Page 1 of 7 123456 ... LastLast
Results 1 to 15 of 99
Like Tree51Likes

Cyber Warfare

This is a discussion on Cyber Warfare within the Strategic Defense forums, part of the China Defense & Military category; 'Proof' Links Flame, Stuxnet Super Cyber Weapons: Researchers - Yahoo! News 'Proof' Links Flame, Stuxnet Super Cyber Weapons: Researchers By ...

  1. #1
    AssassinsMace's Avatar
    AssassinsMace is offline Senior Member
    Join Date
    Aug 2005
    Posts
    4,824

    Cyber Warfare

    'Proof' Links Flame, Stuxnet Super Cyber Weapons: Researchers - Yahoo! News

    'Proof' Links Flame, Stuxnet Super Cyber Weapons: Researchers
    By LEE FERRAN and KIRIT RADIA | ABC News – 4 hrs agoEmailShare3PrintRelated Content'Proof' Links Flame, Stuxnet Super …
    Researchers say they have uncovered "proof" linking the authors of the Flame cyber espionage program to Stuxnet, the most powerful offensive cyber weapon ever developed -- both of which are believed to have targeted Iran.

    Analysts at the Russia-based cyber security firm Kaspersky Labs, which was the first to uncover Flame and had previously analyzed Stuxnet, wrote in a blog post today that they had found the "missing link" between Flame and Stuxnet: a specific piece of code that appears to have been used in both programs.

    Flame, a highly advanced "toolkit" of cyber espionage programs capable of watching virtually everything on an infected computer, was discovered last month on computers in the Middle East and Iran and had apparently been spying on those systems for years. Stuxnet, an offensive cyber weapon designed to physically alter its intended target, was discovered in 2010 after it reportedly infiltrated and managed to damage an Iranian nuclear enrichment facility -- an unprecedented feat.

    In both cases, cyber security experts that analyzed the programs' code determined that due to similarities in cost, time requirement and apparent target, it was likely they had each been developed under the direction of a nation-state, leading to speculation the U.S. or Israel may be involved. However, the same experts quickly noted that Flame's code architecture was vastly different from Stuxnet's and determined that while both could have come from the same nation-state, they were not likely written together.

    READ: Smoke Over Flame: Who Is Behind Super Cyber Spy Tool?

    But now Kaspersky Labs says the two cyber tools appear to have been developed in tandem and a section of code directly from Flame was used in an early 2009 version of Stuxnet, meaning that the two development teams overlapped in their work at least for a little while, even if they appear to have gone their separate ways in 2010 when newer versions of the programs appeared.

    "We believed that the two teams only had access to some common resources, [but] that didn't show any true collaboration," Kaspersky Labs senior researcher Roel Schouwenberg told ABC News. "However, now it turns out that the Stuxnet team initially used Flame to kickstart the project. That proves collaboration and takes the connection between the two teams to a whole new level."

    After Stuxnet's discovery, a Congressional report in December 2010 put the U.S. and Israel on a short list of countries believed to be capable of carrying out that attack -- a list that also included Russia, China, the U.K. and France. A month later, The New York Times reported Stuxnet may have been the result of a joint U.S., Israeli project to undermine Iran's nuclear program.

    Five different U.S. government agencies declined to comment to ABC News about allegations they were involved in Flame and the Israeli government has reportedly denied any link to the virus.

    News of the new connection between the two programs came just days after a U.S.-based cyber security firm, Symantec, reported Flame appears to have been given a "suicide" command that would wipe any trace of it from an infected computer.
    Since I'm not a computer programming expert, I see this as a lot of hype. So unless whoever is behind this has taken over anything with a computer in it, what makes this any different from any other said possible cyber attack spoken of before? So it can affect things mechanically. Can't a hacker do the same? The only difference is this can do it on its own and can be "specifically" targeted. Frankly has the Iranian nuclear program halted to a complete stop? Stuxnet was said to takes years and cost hundreds of millions of USD to develop and what did it accomplish? Something that cost that much and whoever created it just did most of the work for any hacker or computer programming expert to "mutate" this into countless other threats.

    Here's the problem if the US is behind this. The Pentagon just complained the last year about Chinese cyber espionage activities as possibly an act of war. What's this then? So are US departments not talking to one another? That's pretty irresponsible if the US is behind this and they make a statement that cyber espionage activity can be considered an act of war. And I don't really understand why the media is bragging about it because it's not like only the US and Israel can do this. It might just be a Pandora's Box they just opened. That's if it lives up to the hype which I'm skeptical in the first place.
    Last edited by AssassinsMace; 06-11-2012 at 03:03 PM.
    Kurt likes this.

  2. #2
    Kurt's Avatar
    Kurt is offline Junior Member
    Join Date
    Dec 2011
    Posts
    681

    Re: Cyber Warfare

    Stuxnet was programmed to cause malfunction for very specific engines used for uran enrichment, a sabotage act.
    Flame is more espionage oriented.

