Archive for the ‘– computer malaware’ Category

Computer errors that almost started nuclear wars

December 4, 2018

The argument from cyberspace for eliminating nuclear weapons  NOVEMBER 9, 2018 “…….Computer errors that almost started nuclear wars

Unclassified reports reveal that problems within the computers of nuclear command and control date back to at least the 1970s, when a deficient computer chip signalled that 200 Soviet missiles were headed towards the U.S. Computer problems have persisted: In 2010, a loose circuit card caused a U.S. launch control centre to lose contact with 50 nuclear missiles. In both cases, the accident might have been mistaken for a deliberate attack. Failing to recognize the mistake could have resulted in the U.S. launching nuclear weapons.

These cases were presumably the result of unintentional errors, not deliberate actions. But hacking and other forms of targeted cyberattacks greatly increase the risk of accidental nuclear launch or other devastating actions. Overconfidence on the part of the officials overseeing the nuclear arsenal is therefore negligent and dangerous.

A more recent compounding factor is the ongoing, roughly trillion-dollar upgrade of the U.S. nuclear arsenal started by the Obama administration. This so-called modernization effort included upgrades to the nuclear command and control system. The Trump administration continues to make this a priority.

Modernization increases the possibility that changes to the nuclear command and control system will introduce new or reveal hitherto unknown vulnerabilities into the system. The evidence from the GAO report and other publicly available documents indicates that the officials in charge will be emphasizing speed, convenience, or cost over cybersecurity.

In its conclusion, the GAO report explained that the DOD “has taken several major steps to improve weapon systems cybersecurity.” But the DOD “faces barriers that may limit its ability to achieve desired improvements,” such as constraints on information sharing and workforce shortages. That is not reassuring.

There is a more basic problem that we have emphasized above: the risks associated with cyberattacks can be ameliorated but not fully eliminated. When this intrinsic risk is integrated with the sheer destructiveness of nuclear weapons, the only way to avoid a catastrophic accident at some point in time is to embrace efforts to abolish the weapons themselves.

Cyberworm Stuxnet got into USA’s systems, too

July 20, 2012

When Stuxnet Hit the Homeland: Government Response to the Rescue abc News 29 June 12, An Iranian nuclear facility may have taken the brunt of the cyber superweapon Stuxnet believed to be built in part by the U.S., but the American government was concerned enough with its spread to a facility back home that a fast response team was deployed to deal with an infection, according to a new report from the Department of Homeland Security.
The report , released Thursday by the DHS’s Industrial Control Systems Computer Emergency Readiness Team (ICS-CERT), gives scant details on the incident, except to say that after Stuxnet was discovered on thousands of computer systems around the world in 2010, a DHS team “conducted an onsite incident response deployment to a manufacturing
facility infected with the Stuxnet malware and helped the organization identify all infected systems and eradicate the malware from their control system network.”

The worm was found on “all their engineering workstations as well as several other machines connected to the manufacturing control systems network,” the report said….

The Flame computer malaware

June 24, 2012

Flame FAQ: All you need to know about the virus By Benjamin Gottlieb

What is the Flame computer virus?

Flame is a sophisticated type of malware — short for malicious software — capable of infecting myriad computer networks for the purpose of gathering sensitive data. Once a network is infected by Flame, the virus can relay back massive amounts of information through a computer’s facilities. How does it work? (more…)

How USA and Israel devised computer worm to attack Iran’s nukes

June 4, 2012

Obama ‘gave full backing to Stuxnet attack on Iran’  1 June 2012 When George W Bush handed over the presidential reins to Barack Obama in 2008, he asked that the incoming man continue running what he regarded as two of his administration’s most promising security programs: the remotely-piloted drone war against Al Qaeda in Afghanistan – and the development of a cyberweapon nicknamed ‘the bug’, aimed at destroying Iran’s nascent nuclear capability.

Obama agreed – but we have now come to know that bug by another name: Stuxnet.

This revelation is at the heart of an apparently impeccably-sourced book due to be published in the US on 5 June. In Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power, author David Sanger alleges that Stuxnet, which eventually wrecked hundreds of uranium centrifuges in Iran in 2010, was created by cyberweapons experts at the US National Security Agency in collaboration with ‘Unit 8200′, a cyber operation of Israeli intelligence. (more…)

Computer spyware designed to prey on nuclear weapons

April 6, 2012

New malware preys on Iran nuclear weapons tension, msnbc, 13 March 12, Researchers: China-based hackers goal is to corrupt US military computers Chinese cybercriminals have crafted a sophisticated, robust malware attack that exploits growing political tension and fear over Iran’s alleged covert nuclear weapons program to infect PCs.

The goal of the hackers is to corrupt the computers of U.S. military employees, according to researchers from the security firm Bitdefender , who detected the malware.
Calling it “the perfect firebomb,” the China-borne malware embeds itself in an email with an attached Microsoft Word document titled ”Iran’s Oil and Nuclear Situation.doc.” The document, Bitdefender explained, contains an Adobe Shockwave Flash applet that attempts to get the recipients to load a fake YouTube video. While the rigged video (an .mp4 file) loads, the malware exploits an Adobe Flash flaw that sneaks an executable file into the initial Word document.
If it sounds complicated, that’s the point, Bitdefender’s Bogdan Botezatu said. ”The operation is covert: the MP4 file triggering the exploit is streamed from the Web, which means the PC will be exploited by the time an anti-virus would generally scan a file,” he wrote. “Further, the malicious file delivered inside the doc file (us.exe) has multiple
layers of obfuscation to dodge detection.”
Once the malware is implanted on a victim’s computer, it communicates with a command-and-control server in China. Carefully crafted exploits aimed at military targets are nothing new; a November congressional report outlined state-sponsored cybercrime missions   carried out by Chinese and Russian criminals against U.S. government agencies……