CYBER WAR-FARE: FROM STUXNET TO FLAME

[jakaswanga]

CSMonitor.com. FLAMES BUSTED BY RUSSIAN SOFTWARE FIRM

CSMonitor.com reports:

{quote} "[i]The new supervirus, which Kaspersky discovered and named "Flame," is one of the most complex items of malicious software ever conceived – many times more sophisticated than the notorious Stuxnet worm – and could well be a purposeful "cyberweapon" directed against Iran, the firm said in a statement late yesterday.

Flame is "actively being used as a cyberweapon attacking entities in several countries," Kaspersky said in a statement. It is "one of the most advanced and complete attack-toolkits ever discovered.… The complexity and functionality of the newly discovered malicious program exceed those of all other cyber menaces known to date."
{quote}

It takes so much resources to produce this kind of sophisticated malware, that only States do afford them now. Luckily a few whizz individuals working in a cellar can bust them. But is is a sign of the times.

Of course one knows these things are going on in the background. But is is a pandora's box now opened. Public utility services --Electrical controls, Water systems, Airport control software, Transport [for countries which have high-speed rail networks] are now fair game in cyber attacks.

A nuclear power station gone rogue! that is what happened in Iran when cylinders centrifuged erroneously at will, until the worm stuxnet was unearthed. The Russians seem to have specialized in counter viral forensic programming.

I am curious as to how the cyber defence of Kenya looks like!

[Luol Deng]

All it took was a trainee programmer to bring down all government websites last year.....

[roughrider]

Jun 3, 2012 14:54:19 GMT 3 jakaswanga said:

I am curious as to how the cyber defence of Kenya looks like!

Quit while you are ahead - there is no such defence system.

[OtishOtish]

We have more urgent problems, e.g. whether yellow maize from America will arrive before next year's inevitable famine.

[jakaswanga]

Jun 4, 2012 23:37:04 GMT 3 OtishOtish said:

We have more urgent problems, e.g. whether yellow maize from America will arrive before next year's inevitable famine.

So that nuclear reactor kina Ayacko are working on is not coming anytime soon to a hill near my village? I been having nightmares, dreaming some evil muzungu could hijack the centrifuges, burst them by super rotation and spew radio-active stuff around my shamba!

I want guarantees some whizzkid at JKUAT is on top of this flame thing!

[jakaswanga]

Jun 4, 2012 11:43:10 GMT 3 @roughrider said:

Jun 3, 2012 14:54:19 GMT 3 jakaswanga said:

I am curious as to how the cyber defence of Kenya looks like!

Quit while you are ahead - there is no such defence system.

RR! not even in the elementary sense? I mean we can not really all be that pre-historic! Ai!

[Luol Deng]

The Kenya police website was also hacked last year. Their password happened to be "password"

[nereah]

Israel identifies cyberspace as key battlefield

www.smh.com.au/it-pro/government-it/israel-identifies-cyberspace-as-key-battlefield-20120608-2008t.html

[jakaswanga]

@PanARMENIAN.Net
Iran-targeting Flame super-virus creators send "suicide" code

June 9, 2012 - 18:15 AMT

PanARMENIAN.Net - The creators of the Flame malware have sent a "suicide" command that removes it from some infected computers, BBC News reported.

Security firm Symantec caught the command using booby-trapped computers set up to watch Flame's actions.

Flame came to light after the UN's telecoms body asked for help with identifying a virus found stealing data from many PCs in the Middle East.

New analysis of Flame reveals how sophisticated the program is and gives hints about who created it.

Like many other security firms Symantec has kept an eye on Flame using so-called "honeypot" computers that report what happens when they are infected with a malicious program.

Described as a very sophisticated cyber-attack, Flame targeted countries such as Iran and Israel and sought to steal large amounts of sensitive data.

Earlier this week Symantec noticed that some Flame command and control (C&C) computers sent an urgent command to the infected PCs they were overseeing.