    Historically, you could have carried out such acts by diluting the supply with faulty components or have someone make longterm destructive modifications to hardware. Our shift to software solutions means that software sabotage is on the rise. Stuxnet is a first test of such tools of software affecting difficult to reach hardware.
    Flame and the Chinese Trojans are classic espionage tools for SIGINT. The reports show a kind of double standard by assuming the good guys can do everything and everything the "future competitor" does is bad. Everybody complains about being spied at.

  3. #3
    AssassinsMace's Avatar
    AssassinsMace is offline Senior Member
    Join Date
    Aug 2005
    Posts
    4,824

    Re: Cyber Warfare

    Pardon I forgot to mention the difference between Stuxnet and Flame but it has been reported developed from the same program.
    Kurt likes this.

  4. #4
    lostsoul is offline Member
    Join Date
    Nov 2009
    Posts
    159

    Re: Cyber Warfare

    Quote Originally Posted by AssassinsMace View Post
    Pardon I forgot to mention the difference between Stuxnet and Flame but it has been reported developed from the same program.
    Kaspersky Labs are pointing to USA/Israel.

  5. #5
    Kurt's Avatar
    Kurt is offline Junior Member
    Join Date
    Dec 2011
    Posts
    681

    Re: Cyber Warfare

    For me, the more interesting question would pertain to the future rules on the data highway that is drifting into very lawless territory via these developments.

  6. #6
    zighail is offline Banned Idiot
    Join Date
    Aug 2012
    Posts
    7

    Re: Cyber Warfare

    translation: the u.s regime is getting ready to do a false flag attack, and pin it on China

  7. #7
    bd popeye's Avatar
    bd popeye is offline The Last Jedi
    Join Date
    Aug 2005
    Location
    Cedar Rapids Iowa
    Posts
    17,951

    Re: Cyber Warfare



    Warned member: zighail

    Reason: Posting anti-us/west flamebait.
    zighail, since you are new you need to read the forum rules before you post again. If you desire to continue to post as you have you need to find a different forum. Your type of flamebait posting is not allowed here. For your offense you are granted a one week holiday away from SDF. While you are out read the forum rules..then abide by them.


    FORUM RULES: Things to Remember Before Posting, important, please read!

    bd popeye super moderator
    Be sure to check out...

    Chinese Daily Photos, Videos & News of 2013!!!

    "I am what I am.... Dat's all what I am"

  8. #8
    AssassinsMace's Avatar
    AssassinsMace is offline Senior Member
    Join Date
    Aug 2005
    Posts
    4,824

    Re: Cyber Warfare



    I just saw this on CNBC. For a show about Chinese cyber espionage there was little evidence shown. Basically all the people interviewed were in the business of cyber security. That's like the robocalls I've gotten recently where they're trying to sell me on buying their security products by scaring me with government crime statistics. The guy from Nortel says evidence that China stole from the company and caused it to go bankrupt was the rise of Huawei happened at the same time. How about taking their products and seeing if it was exactly like Nortel? They didn't do that.
    J-XX likes this.

  9. #9
    lostsoul is offline Member
    Join Date
    Nov 2009
    Posts
    159

    Re: Cyber Warfare

    Quote Originally Posted by AssassinsMace View Post
    I just saw this on CNBC. For a show about Chinese cyber espionage there was little evidence shown. Basically all the people interviewed were in the business of cyber security. That's like the robocalls I've gotten recently where they're trying to sell me on buying their security products by scaring me with government crime statistics. The guy from Nortel says evidence that China stole from the company and caused it to go bankrupt was the rise of Huawei happened at the same time. How about taking their products and seeing if it was exactly like Nortel? They didn't do that.
    The dumb American public will soak up the the "Yellow Peril" espionage, economic threat like a sponge, especially in an election year.

    Note: The British MI5 have been actively recruiting "hackers" to work for them. Wonder what they would be doing?. So every country is at it. India should be extremely competent at this cyber espionage due to their developed computer software industry.
    J-XX likes this.

  10. #10
    escobar's Avatar
    escobar is offline Senior Member
    Join Date
    Jul 2008
    Posts
    5,024

    Re: Cyber Warfare

    Hackers reveal critical vulnerabilities in Huawei routers at Defcon

    Security researchers disclosed critical vulnerabilities in routers from Chinese networking and telecommunications equipment manufacturer Huawei at the Defcon hackers conference on Sunday.

    The vulnerabilities -- a session hijack, a heap overflow, and a stack overflow -- were found in the firmware of Huawei AR18 and AR29 series routers and could be exploited to take control of the devices over the Internet,
    said Felix Lindner, the head of security firm Recurity Labs and one of the two researchers who found the flaws.

    Huawei is one of the fastest growing providers of networking and telecommunication equipment in the world. Huawei equipment powers half of the world's Internet infrastructure, Lindner said.

    The researcher, who also analyzed the security of Cisco networking equipment in the past, described the security of the Huawei devices he analyzed as "the worst ever" and said that they're bound to contain more vulnerabilities.

    During the Defcon talk, which Lindner gave together with Recurity Labs security consultant Gregor Kopf, the researchers pointed out that there are over 10,000 calls in the firmware's code to sprintf, a function that's known to be insecure.

