Thanks to Swordmaker (and Utilizer) for the pings.
Be sure to see comment #9 from FReeper Spaulding. Excellent information and insights.
Posted on 07/14/2016 9:22:11 PM PDT by Utilizer
A new piece of sophisticated malware has been discovered on the networks of an unnamed European energy company with what researchers believe is the potential to shut down an energy grid.
Endpoint protection firm Sentinel One Labs discovered the malware and dubbed it SFG, revealing it not only collects information on the infected system but opens a backdoor through which a destructive payload could be launched.
It affects all versions of Windows and has been produced to overcome next-generation firewalls and anti-virus software. The malware also shuts down when put into a sandboxed environment or a virtual machine to escape the notice of security teams.
This piece of malware, according to Sentinel One Labs, “exhibits traits seen in previous nation-state rootkits, and appears to have been designed by multiple developers with high-level skills and access to considerable resources”.
(Excerpt) Read more at itnews.com.au ...
It will happen at rock bottom. Something terrible somewhere or multiple places will be going on, and BOOM all the power will go out. Communications will be cut, who knows what else will happen.
This is something I have been worrying about for years now!
And the energy companies are so unconcerned about security it is just aggravating beyond belief!
Look at what happened quite recently at that substation for, what was the company,... PG&E, AT&T ? that those “unknown persons” (of middle-eastern appearance and firing off AK-47 -appearing firearms) attempted to greatly damage and force to shut down the establishment they were attacking!
How much more of a wake-up call do we need?
There should be a massive class action suit against Bill Gates for designing and peddling an operating system that is such a failure in security.
Apply some of those billions he piled up toward fixing the security holes.
Bookmark
There is a security company called G4E or something like that. They do security worldwide on nuke plants, and other power plants as well as random security throughout different venues and special VIP events and such.
Apparently the San Bernidino shooter was employed by them for a certain amount of time, and also the Pulse night club shooter, the evidence is on ATS and it seems legit. I worry that this company has been infiltrated by radicals and they are waiting for an opportune time to strike. Both of those shooters HAD to have had help getting the munitions used, and a background at this security company could have a lot to do with it.
Bump!
Ping for your list. . .
Bill Gates hasn’t run Microsoft for many years, and never designed operating systems, though he was very good at recognizing and hiring some of the best computer scientists in the world. Gates, while he has wasted billions on ill-informed politically motivated projects, delegated lots of Microsoft’s resources to addressing security issues about twenty years ago. Be skeptical when you read trade publications that sell computer security products, with articles provided by the vendors.
SCADA systems should be off the Internet, and many of them that I’ve had experience with are. The potential for sabotage is certainly real. For an extremely well-informed description of cybercrime and sabotage read Mark Russinovich’ novels, Trojan Horse, or Zero Day, or Rogue Code, almost certainly real examples enhanced by some characters and plotline. Mark is the CTO of Microsoft’s AZURE, the marketing name for its cloud service, and has created what are probably the most used tools in the cyber community, and among the most used by Microsoft engineers. After earning his PhD at Carnegie Mellon Mark and Bryce Cogswell, and later, Dave Solomon, from DEC, started a company called Winternals, which Microsoft bought in 2006. Mark, a co-author of the Windows Internal Reference manual, have fought some of the most pernicious malware ever created, and, it is rumored, created some of their/our own.
The heart of Windows 10 and every other Windows OS since Window 3.1, and very very similar to DEC’s VMS kernel, for which use Bill Gates paid some 600 million dollars; Both kernels had the same architect, Dave Cutler. Time will tell, but it is not unreasonable that the NT kernel, could make embedded controllers, now marketed as Internet of Things devices, much more secure than they used to be. Both versions of VMS and versions of Windows have qualified for DOD Class B2 security certification, which is very rigorous. Be skeptical when a marketing magazine makes unsupported comments about OS penetration. Most penetration comes through unprotected ports, and from naïve programmers of applications that should not have been trusted which get run by naïve users who blithely run with administrator privileges.
Microsoft is adding more and more protections against unauthorized access, and sponsors innovation among its partners. Todays smart phones often have quad-processors and gigabytes of memory. Their operating systems, such aw they are, are crude. Windows 10, a stripped down version, with a partitioned kernel mode (ring 0). No real time OS offers either such a mature kernel, or the security potential of Windows 10. I doubt that there is a commercial OS as secure, and no consumer system comes close.
Whether you run Mac OS. Linus, or Windows, don’t do your usual chores, browsing, email, Skype, etc. with administrator privilege (or root, or system). Make yourself a separate account with privileges and don’t lose the password. Don’t let anyone access your USB ports or use memory sticks loaned by others. Don’t open email attachments; save the file, which causes your up-to-date malware software to scan the file as it copies it. Spend $100 and buy a 3 or 4 terabyte desktop drive, preferably with USB3 capabilities and backup your computer every day. Windows has two backup utilities, File History and the Windows 7 Backup. They are both fine, and don’t copy unchanged files.
Thanks. I’ll check out those novels you mentioned, sound interesting.
Ping!
(Thanks, to Swordmaker for the reminder as I got busy with something and forgot.)
Thanks for posting that!!
Thanks to Swordmaker (and Utilizer) for the pings.
Be sure to see comment #9 from FReeper Spaulding. Excellent information and insights.
Trump senses we’re NOT living in a Unicorn Purple Sky Dream...
Maybe when Trump’s elected he’ll start protecting the American people - ALL the American people - NOT just black criminals and/or members of democrat victim groups.
ALL Americans.
Protect the grid, harden chips, secure borders, vet refugees...
Trump senses we’re NOT living in a Unicorn Purple Sky Dream...
Maybe when Trump’s elected he’ll start protecting the American people - ALL the American people - NOT just black criminals and/or members of democrat victim groups.
ALL Americans.
Protect the grid, harden chips, secure borders, vet refugees... rebuild crumbling infrastructure...
Well, at least we can have confidence that Hillary’s basement server wasn’t hacked?
How do I know? Because she told me so.
“And the energy companies are so unconcerned about security it is just aggravating beyond belief!”
If they are unconcerned, then hth did they discover this?
? ... You might try reading the article.
“Endpoint protection firm Sentinel One Labs discovered the malware...”
NOT the Energy Company affected by it. The security agency employed to assist the customer found it, not the company itself. Kudos to Sentinel One Labs for the discovery.
Coders find problems with the ‘doze OS time and time again, and work diligently to patch them oftentimes with little or no credit from m-soft itself.
Even if sometimes u-soft refuses to openly admit there is a problem, just issues a fix in their next Software Update (Patch Tuesday) release(s).
Huge difference.
It’s still early -you might wish to ease up a bit on the Gator Juice a bit, mate. :)
Cheers!
Whoa!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.