'Trojan Horse' Bug Lurking in Vital US Computers Since 2011

ABCNews ^ | Nov 6, 2014 | JACK CLOHERTY and PIERRE THOMAS

[driftdiver]

A destructive “Trojan Horse” malware program has penetrated the software that runs much of the nation’s critical infrastructure and is poised to cause an economic catastrophe, according to the Department of Homeland Security.

National Security sources told ABC News there is evidence that the malware was inserted by hackers believed to be sponsored by the Russian government, and is a very serious threat.

The hacked software is used to control complex industrial operations like oil and gas pipelines, power transmission grids, water distribution and filtration systems, wind turbines and even some nuclear plants. Shutting down or damaging any of these vital public utilities could severely impact hundreds of thousands of Americans

[ansel12]

I doubt that the Russians haven’t been keeping up with it since 2011, and especially with the latest widespread news and discussion of it and the use of it against NATO and Europe, only months ago.

I want the public to be aware of such threats except when there is a reason for secrecy, I don’t see any reason related to this story today to hide it from us.

[rarestia]

That’s good to hear, Laz. I’ve heard otherwise depending on the agency.

[familyop]

I understand and share your concern with keeping foreign enemies from having too much knowledge about security-related matters, but our international slaver bosses have seen to it that the most elite and most impoverished human traffic is easy and maximized between friendly and enemy countries. That’s a gaping hole caused by so-called free trade (not free at all).

One answer would be to have communities build many independent power plants and for individuals to be more encouraged to build their own power plants without regulatory and fee obstacles. That would lend to a much more decentralized and secure energy infrastructure for our nation, just as open source heavy equipment manufacturing will.

[rarestia]

Based on this article and some of the security forums I’ve read, that’s exactly what this is. It’s a trojan that was installed years ago and has just propagated.

That’s the normal course of action with security breaches of this type: they survey and map the environments first, often with little touching of the actual network. SNMP- and WMI-based network monitoring often help them since they’re often not properly secured. Once the network is mapped, they plan the attack vectors and infect them. Then, at the flip of a switch, either manual or timed, the infection starts and does its damage, often long after the original infiltrators have closed up their tunnels or pipes into the network.

[driftdiver]

Laz, I did work for one department. Deplorable security and after I delivered the gap analysis and list of what they needed the sensitivity of the data was downgraded (rather then increasing security) to meet standards.

So some are in good shape, many are not. Regardless all are a target and ALL will be hacked.

[dynoman]

“All SCADA systems should be replaced with free and open source versions and intensely and frequently reviewed by many.”

OK exactly how would you propose to execute that idea?? But first, has SCADA actually been hacked? Has it been infected with a Trojan? Where’s the proof?

“The best solution would be much more decentralized and distributed systems”

The electrical grid is decentralized - probably as decentralized as is practical. How could it be decentralized more than it is?

Part of the problem here is people making propositions that don’t have any idea what they are talking about. The conversation thus ends up churning buzzwords in a parallel universe separate from reality. About the only good thing about conversations like this is it is a distraction for anyone who actually might have evil intent.

[dynoman]

“With the kind of virus called a time bomb during the ‘90s. It’s easy for crackers to write viruses that are activated at a particular later time.”

Is there any information on the damage any of these alleged 1990s time bomb virus’ caused when they were activated?

[TADSLOS]

Flip a kill switch and viola! Instant national collapse and disaster followed with intervention and salvation by Fedzilla for our own good.

[familyop]

"The general public doesn’t need to know because there is nothing they could do about it."

This message was facilitated by a small PV solar power plant that costs far less, over time, than grid energy by the Kwh. I have no degree, license or other designated approval for learning to install the equipment (reason for low cost).

[Little disclaimer here: don't construe any of the commentary above as advice. Don't install or do any electrical work without either learning and referring to the National Electrical Code, being instructed in safety for electrical work or being supervised by a licensed electrician. Don't attempt to install a grid-tied system yourself without thorough knowledge of the NEC, electrical safety practices and experience. Pull a permit for any installation on the soil of and any buildings without wheels and mounted on your private property. If there's any doubt or local regulation against doing it yourself, have a licensed electrician do it for you. For off-grid systems, there are many books and much other documentation on installing PV solar systems and electrical safety. I'm not a lawyer. If you need legal a$$i$tance for being allowed to u$e your private property or build anything, contact a licen$ed attorney. I will not be held liable for any damages caused by what you do for yourself.]

[dynoman]

OK when this alleged Russian Trojan was used against NATO and Europe what happened? I’s like some specific information on any damage. If it was actually used against NATO and Europe, and it’s been injected into “the software that runs much of the nation’s critical infrastructure” and “and is poised to cause an economic catastrophe” there should be some damage reports about the “economic catastrophe” it caused when it was used against NATO and Europe.

If true, and if the public knows, what specifically can they do about it? Exactly what would an effective public response look like?

[familyop]

"Is there any information on the damage any of these alleged 1990s time bomb virus’ caused when they were activated?"

I only recall news of small damage caused to private computer systems and networks, because I had a pulse during the '90s and probably have near average long term memory. It's likely that some of the news of recent years involved time-activated viruses. An Internet search should yield some instances of time-activated viruses and damages caused by them. It seems there was news of DoS attacks done that way.

[Kartographer]

BUT....But...but this is American and that just can’t happen, because it never happened before. Can it????

[ansel12]

If you want to prove a conspiracy, or that it isn’t real, then the burden is on you.

As far as what the public can do when they become aware of a threat to their own survival, the survival of their families and the survival of their nation? Ever hear of politics and political pressure?

[Cats Pajamas]

Budget requests for? Computer system updates? Why don’t they take that 6 billion they are sending to fight ebola and use that to start. Ebola is already off the front page here in US. People have the attention span of gnats.

[Kartographer]

Not sure of the public's response, but I sure I know what the Presidential response would be.

[familyop]

"Part of the problem here is people making propositions that don’t have any idea what they are talking about. The conversation thus ends up churning buzzwords in a parallel universe separate from reality. About the only good thing about conversations like this is it is a distraction for anyone who actually might have evil intent."

You still don't get it? Many readers probably understand it well enough. Much has been accomplished since the following was made. It applies to all kinds of equipment and is one way to infrastructure security.

Marcin Jakubowski - The Open Source Economy | @marioninstitute
https://www.youtube.com/watch?v=MIIzogiUHFY

[Kartographer]

I worked on the Iranians and it also has worked on the Russians.

Hacking The Industrial SCADA Network

http://pipelineandgasjournal.com/hacking-industrial-scada-network

[TADSLOS]

Normalcy Bias will get you killed.

[dynoman]

OK you are not really proposing solutions for existing industrial and infrastructure control vulnerabilities.

Going off grid is not a solution for industrial and infrastructure control vulnerabilities.

That is what I’m getting at when I say “The general public doesn’t need to know because there is nothing they could do about it.” The general public doesn’t comprehend electrical infrastructure, that is the reason they cannot offer a coherent solutions for perceived vulnerabilities. The only “solution” the ignorant general public (not a criticism just the reality) has is to go off grid - if existing industrial and electrical infrastructure is destroyed by an attack what difference will that really make for the person who’s off the grid? What would life be like for that person? Believe me I’ve thought about it, and am capable of going off grid. I haven’t got to the point where I think that is a solution.

[Rusty0604]

Obama has been talking up getting money fro Republicans to improve our infrastructure. Of course after he gets the money it will go to bicycle paths.