The FBI issued an alert to businesses in July after unknown attackers breached a computer used to control the heating, ventilation and air conditioning (HVAC) system of a New Jersey company, accessing a graphical user interface for the system, including a floor play layout of the company’s office. The attacks came after an Anonymous affiliated hacker, using the handle @ntisec, published links to vulnerable ICS systems running software from the firm Tridium online. The links included the address of an administrative system that controlled the HVAC system used by US Business 1, a New Jersey company that installs air conditioning systems for other companies, according to a copy of the July, 2012 Situational Information Report (PDF), issued by the Newark Division of the FBI. The alert concerning the February and March, 2012 attack was released by the web site Public Intelligence on Saturday. The FBI did not respond to a request for comment from Security […]
Infrastructure
Update: New 25 GPU Monster Devours Passwords In Seconds
Editor’s note: I’ve updated the article with some new (and in some cases) clarifying detail from Jeremi. I’ve left changes in where they were made. The biggest changes: 1) an updated link to slides 2) clarifying that VCL refers to Virtual OpenCL and 3) that the quote regarding 14char passwords falling in 6 minutes was for LM encrypted – not NTLM encrypted passwords. Long (8 char) NTLM passwords would take much longer…around 5.5 hours. 😉 – Paul There needs to be some kind of Moore’s law analog to capture the tremendous advances in the speed of password cracking operations. Just within the last five years, there’s been an explosion in innovation in this ancient art, as researchers have realized that they can harness specialized silicon and cloud based computing pools to quickly and efficiently break passwords. A presentation at the Passwords^12 Conference in Oslo, Norway (slides available here – PDF), has […]
Uncle Sam Wants To Stop Healthcare Fraud, But Smart Cards Are No Panacea
Medical fraud is a huge issue in the U.S. Depending on whose numbers you use, fraud stemming from false medical claims and reimbursements range from $65 billion a year (a figure generated by the Centers for Medicare and Medicaid Studies) to more than ten times that: $750 billion a year (according to the Institute for Medicine). To stem the losses, government and law enforcement have been cracking down on fraud. In October, for example, the U.S. Attorney General Eric Holder and Health and Human Services Secretary Kathleen Sebelius announced charges against 91 individuals believed to be behind a huge, interstate Medicare fraud scheme responsible for some $430 million in false billing charges. Increasingly, though, the U.S. government is turning to technology to help it identify and root out fraud within the system for medical reimbursements. Chief among the ideas under consideration is a beefed up system for identifying health consumers […]
Latest Iranian Malware Targets Financial Software
There appears to be some professional differences of opinion about the latest super malware targeting the nation of Iran. Just days after Symantec Corp. warned about a new piece of malware, W32.Narilam, researchers at the Russian anti-virus firm Kaspersky Lab threw cold water on the report, saying their analysis suggests that Narilam is two to three years old and probably targeted financial software packages, rather than high value government or industrial systems. The back and forth started with Symantec’s Nov. 22nd blog post on Narilam, which claimed the malware had recently been found circulating in the “Middle East” – and particularly in Iran. Narilam was programmed to infect systems running Microsoft’s SQL database software, spreading through removable drives and network shared folders. It was designed to corrupt data, not to steal information, Symantec said. Though the Cupertino company made no attestation as to Narilam’s origins, Symantec did say the worm […]
Support Forums Reveal Soft Underbelly of Critical Infrastructure
We hear a lot about vulnerabilities in industrial control system (ICS) software. In fact, that’s all we seem to hear about these days. The truth is: there’s a lot to write about. In just the last month, the Department of Homeland Security’s ICS-CERT warned its members about the ability of sophisticated – and even unskilled – attackers to use tools like the Shodan and ERIPP search engines to locate and attack vulnerable industrial control systems (PDF) that are accessible from the public Internet. In the meantime, every couple of weeks brings revelations about serious and remotely exploitable software holes. Most recently, ICS-CERT warned about a critical vulnerability EOScada (PDF), a Windows-based Energy Management System that is used to configure and manage intelligent electronic devices (IEDs) used in electrical, water, sewage and gas applications. But what about real evidence of compromised SCADA and industrial control systems? That’s a taller order. After all: most […]
