Tag Archives: hackers

New Form of terrorism: a hacker tried to poison the drinking water

A hacker gained entry to the system controlling the water treatment plant of a Florida city of 15,000 and tried to taint the water supply with a caustic chemical, exposing a danger cybersecurity experts say has grown as systems become both more computerized and accessible via the internet.

The hacker who breached the system at the city of Oldsmar’s water treatment plant on Friday using a remote access program shared by plant workers briefly increased the amount of sodium hydroxide by a factor of one hundred (from 100 parts per million to 11,100 parts per million), Pinellas County Sheriff Bob Gualtieri said during a news conference Monday…..

….

Fortunately, a supervisor saw the chemical being tampered with — as a mouse controlled by the intruder moved across the screen changing settings — and was able to intervene and immediately reverse it, Gualtieri said. Oldsmar is about 15 miles (25 kilometers) northwest of Tampa.

Read more in

https://apnews.com/article/hacker-tried-poison-water-florida-ab175add0454bcb914c0eb3fb9588466

Today’s Reading (20 Nov 2019)

Local-first software: you own your data, in spite of the cloud

On the one-hand we have ‘cloud apps’ which make it easy to access our work from multiple devices and to collaborate online with others (e.g. Google Docs, Trello, …). On the other hand we have good old-fashioned native apps that you install on your operating system (a dying breed? See e.g. Brendan Burns’ recent tweet). Somewhere in the middle, but not-quite perfect, are online (browser-based) apps with offline support.

Personal & Operation security: Oversharing is a risk, one an adversary will capitalize on

Have you actually thought about how much you are tracked on a daily basis? Think about everything you post on social media, what you search, the apps that are generating metadata (with or without your consent), what your phone knows about you. Not forgetting your “voice assistants,” there is a worrying amount of data we generate every day that builds an impressive digital footprint. Reads more in

AI Coverage Best Practices

Interest in Artificial Intelligence (AI) has skyrocketed in recent years, both among the media and the general public. At the same time, media coverage of AI has wildly varied in quality – at one end, tabloid and clickbait media outlets have produced outrageously inaccurate portrayals of AI that reflect science fiction more than reality.  Reads more in

New code for internet-connected devices to stop hackers

Web-connected devices including smart TVs, watches and home speakers will be subject to a new industry code to protect families, businesses and Australia’s national security from cyber hackers.

Home Affairs Minister Peter Dutton will on Tuesday raise the alarm on poor cyber security features in many devices, calling on companies to do more to stamp out cyber crime. Reads more in

The best Christmas gifts for hackers

What do you get a hacker or IT pro for Christmas? In an industry that is not often well-understood by those outside of it, trying to come up with ideas and presents that will prove themselves valuable and appreciated can be difficult. DNet has rounded up some of the most interesting gifts for hackers over Christmas 2019 to suit a range of budgets and abilities. Reads more in

Millions of Android phones may be vulnerable to camera spying vulnerability

Security researchers have uncovered a vulnerability in Android smartphones that could allow an attacker to secretly take photos and record videos without any permissions being granted. And the exploit works even if the phone is locked or the screen turned off, or even during an actual call – all without the knowledge of the user. Reads more in

8 Top Technical Resource Providers for ICS Security Professionals

CyberSecurity: Someone is trying to take the internet down.

I have been reading a lot of DDOS attacks & recently found that DDOS attack is so powerful that it could take the whole internet down. As per many references & stories, it is already happening. Let me share some of the interesting stories. Things are scary but we all should be aware of the danger. It is not fictional Hollywood movies anymore. It is real now.

Story-1: The internet’s worst-case scenario finally happened in real life: An entire country was taken offline, and no one knows why

Abstract

For years, countries have worried that a hostile foreign power might cut the undersea cables that supply the world with internet service.  Late last month, we got a taste of what that might be like. An entire country, Mauritania, was taken offline for two days because an undersea cable was cut. 

The 17,000-kilometer African Coast to Europe submarine cable, which connects 22 countries from France to South Africa, was severed on March 30, cutting off web access partially or totally to the residents of Sierra Leone and Mauritania.

Story-2: 3 US hackers took out key parts of the internet in 2016 because they wanted to make money on Minecraft

Abstract

Three US hackers have pleaded guilty to creating the Mirai botnet, which took out some of the internet’s biggest sites last year including Reddit, Spotify, and Twitter through distributed denial of service (DDoS) attacks.

The goal of DDoS in Minecraft is to try and frustrate users on a rival server with slow service — so that they end up switching to yours.

Story-3: INSIDE THE CUNNING, UNPRECEDENTED HACK OF UKRAINE’S POWER GRID.

