The Threats Are Real - Even Orwell Would Be Impressed

10. August 2011 by Frank Goad.

I’m a pretty positive guy and you’ll find me making opportunities out of problems, lemonade from lemons, and so on. There is one thing that has me troubled, though: Computer security. We are under attack from more threats than ever, both from inside and outside of our country. There have been many discussions and articles about a Cyber Pearl Harbor. As fast as “white hat” computer programmers stop a threat, “black hats” come up with myriad variations. As they say, the good guys have to be right every time, but the bad guys need be right only once.

If you’ve been watching the news, perhaps you saw the reports about the “Shady RAT” virus that infected many machines. There is strong evidence that it came from China, and some evidence that points to the Chinese government itself. They deny it, as you would expect, but there is no doubt that it came from there. This isn’t about scams and phishing against we average citizens, but against our national systems that handle military and government operations, our phones, utilities, banks and other concerns that, if successful, would cause a widespread calamity that could affect millions.

For instance, this headline (and link) says a lot:  (Reuters) - A congresswoman on Wednesday requested more information on security company McAfee’s report detailing a five-year hacking campaign that breached 72 organizations globally. These folks have first-rate help, yet the hackers penetrated their systems and left malware that quietly collected data for years.

It would be nice to say that we could point to one source, but that’s a fool’s dream. For instance, in the former Soviet Union, hacking a company within the country is a horrible crime, but hacking a US concern of any type gets a shoulder shrug from the government. There is a town in Romania that has the reputation of having the most hackers anywhere in the world: Dirty deeds done cheap. To top it off, there are but two detectives assigned to the task of arresting known cybercriminals. Wired magazine’s article about it is informative if not a bit chilling: How a Remote Town in Romania Has Become Cybercrime Central

The known threats are one thing, but there are unknown ones that are more dire. For instance, the military has millions of dollars of contracts out for computer systems. These contracts go to companies in a variety of countries. For your average flat screen TV, no big deal. When the components are being made for a top-level military system, big deal - a very, very big deal because the computer chips that go in might be part of the control system for missle launches, or a secured orbiting communication system. 

Malicious computer code can but put into the chips used in the systems which makes the threat practically invisible until it’s called on, and then it does its dirty deed. There literally is no good way to check every chip in these systems for every possible threat. The military is wringing its hands over this.

Just as it can happen to the military, it can happen in the utilities, to your car, just about anywhere. Siemens makes the majority of systems that control nuclear power plants. The Stuxnet virus that made headlines last year was targeted at those systems and is credited with bringing down Iranian centrifuges used to make weapons grade nuclear materials - a very targeted attack. The US was blamed, and we quickly denied, as one would expect. Also suspected are “green guerrilas” whose mission it is to rid the world of any nuclear threat anywhere. Just as it was done to them, it could also be done to us.

The point of this article is to remind you to do all the right things when it comes to computer security: Back up your data; run virus scans weekly (or more often); keep your operating system patched (a major defense which many ignore); don’t click on anything you’re not 100% sure about. For all the high-level mayhem out there, the run-of-the-mill hacker who wants your email address rides the coat tails of the truly brilliant and malevolent computer hackers. When the geniuses learn something, they toss a scrap of old yet still sophisticated tech to the common rabble, who in turn now have a new way to steal your identity, torch your credit or simply fill your in-box with Viagra or get-rich-quick spam. The cost to restore your data is infinitely more expensive than the routine safeguards you can easily take. So, is your anti-virus up to date? Fire wall working? …

Posted in computer security, virus, malware, threats, computer, cyber security, Frank Communications, Frank Goad, FrankyGee3, damage | Print | No Comments »