Massive Cyber Attacks Uncovered

More than 75,000 computer systems at nearly 2,500 companies in the United States and around the world have been hacked in what appears to be one of the largest and most sophisticated attacks by cyber criminals discovered to date, according to a northern Virginia security firm.

The attack, which began in late 2008 and was discovered last month, targeted proprietary corporate data, e-mails, credit-card transaction data and login credentials at companies in the health and technology industries in 196 countries, according to Herndon-based NetWitness.

News of the attack follows reports last month that the computer networks at Google and more than 30 other large financial, energy, defense, technology and media firms had been compromised. Google said the attack on its system originated in China.

This latest attack does not appear to be linked to the Google intrusion, said Amit Yoran, NetWitness’s chief executive. But it is significant, he said, in its scale and in its apparent demonstration that the criminal groups’ sophistication in cyberattacks is approaching that of nation states such as China and Russia.

The attack also highlights the inability of the private sector — including industries that would be expected to employ the most sophisticated cyber defenses — to protect itself.

“The traditional security approaches of intrusion-detection systems and anti-virus software are by definition inadequate for these types of sophisticated threats,” Yoran said. “The things that we — industry — have been doing for the past 20 years are ineffective with attacks like this. That’s the story.”

The intrusion, first reported on the Wall Street Journal’s Web site, was detected Jan. 26 by NetWitness engineer Alex Cox. He discovered the intrusion, dubbed the Kneber bot, being run by a ring based in Eastern Europe operating through at least 20 command and control servers worldwide.

The hackers lured unsuspecting employees at targeted firms to download infected software from sites controlled by the hackers, or baited them into opening e-mails containing the infected attachments, Yoran said. The malicious software, or “bots,” enabled the attackers to commandeer users’ computers, scrape them for log-in credentials and passwords — including to online banking and social networking sites — and then exploit that data to hack into the systems of other users, Yoran said. The number of penetrated systems grew exponentially, he said.

“Because they’re using multiple bots and very sophisticated command and control methods, once they’re in the system, even if you whack the command and control servers, it’s difficult to rid them of the ability to control the users’ computers,” Yoran said.

The malware had the ability to target any information the attackers wanted, including file-sharing sites for sensitive corporate documents, according to NetWitness.

Login credentials have monetary value in the criminal underground, experts said. A damage assessment for the firms is underway, Yoran said. NetWitness has been working with firms to help them mitigate the damage.

Among the companies hit were Cardinal Health, located in Dublin, Ohio, and Merck, according to the Wall Street Journal. A spokesman for Cardinal said the firm removed the infected computers as soon as the breach was found.

Also affected were educational institutions, energy firms, financial companies and Internet service providers. Ten government agencies were penetrated, none in the national security area, NetWitness said.

The systems penetrated were mostly in the United States, Saudi Arabia, Egypt, Turkey and Mexico, the firm said.

China’s Computer Equipment Threat

Suspicions about China slipping eavesdropping technology into computer exports have been around for years. But the recent spying attacks, attributed to China, on Google and other Internet companies have revived the hardware spying concerns. An IT World blogger suggests the gear can’t be trusted, noting that it wouldn’t be hard to add security holes to the firmware of Chinese-made USB memory sticks, computers, hard drives, and cameras. He also implies that running automatic checks for data of interest in the compromised gear would not be difficult.” The blog post mentions Ken Thompson’s admission in 1983 that he had put a backdoor into the Unix C compiler; he laid out the details in the 1983 Turing Award lecture, Reflections On Trusting Trust: “The moral is obvious. You can’t trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect.”

Worlds Most Efficient Insulation

Over 70 years ago, scientists invented aerogel, the least dense solid known to man, and an insulator four times more efficient than fiberglass or foam. Famously, according to Dr. Peter Tsou of NASA’s Jet Propulsion Laboratory, “you could take a two- or three-bedroom house, insulate it with aerogel, and you could heat the house with a candle. But eventually the house would become too hot.”

Unfortunately, aerogels remained so expensive and unwieldy that only NASA used them with any regularity. However, thanks to recent production advances, aerogel insulation is now available and affordable for consumer purchase.

Aerogel Insulation :  Aspen Aerogels, via CNET

Even after the price drop, aerogels remain more expensive than common insulating materials. But since aerogels are more plastic than fiberglass or foam, permeable to water vapor, and flameproof, the extra cost may well be worth the investment when insulating masonry, shingles, or curved surfaces. Plus, since they’re so light and efficient, aerogels reduce other building costs as well.

Aerogels are made by constructing a conventional gel, and then removing the liquid though supercritical drying. The resultant material is 90 percent air, but retains the structure and rigidity of the non-liquid gel components.

Pentagon Struggles with Cyber Security

WASHINGTON — On a Monday morning earlier this month, top Pentagon leaders gathered to simulate how they would respond to a sophisticated cyberattack aimed at paralyzing the nation’s power grids, its communications systems or its financial networks.

The results were dispiriting. The enemy had all the advantages: stealth, anonymity and unpredictability. No one could pinpoint the country from which the attack came, so there was no effective way to deter further damage by threatening retaliation. What’s more, the military commanders noted that they even lacked the legal authority to respond — especially because it was never clear if the attack was an act of vandalism, an attempt at commercial theft or a state-sponsored effort to cripple the United States, perhaps as a prelude to a conventional war.

What some participants in the simulation knew — and others did not — was that a version of their nightmare had just played out in real life, not at the Pentagon where they were meeting, but in the far less formal war rooms at Google Inc. Computers at Google and more than 30 other companies had been penetrated, and Google’s software engineers quickly tracked the source of the attack to seven servers in Taiwan, with footprints back to the Chinese mainland.