Abstract

One worker was organizing papers at his desk inside the Prykarpattyaoblenergo power grid control center, the cursor on his computer suddenly skittered across the screen of its own accord.

He watched as it navigated purposefully toward buttons controlling the circuit breakers at a substation in the region and then clicked on a box to open the breakers and take the substation offline. A dialogue window popped up on the screen asking to confirm the action, and the operator stared dumbfounded as the cursor glided to the box and clicked to affirm. Somewhere in a region outside the city, he knew that thousands of residents had just lost their lights and heaters

The operator grabbed his mouse and tried desperately to seize control of the cursor, but it was unresponsive. Then as the cursor moved in the direction of another breaker, the machine suddenly logged him out of the control panel. Although he tried frantically to log back in, the attackers had changed his password preventing him from gaining re-entry. All he could do was stare helplessly at his screen while the ghosts in the machine clicked open one breaker after another, eventually taking about 30 substations offline

CyberSecurity: Who are the real hackers & Who is targeting you?

As per Wiki: A computer hacker is any skilled computer expert that uses their technical knowledge to overcome a problem. Some people call hackers a problem solver and Crackers are the ones who break the system.

In reality, Lots of people do not know who are the real hackers? And general thinking is that hackers are a group of people who have invisible power & anonymous to public life. Surprising but true that world has represented hackers someone invisible & wearing the hood with warm jacket & laptop. Only difference you could see that White, Black & Grey hood.

Whenever I see this many questions pop up in my mind: Do hackers really wear jackets with a hood? Is this some sort of logo & symbol to hold if you are a hacker (black, white or both) or wish to become a hacker. Do they belong to cold places? Weird questions but took a long time to get these answers.

So who are the Real Hackers (Crackers)?

Real hackers are not the one who wears a jacket & a hood. The whole world has portrayed them as someone like this, especially media always represent them with similar photos. But, The truth is they are normal people with bad intentions. In large, Every hacker falls into the following categories:

1 Criminals

This category of hackers are criminals who are mafia in the digital age. Just like old days, Mafia used to have men working for them. These criminals have organizations & employee the real hackers to break others system and Steal money from banks, individuals, blackmail someone with ransomware etc. These types of hacking also involved in frauds: Ads frauds, fake campaigns etc.

2 Hacktivists

Hacktivists word is coming activist like a social activist, environmental activist etc. Hacktivist is a group of people who come together with a common belief. The biggest example of such group is “Annonymous“. More information available in the wiki. https://en.wikipedia.org/wiki/Anonymous_(group)

3 Criminal Hackers

Criminal hackers could be a smaller group of people or individuals. It is tough to identify nature of these categories people, However, these types of hackers break some system & steal data etc or find vulnerabilities and pass their information to the bigger group (Big bang hackers group).

Another option is to sell their information on the dark web. In returns, They get their cut. It is a quick way to earn money. For example, If one hacker got 2k account details with credit card numbers, he/she can sell in dark web with $2 to $3 per details. The easy way to make money & not get into a bigger problem.

4 Competitors

The situation has become like Tom & Jerry cartoon. Sometimes tom wins sometimes Jerry & fight continues. In Cybersecurity, it is the same. Anti-virus, anti-malware & thousands of tools to protect organizations but there are some organizations who break others to prove their point. They create open source tools to break any system.

Hacking Small Companies Is Big Business https://biztechmagazine.com/article/2016/07/hacking-small-companies-big-business

There are individuals who break the Android, iPhone just shows that a particular technology isn’t secure even though it is secure up to some extent.

5 Foreign nations

Foreign nations are proactively targeting other nations & Countries like China, Russia has become symbols of such things. It is hard to believe one side of the story but there have been enough instances to believe that Nations like China is the biggest contributors in the whole cyber wars.

US Lawmakers Propose ‘Hack Back’ Law to Allow Cyber Retaliation Without Permission of Third-Party Country. It is a clear indication that Nations would go after each other more aggressively. https://followcybersecurity.com/2018/11/08/first-step-towards-cyberwar/

6 Disgruntled Employees

Last categories of hackers are very interesting one. These are the people who build software for someone then they decide to break the same system to teach a lesson to the same organization. Bad for the organization because the person knows in & out of the system.

We all may feel helpless when an organization or individual manager, VP follows unethical practice & unfair to the people. But not everyone feels helplessness & a few people may start targetting to the organization because of individual unethical behaviour.

In Cybersecurity world, ethics are the most important if you have got the power on your fingertips. A very thin line between good hackers & bad hackers. Maintaining ethics isn’t easy when you feel angry & betrayed.

Leave a comment if you have any suggestion to improve on my effort