Flame's creators do not have access to all their C&C computers as security firms have won control of some of them.

The "suicide" command was "designed to completely remove Flame from the compromised computer", said Symantec.
@panarmenian.Net

[roughrider]

Jun 6, 2012 18:57:07 GMT 3 jakaswanga said:

Jun 4, 2012 11:43:10 GMT 3 @roughrider said:

Quit while you are ahead - there is no such defence system.

RR! not even in the elementary sense? I mean we can not really all be that pre-historic! Ai!

Maybe what we have is a top secret. There was an anglo-leasing project for a secretive command centre. But Kamale knows more, after all he poses as a businessman but really works for the NSIS.

[nereah]

living in an increasingly naked world where we consume and increasingly depend on the it developed by the west throws us back into the ancient age servitude.your have no privacy of your own so long as you are using a communication gadget. could be thats what kony one step ahead.


maybe under african union,maybe africa can build a cyber defense force?

[jakaswanga]

Jun 6, 2012 20:49:04 GMT 3 Luol Deng said:

The Kenya police website was also hacked last year. Their password happened to be "password"

Plausible! I wish they had tipped the IEBC BVR-operators most of whom had complex passwords like Kenyavote which they duely forgot. Anyway, that is another story. Today we do Olympic Games in computer war fare.

en.wikipedia.org/wiki/Stuxnet
When, under George Walker Bush Jr., Condoleezza Rice, Dick Cheney and possibly Donald Rumsfeld, the political decision was made go all out for Project Olympic Games, I doubt the phrase Pandora's box meant anything to them. Yet that is what they were doing. Opening the box of Pandora. Of computer warfare an chiefly Inter-state cyber terrorism.
news.techworld.com/security/3361521/stuxnet-part-of-us-olympic-games-cyber-weapons-programme/
Together with Israel, the two states assembled the best of the best, in an operation highly reminiscent of the Fort Alamos nuclear-brains Trust, under the great Oppenheimer, which yielded us the Great Bomb. I still read with trepidation, the long-winded letter of one, Albert Einstein, to Franklin D., the president then of the USA, who imagined he had found the perfect weapon, both to deter and, in the event, annihilate the enemy forever.

But that was a delusion of grandeur of men, of a political system under illusions, that it had monopoly in brain power, solely capable of producing the arsons of hell, so to intimidate and dominate others forever. Alas, Georgian Iosif Stalin would soon explode his own crude, and the Soviet Union achieve strategic parity in MAD.

The race was on, O Boy! gook Mao of China wanted his toy too, so did coolie Jawarlal Nehru. And what India has, Pakistan too must. So Mushroom clouds became the fashion, and really to date, late comers like moon-faced Kim of North Korea and the Beards of Tehran, working hard to join the Nuclear club, are just a curios. From here I conclude the protestations of the already nucleared nations are but the tired barks of old dogs, sick with jealousy as puppies mate prematurely, demystifying a presumed holy deed the reserve of adults.
Good.
So it is, I am afraid, with these industrial hijacking and sabotage malware, such as stuxnet was/is. And flame too.

The USA in concert with Israel launched the first such attack on the Iranian Nuclear facilities situated at Busher and Natanz, incapacitating the centrifuges and giving the reactors a head-spin. Every neutral legal scholar has agreed this was an act of war. The primeur cyber nuclear attack. If another country had tried that on the USA itself ---seeking to capture her air-defense system for instance, the American reaction would have been earth-shattering. Declaration of war.

NB: Un intentional or not, stuxnet spread to Indonesia [that is thinking of going nuclear] and from there to China, some of whose plants use the German Siemens software and custom designed centrifuges, which specifically were the target of stuxnet. Bottom line: the USA had effectively launched the first cyber attack on China's industrial base. A pivotal moment in history as we shall soon see.

