Tag Archives: cyber weapon

Glimpse of CyberWar: Hacker Tried to Poison Florida City’s Water Supply, Police Say

Here is the glimpse of a cyberwar where hackers are not leaving any chance to take human lives. All Industrial systems has serious security flaws and all of them impose life threatening situation if they are hacked. For instance, water supply, electric grid or nuclear plant etc. Read about this hack..

“The hacker changed the sodium hydroxide from about one hundred parts per million, to 11,100 parts per million,” Gualtieri said, adding that these were “dangerous” levels. When asked if this should be considered an attempt at bioterrorism, Gualtieri said, “What it is is someone hacked into the system not just once but twice … opened the program and changed the levels from 100 to 11,100 parts per million with a caustic substance. So, you label it however you want, those are the facts.”

Impacts of this hack

In smaller quantities, sodium hydroxide can cause severe skin burns and eye damage. Small amounts of sodium hydroxide are put in some cities’ drinking water supplies to prevent corrosion to pipes and to bring the pH up (it is a strong base).

The news highlights what could be a serious cyber and physical security breach, and raises questions about how secure access to such a sensitive system really was.

Read more:

https://www.vice.com/en/article/88ab33/hacker-poison-florida-water-pinellas-county

Security & Privacy: China watching: Indian President, PM, key Opposition leaders, Cabinet, CMs, Chief Justice of India…the list goes on

Abtract

Calling itself a pioneer in using big data for “hybrid warfare” and the “great rejuvenation of the Chinese nation,” a Shenzen-based technology company with links to the Chinese government, and the Chinese Communist Party, is monitoring over 10,000 Indian individuals and organisations in its global database of “foreign targets,” an investigation by The Indian Express has revealed.

The range of targets in India identified and monitored in real time by Zhenhua Data Information Technology Co. Limited is sweeping — in both breadth and depth.

From President Ram Nath Kovind and Prime Minister Narendra Modi to Congress interim President Sonia Gandhi and their families; Chief Ministers Mamata Banerjee, Ashok Gehlot and Amarinder Singh to Uddhav Thackeray, Naveen Patnaik and Shivraj Singh Chouhan; Cabinet Ministers Rajnath Singh and Ravi Shankar Prasad to Nirmala SitharamanSmriti Irani, and Piyush Goyal; Chief of Defence Staff Bipin Singh Rawat to at least 15 former Chiefs of the Army, Navy and Air Force; Chief Justice of India Sharad Bobde and brother judge AM Khanwilkar to Lokpal Justice P C Ghose and Comptroller and Auditor General G C Murmu; start-up tech entrepreneurs like Nipun Mehra, founder of Bharat Pe (an Indian payment app), and Ajay Trehan of AuthBridge, an authentication technology firm, to top industrialists Ratan Tata and Gautam Adani. 

Read more in

https://indianexpress.com/article/express-exclusive/china-watching-big-data-president-kovind-pm-narendra-modi-opposition-leaders-chief-justice-of-india-zhenhua-data-information-technology-6594861/

News of the day: 2,000 Georgia websites hacked in cyber attacks

A huge cyber-attack has knocked out thousands of websites – as well as the national TV station – in the country of Georgia. 

Some 2,000 websites in Georgia, including those of the president, courts, and media were hacked in a massive cyber attack on Monday, officials and media said.

Court websites containing case materials and personal data have also been attacked.  In many cases, website home pages were replaced with an image of former President Mikheil Saakashvili, and the caption “I’ll be back”.  The origin of the attack is not yet known.

Reference

https://www.france24.com/en/20191028-2-000-georgia-websites-hacked-in-cyber-attacks

Aviation security: A serious issue

Abstract

The issue of airplane security is certainly being taken very seriously. Separately, the U.S. Air Force will also be taking a bigger role in identifying security problems in commercial aviation systems–many of which are used by the military.

So far, cyberattacks targeting airlines have focused on the IT systems rather than aircraft themselves. U.K. airline British Airways is facing a huge fine after passenger data from around 380,000 bookings was breached, including bank card numbers along with cvv codes.  

But in the future, this could change. “The U.S. Airforce and most other airforces use airframes and systems that are often the same as their civilian counterparts,” says Philip Ingram, MBE, a former colonel in British military intelligence. He says the restarting of the program suggests “that secret intelligence has identified nation state and non-nation state actors potentially looking at vulnerabilities in aircraft.”

Meanwhile, Ingram (Cyber Expert) says the threat from terrorism is real, but the main players have not found a way of hacking aircraft yet: “If terrorists could find a way of hacking an aircraft to bring it down, they would. The ISIS Cyber Arm, the Cyber Caliphate Shield has lots of ambitions to carry out these sorts of attacks, but they don’t have the technical capabilities.”

Reads more in

U.S. Government Confirms New Aircraft Cybersecurity Move Amid Terrorism Fears

https://www.forbes.com/sites/kateoflahertyuk/2019/10/01/us-government-confirms-new-aircraft-cybersecurity-move-amid-terrorism-fears/?ss=cybersecurity#45d23cd469e1

Supply-chain is becoming huge National security issue

Abstract

The Huawei problem is simple to explain. The company is based in China and subject to the rules and dictates of the Chinese government. The government could require Huawei to install back doors into the 5G routers it sells abroad, allowing the government to eavesdrop on communications or — even worse — take control of the routers during wartime. Since the United States will rely on those routers for all of its communications, we become vulnerable by building our 5G backbone on Huawei equipment.

It’s obvious that we can’t trust computer equipment from a country we don’t trust, but the problem is much more pervasive than that. The computers and smartphones you use are not built in the United States. Their chips aren’t made in the United States. The engineers who design and program them come from over a hundred countries. Thousands of people have the opportunity, acting alone, to slip a back door into the final product.

……….

Technical solutions fall into two basic categories, both currently beyond our reach. One is to improve the technical inspection processes for products whose designers provide source code and hardware design specifications, and for products that arrive without any transparency information at all. In both cases, we want to verify that the end product is secure and free of back doors. Sometimes we can do this for some classes of back doors: We can inspect source code this is how a Linux back door was discovered and removed in 2003 or the hardware design, which becomes a cleverness battle between attacker and defender.

Read more in

https://www.schneier.com/blog/archives/2019/09/supply-chain_se_1.html