-  [WT]  [Home] [Manage]

[Return] [Entire Thread] [Last 50 posts] [First 100 posts]
Posting mode: Reply
Name
Email
Subject   (reply to 117249)
Message
Captcha
File
File URL
Embed   Help
Password  (for post and file deletion)
  • Supported file types are: GIF, JPG, PNG, WEBM
  • Maximum file size allowed is 5120 KB.
  • Images greater than 300x300 pixels will be thumbnailed.
  • Currently 616 unique user posts.

  • Blotter updated: 2017-02-04 Show/Hide Show All

PBE Felix and Deagle Boltface Patches On Sale Now!



File 150470279429.jpg - (73.77KB , 660x393 , hackers_1995_rollerblading_jpeg.jpg )
117249 No. 117249 ID: fbfadf
https://www.wired.com/story/hackers-gain-switch-flipping-access-to-us-power-systems/

IN AN ERA of hacker attacks on critical infrastructure, even a run-of-the-mill malware infection on an electric utility’s network is enough to raise alarm bells. But the latest collection of power grid penetrations went far deeper: Security firm Symantec is warning that a series of recent hacker attacks not only compromised energy companies in the US and Europe but also resulted in the intruders gaining hands-on access to power grid operations—enough control that they could have induced blackouts on American soil at will.
Symantec on Wednesday revealed a new campaign of attacks by a group it is calling Dragonfly 2.0, which it says targeted dozens of energy companies in the spring and summer of this year. In more than 20 cases, Symantec says the hackers successfully gained access to the target companies’ networks. And at a handful of US power firms and at least one company in Turkey—none of which Symantec will name—their forensic analysis found that the hackers obtained what they call operational access: control of the interfaces power company engineers use to send actual commands to equipment like circuit breakers, giving them the ability to stop the flow of electricity into US homes and businesses.
Expand all images
>> No. 117251 ID: 278cbe
File 150471664681.jpg - (82.99KB , 662x462 , 3c7.jpg )
117251
>>117249
>enough control that they could have induced blackouts on American soil at will
Somebody can attack US on it's soil?! Guess it's time to bomb some countries again! Myanmar seems top be pretty fitting, but there's also Venezuela and North Korea waiting in line. What a tough choice to make!

https://www.wired.com/2017/01/squirrels-may-beat-power-grid-glad-not-russia/

>NEARLY FOUR YEARS ago, Cris Thomas began documenting attacks on the US power grid. The number of incidents was eye-popping; over 1700 in all, impacting nearly five million people. The perpetrators? Squirrels. And birds. Assorted rodentia. Some industrious frogs, too.

But what if they are Russian squirrels? What if Russia parachutes those highly-trained squirrels into USA territory all these years and traitors in the government have been covering this all the time?
>> No. 117254 ID: 3e9aae
Reminds me of a great DEFCON talk from a couple years ago where these researchers found an entire French dam hooked up to the internet, unsecured.

>>117251
>russia can only ever be the victim!
>> No. 117256 ID: fbfadf
File 150474092880.jpg - (72.99KB , 634x429 , article-0-16274831000005DC-637_634x429.jpg )
117256
>>117254
>a fucking dam
Jesus H Christ! Please tell me this was some pond sized reservoir for some hamlet somewhere.
>> No. 117257 ID: 3e9aae
  >>117256
Here we go, found it. Wasn't DEFCON but another convention. I'm not gonna do "highlights include" because I want to preserve the element of surprise. But they repeatedly run across examples of a script kiddie trying the same attacks.
>> No. 117260 ID: fbfadf
>>117257
Fucking terrifying. But kekd at "It's THIS guy again!"
>> No. 117261 ID: 278cbe
>>117249
>intruders gaining hands-on access to power grid operations
Far as I know, "modern" industrial applications use straight Ethernet/RS485 connections for almost everything above simplest hardwired switches and buttons. Not only that, there are also Wi-Fi and Bluetooth and GPRS devices, albeit less popular, and a ton of more sophisticated systems. But the simplest and most stupid thing you can do to make yourself vulnerable is to connect them to Internet without some sort of firewall.

Even a nuclear plant has to be equipped with those protocols, but they are isolated on physical level. If you allow to connect the critical systems in secure network to some random internet cable, you'd probably get sentenced for criminal negligence and ruin your reputation. There's no need to lookout for mysterious hacker groups, you need to watch out for future Darwin award nominees.

>>117254
>"America only owns defensive cybernetic weapons"
>"Hackers form <country name> may be involved"
>"The intruders have stopped just before reaching our vital points"
>"They <country name> started to attack us first"
>typical cybersecurity statement of average US State Department official, circa 2010s
[Return] [Entire Thread] [Last 50 posts] [First 100 posts]


Delete post []
Password  
Report post
Reason