After that, the trail disappeared into a cloud of angry Chinese government denials, and then an ugly exchange of accusations between Washington and Beijing. That continued Monday, with Chinese assertions that critics were trying to “denigrate China” and that the United States was pursuing “hegemonic domination” in cyberspace.

These recent events demonstrate how quickly the nation’s escalating cyberbattles have outpaced the rush to find a deterrent, something equivalent to the cold-war-era strategy of threatening nuclear retaliation.

So far, despite millions of dollars spent on studies, that quest has failed. Last week, Secretary of State Hillary Rodham Clinton made the most comprehensive effort yet to warn potential adversaries that cyberattacks would not be ignored, drawing on the language of nuclear deterrence.

“States, terrorists and those who would act as their proxies must know that the United States will protect our networks,” she declared in a speech on Thursday that drew an angry response from Beijing. “Those who disrupt the free flow of information in our society or any other pose a threat to our economy, our government and our civil society.”

But Mrs. Clinton did not say how the United States would respond, beyond suggesting that countries that knowingly permit cyberattacks to be launched from their territories would suffer damage to their reputations, and could be frozen out of the global economy. … Continue Reading

Robot Border Guards in Europe

A MIGRANT makes a furtive dash across an unwalled rural section of a national border, only to be confronted by a tracked robot that looks like a tiny combat tank – with a gimballed camera for an eye. As he passes the bug-eyed droid, it follows him and a border guard’s voice booms from its loudspeaker. He has illegally entered the country, he is warned, and if he does not turn back he will be filmed and followed by the robot, or by an airborne drone, until guards apprehend him.

Welcome to the European border of the not-too-distant future. Amid the ever-present angst over illegal immigration, cross-border terrorism and contraband smuggling, some nations are turning to novel border-surveillance technologies, potentially backed up by robots, a conference on state security at Leeds Metropolitan University, UK, heard in November. The idea is to scatter arrays of sensors in a border area in ways that give guards or robots plenty of time to respond before their targets make good an escape.

The need to secure borders is evident across the globe, from India – which is constructing a 3400-kilometre, 3-metre-high barbed-wire and concrete border wall to close itself off from Bangladesh – to Libya, where foot patrols are being augmented with new people-sensing technologies.

Libya has an agreement with the European Union to try to limit the flow of immigrants from sub-Saharan Africa traversing its borders before crossing the Mediterranean and entering Italy. To help it enforce this deal, Libya is spending €300 million on technology for what it calls a “large border security and control system”, made by Selex Sistemi Integrati, part of Italian aerospace firm Finmeccanica. Selex says its command, control and communication technology will include all the computers and software necessary to make sense of the data gathered by a raft of different sensors on the Libyan border. Project details remain under wraps, but Selex already makes acoustic, infrared and remote-imaging sensors, which could find uses in border control.

Elsewhere, the US Department of Homeland Security, along with Boeing Intelligence and Security Systems, is fielding sensors on the border with Mexico, in an $8 billion project called the Secure Border Initiative network.

SBInet will eventually comprise some 400 25-metre-high towers similar to cellphone masts and containing an array of remote-controlled optical and infrared cameras. The towers will also carry a primary sensor designed to detect humans. This sensor is a 10-gigahertz, or “X-band”, ground surveillance radar made by Israel Aerospace Industries (IAI) in Tel Aviv. The towers will be dotted along the US’s 3000-kilometre triple-layered border fence.

The radar will supplement acoustic and vibration sensors strewn around the border zone that pick up voices and footfalls, and will provide patrols with early warning of activity in the border area – as far as 10 kilometres from the fence. So says Mark Borkowski, who directs the SBInet project for the US Customs and Border Protection (CBP) agency in Washington DC.

The idea is that robotic cameras will zoom in automatically on any activity detected by radar or sensors. “Then we classify the event to gauge our response: is it just a stray cow? A person? If so, are they carrying weapons or maybe drugs?” says Borkowski. “We’re not foolish enough to think a fence alone will work: we know people can build ramps and cut through it.”

A prototype SBInet system, based on nine temporary towers, has been tested on a 45-kilometre stretch of the US-Mexico border near Sasabe, Arizona, for the past three years. Called Project 28, it had problems: the X-band radar produced too much signal clutter from the ground, making it tough to detect human activity. And the satellite links it used took too long to send sensor data to base – so people had often disappeared by the time an alert was raised.

The radar has been modified and satellite links abandoned in favour of fast ground-based microwave links, says Tim Peters, Boeing’s SBInet project chief. The project moves to its deployment phase in mid-2010, when 17 permanent towers near Tucson will be turned on. Magnetic sensors will be added to detect vehicle movements and weapons, too. CBP is also trialling Predator drones on the border to feed surveillance pictures into SBInet.

IAI is a partner in the EU’s Transportable Autonomous Patrol for Land Border Surveillance (TALOS) programme, which eschews static ground sensors and border walls in favour of the aforementioned bug-eyed robots – replete with human-sensing radar – and aerial drones.

TALOS is needed because the expanded 27-nation EU has a porous eastern border that it cannot afford to monitor conventionally, says Agnieszka Spronska of the Industrial Research Institute for Automation and Measurements (PIAP), based in Warsaw, Poland. PIAP is leading the 10-nation TALOS consortium, which is spending €20 million on developing the architecture for a mobile network of ground robots, drones and the command centres from which they are run.

“TALOS will be very scalable depending on the terrain – you can use as much of it as you need without static elements,” says Spronska. More than one ground robot will approach people, she says, as groups often split up.

But where does this deep-probing 24/7 surveillance technology leave residents who are living near borders, in terms of privacy? “We protect the camera and sensor systems from any kind of illegal or unauthorised use,” says Borkowski. “But it is indeed a balancing act. People are right to be asking such questions.”