant — and even the International Space Station.

Stuxnet is an incredibly powerful computer worm that was created by the United States and Israel to attack Iran’s nuclear facilities. It initially spreads through Microsoft Windows and targets Siemens industrial control systems. It’s considered the first malware that both spies and subverts industrial systems. It’s even got a programmable logic controller rootkit for the automation of electromechanical processes.

Let that last point sink in for just a second. This thing, with a little bit of coaxing, can actually control the operation of machines and computers it infects.

Apparently, the virus spread to the International Space Station on an infected USB stick that was transported by Russian cosmonauts.

Read the rest
Continue Reading

The Dangers Of The Growing Malware-Industrial Complex

Via the MIT Technology Review, Tom Simonite writes:

A freshly discovered weakness in a popular piece of software, known in the trade as a “zero-day” vulnerability, can be cashed in for prices in the hundreds of thousands of dollars from defense contractors, security agencies and governments. This trade in zero-day exploits is poorly documented, but it is perhaps the most visible part of a new industry that in the years to come is likely to swallow growing portions of the U.S. national defense budget.

It became clear that this type of assault would define a new era in warfare in 2010, when security researchers discovered a piece of malicious software known as Stuxnet. Now [known] to have been a project of U.S. and Israeli intelligence, Stuxnet was carefully designed to infect multiple systems needed to access and control industrial equipment used in Iran’s nuclear program.

No U.S. government agency has gone on the record as saying that it buys zero-days.

Read the rest
Continue Reading

The Government Thinks You Should Focus On The Adversary, But Who Is The Adversary?

Meghan Kelly reports from the Black Hat security conference for VentureBeat:

After 9/11, the FBI needed to change the way it operated. It switched its focus and looked toward identifying the enemy — a change former FBI assistant executive director Shawn Henry says needs to translate to the information security world.

Henry spoke at the Black Hat security conference in Las Vegas today and explained that one of the main problems with the security industry is the lack of focus on the enemy, with most of the focus on the networks themselves. Corporations, according to Henry, only pay attention to the bullets flying by their heads, not the people shooting the bullets.

“In the FBI since 9/11, we made significant changes in our organization,” said Henry. “You’ve got to assume that the adversary is on the network. I assume there are terrorists in this country… I know there are spies in this country… they’re here, what do you do?”

Henry suggests companies start dedicating resources toward intelligence gathering.

Read the rest
Continue Reading

AC/DC Virus Unleashed On Iranian Nuclear Program

I so want this to be true, but really it does seem to be a stretch… From RT:

Iranian nuclear facilities have reportedly been attacked by a “music” virus, turning on lab PCs at night and blasting AC/DC’s “Thunderstruck.”

Mikko Hypponen, Chief Researcher at Finnish digital security firm F-secure, publicly released a letter he received from an unnamed Iranian scientist. The researcher, who claimed to work for the Atomic Energy Organization of Iran (AEOI), said that another virus has struck the Natanz uranium enrichment facility in central Iran and a secret underground research facility at Fordo, southwest of Tehran.

The letter’s author reported that the virus shut down equipment (made by Germany’s Siemens Corporation) and automated systems at both research centers.

Hypponen published the letter on his blog, but cautioned that there is no way for him to verify the accusations. He was able to confirm, however, that the letter did originate from the AEOI’s servers.

Read the rest
Continue Reading

United States And Israel Confirmed As Behind Stuxnet Virus

imagesIt’s official — Barack Obama covertly made history by engaging in cyberwarfare against Iran. New York Times breaks the news:

From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.

Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.

This account of the American and Israeli effort to undermine the Iranian nuclear program is based on interviews over the past 18 months with current and former American, European and Israeli officials involved in the program, as well as a range of outside experts. None would allow their names to be used because the effort remains highly classified, and parts of it continue to this day.

Read the rest
Continue Reading

Computer Virus Hits U.S. Drone Fleet

MQ-9 ReaperAmazing story broken by Noah Shachtman on WIRED’s Danger Room:

A computer virus has infected the cockpits of America’s Predator and Reaper drones, logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other warzones.

The virus, first detected nearly two weeks ago by the military’s Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military’s most important weapons system.

“We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection, one of three that told Danger Room about the virus.

Read the rest
Continue Reading

Pentagon To Consider Cyberattacks As Act Of War

Information Systems Technician 2nd Class Ryan Allshouse uses the intrusion detection system to monitor unclassified network activity from the automated data processing workspace aboard the aircraft carrier USS Ronald Reagan (CVN 76). IDS is part of the integrated shipboard network system and serves as an important computer network defense enabler protecting the unclassified shipboard network from cyber attack.

David E. Sanger and Elisabeth Bumiller write in the New York Times reports:

The Pentagon, trying to create a formal strategy to deter cyberattacks on the United States, plans to issue a new strategy soon declaring that a computer attack from a foreign nation can be considered an act of war that may result in a military response.

Several administration officials, in comments over the past two years, have suggested publicly that any American president could consider a variety of responses — economic sanctions, retaliatory cyberattacks or a military strike — if critical American computer systems were ever attacked.

The new military strategy, which emerged from several years of debate modeled on the 1950s effort in Washington to come up with a plan for deterring nuclear attacks, makes explicit that a cyberattack could be considered equivalent to a more traditional act of war. The Pentagon is declaring that any computer attack that threatens widespread civilian casualties — for example, by cutting off power supplies or bringing down hospitals and emergency-responder networks — could be treated as an act of aggression.

Read the rest
Continue Reading

Computer Virus Targets Iran’s Nuclear Infrastructure

Flag of IranIt was only a matter of time before governments started using viruses to attack other nations’ computers. I wonder which agency was behind this one, reported by the BBC:

One of the most sophisticated pieces of malware ever detected was probably targeting “high value” infrastructure in Iran, experts have told the BBC.

Stuxnet’s complexity suggests it could only have been written by a “nation state”, some researchers have claimed.

It is believed to be the first-known worm designed to target real-world infrastructure such as power stations, water plants and industrial units. It was first detected in June and has been intensely studied ever since.

“The fact that we see so many more infections in Iran than anywhere else in the world makes us think this threat was targeted at Iran and that there was something in Iran that was of very, very high value to whomever wrote it,” Liam O’Murchu of security firm Symantec, who has tracked the worm since it was first detected, told BBC News.

Read the rest
Continue Reading

Celebrity Most Likely To Give You A Computer Virus: Cameron Diaz

17190710Antivirus software manufacturer McAfee has indicated that Cameron Diaz is this year’s most dangerous celebrity to search for online — that is, doing a search for her name leads to more malicious, malware-laden sites than any other. Feel free to make a joke about which celebrity you were expecting to be most virus-ridden. Business Wire reports:

McAfee research found that searching for the latest Cameron Diaz pictures and downloads yields a ten percent chance of landing on a website that’s tested positive for online threats, such as spyware, adware, spam, phishing, viruses and other malware.

Fans searching for “Cameron Diaz” or “Cameron Diaz and downloads,” “Cameron Diaz and screen savers,” “Cameron Diaz and wallpaper,” “Cameron Diaz and photos” and “Cameron Diaz and videos” are at risk of running into online threats designed to steal personal information. Clicking on these risky sites and downloading files like photos, videos or screensavers exposes surfers or consumers to the risk of downloading the viruses and malware.

Read the rest
Continue Reading