---Yes, when you are the top dog, you can get away with impunity. And so the USA, on the surface of things, got away with it. All the way. In Iran, Indonesia, China, and the rest of the minions who dare not cough back. But was it just a Pyrrhic victory for the USA meanwhile? since the whole world now awakened, and mobilised for their own Olympic games? Effectively a Pandora's-box situation.

When it comes to the brain-power of software design, or malware authorship, the world seems fairly balanced. Most serious countries now have a cyber-lab plotting Armageddon, that is computer software Armageddon. Everybody their Olympic Games project. ---Apart from Kenya that is which, caught pants down by a certain bug, couldn't successfully tally her BVR generated data during the recent elections.

Mid February 2013, the big news was a not too secret Chinese military controlled hacking unit centered in a down-town Shanghai building block. Fearing to attack USA military interests because of perceived American superiority in retaliatory options, this unit has been specialising in industrial espionage. Stealing the secrets of commercial companies and financial institutions. Asymmetric warfare as in the doctrines of Chairman Mao when outgunned by the enemy.
This is probably how the Chinese knew long ago, that the LIBOR [London interbank offered rate] was fixed, and all leading western banks were running a loan scam on the world. So the Chinese decided to correct it, by instituting some policies at home. Policies which in the West have been called 'manipulating the value of the yuan, the Chinese currency, to the detriment of western exporters. --We saw Obama and Romney during their presidential debate, competing at who could bash China more. But none of them had anything to say on the irregular effects of the FIXED LIBOR, on Asian economies nor the world financial markets. For that, one has to go to Asia. Tit for Tat. [Africa nobody cares about for the moment].
LIBOR SCANDAL HERE ON JUKWAA: jukwaa.proboards.com/index.cgi?board=general&action=display&thread=7206

www.wired.com/threatlevel/2010/12/isis-report-on-stuxnet/

ARAMCO PIPELINE CONTROL COMPUTER HITCH, IRAN RETALIATES?
www.upi.com/Business_News/Energy-Resources/2012/10/15/Iran-denies-role-in-Aramco-cyberattack/UPI-17681350307613/
china blamed for cyber attacks on the US
www.bbc.co.uk/news/world-asia-china-21272613

INDIA-PAK CYBER SKIRMISHES [which I monitor because of the humour with which they are reported in the twin countries] An Indian politician canvassing for votes in a rural area where cows were dying, of may be anthrax or some other cow disease, told his audience it was the Pakistanis killing their cows with cyber-attack! So cyber may mean cow disease in some localities! and cows being holy, one imagines how the Pakis must then be hated!]

But the times below is more serious.
www.hindustantimes.com/Punjab/Chandigarh/India-Pak-on-Cyber-War-prior-August-15/SP-Article1-917212.aspx

[jakaswanga]

THE CYBER WAR BETWEEN THE USA AND CHINA --Another theatrical episode in the soap!

online.wsj.com/news/articles/SB10001424052702304652804579572320276145640

May 19, 2014 7:33 p.m. ET
The Justice Department's indictment on Monday of five members of the Chinese military for cybercrimes against America is useful as a way to educate the public about the growing espionage threat. The question is whether this is merely another of those foreign-policy gestures the Obama Administration specializes in to make it appear tougher than its policy really is

Here is USA Attorney General Eric Holden at press conference: www.voanews.com/content/reu-report-us-set-to-accuse-chinese-officials-of-cyber-spying/1917504.html
And the view from the East, accusing the USA of hypocrisy.
www.scmp.com/news/world/article/1515858/us-charges-chinese-military-cyber-spying

Beijing has said Washington is hypocritical because it conducts widespread surveillance around the world, as revealed by Snowden.
Snowden’s leaks have indicated that the US has hacked into Chinese telecom giant Huawei – whose own attempts to penetrate the US market have been blocked by US lawmakers’ concerns on national security.
The US is known to have invested heavily in cyberwarfare, with the Pentagon setting up a dedicated unit, and it is widely suspected to have worked with Israel to infect Iran’s nuclear programme.

china.yuehan.net