    "This stuff is distrusting," said security researcher Dan Kaminsky, who is best known for discovering a major vulnerability in the world's DNS (Domain Name System) infrastructure in 2008 and who worked for Cisco in the past. "If I were to teach someone from scratch how to write binary exploits, these routers would be what I'd demonstrate on."

    "What FX [Lindner's moniker in security circles] has shown is that the 15 years of secure coding practices that we've learned about -- the things to do or not do -- have not been absorbed by the engineers at Huawei,
    " Kaminsky said.

    According to the Huawei website, the AR series routers are used by enterprises and AR18 in particular is marketed as product intended for small and home offices.

    The Recurity Labs researchers specified during the talk that they didn't test any "big boxes" like the Huawei NE series routers -- which are intended for telecom data communication networks -- because they couldn't obtain them.

    Lindner and Kopf also criticized Huawei for its lack of transparency when it comes to security issues. The company doesn't have a security contact for reporting vulnerabilities, doesn't put out security advisories and doesn't say what bugs have been fixed in its firmware updates, the researchers said.

    "If I don't know who to contact, I can't tell you about your bugs and this happens," Lindner said, referring to the public disclosure of vulnerabilities.

    The researcher hopes that this will be a wake-up call for Huawei customers. The only way to force a company to build more secure products is to make the customers ask for it, like it happened in the past with Microsoft, Cisco or Apple,
    he said.

    Huawei did not return a request for comment.

  11. #11
    escobar's Avatar
    escobar is offline Senior Member
    Join Date
    Jul 2008
    Posts
    5,024

    Re: Cyber Warfare

    The report in pdf: Huawei_DEFCON_XX

  12. #12
    AssassinsMace's Avatar
    AssassinsMace is offline Senior Member
    Join Date
    Aug 2005
    Posts
    4,824

    Re: Cyber Warfare

    It's funny how the media is back to talking about Iran's nuclear program ramping up yet what about Stuxnet? For something that supposedly cost billions to develop, what did they get out of it? They basically spent the cost of how many F-22s just to supposedly halt Iran's nuclear program for what is essentailly a hiccup. Either the whole Stuxnet was just hype or the cheering and patting each other on the back over expert programming skills to create Stuxnet blinds people to the fact it did nothing in the end.
    Kurt likes this.

  13. #13
    NikeX is offline Banned Idiot
    Join Date
    Nov 2011
    Posts
    530

    Re: Cyber Warfare

    Stuxnet was and IS a worm that is capable of lying in wait for the correct time to strike. And the second iteration of Stuxnet, Flame is lurking and working now even as you read this. Think about it: Would you rather have Iran's nuclear program disrupted by a weapon that causes no blood shed or launch an all out shooting war trying to bomb the hell out of Iran. As I said think carefully about the choice

  14. #14
    Hyperwarp's Avatar
    Hyperwarp is online now Junior Member
    Join Date
    Jul 2007
    Location
    Colombo, Sri-Lanka
    Posts
    659

    Re: Cyber Warfare

    ^^^ I am with NikeX on this one. There are risks of things going horribly wrong even with all the safeguards Stuxnet & Flame have, but it is still much better than going in all guns blazing IMHO. Stuxnet & Flame are incredibly selective & smart and will do absolutely no harm to computers not belonging to the target.

  15. #15
    AssassinsMace's Avatar
    AssassinsMace is offline Senior Member
    Join Date
    Aug 2005
    Posts
    4,824

    Re: Cyber Warfare

    Me... suggesting war? No, I was saying the multibillion dollar development of Stuxnet is probably going to be the biggest waste of money or the biggest hoax in the history of bull. And why is the news media sounding the alarm again on Iran nuclear program? Why haven't they activated Stuxnet to strike again? The alarms are sounding... Oh yeah the Iranians are that dumb that they keep working with infected equipment. First of all, if one was to develop this for specifically for Iran, why would you acknowledge it for Iran to work to circumvent it? Fact is the hype is coming from people who aren't in the know. Since Iran is pushing ahead with little effect... billions of dollars for what? That's if it's true in the first place. If it was meant to stop Iran's nuclear program, why is their nuclear program proceeding? Why is there talk of Israel preparing to strike? Weren't they the ones that had part or full responsibility for Stuxnet? What's the point of developing it if Israel still needs to strike militarily? Big waste or big hoax. That's what it is. The way it's playing out now, Stuxnet was just to get the Iranians to think all their equipment was infected thus would not proceed. Looks like it's not working as planned.
    Last edited by AssassinsMace; 09-01-2012 at 01:26 AM.

Page 1 of 7 123456 ... LastLast

Similar Threads

  1. Replies: 23
    Last Post: 07-31-2011, 10:15 AM
  2. Cyber Warfare
    By AssassinsMace in forum Strategic Defense
    Replies: 12
    Last Post: 11-15-2009, 02:02 AM
  3. Pentagon Hit by Unprecedented Cyber Attack
    By batskcab in forum World Armed Forces
    Replies: 0
    Last Post: 11-21-2008, 11:58 PM
  4. Cyber war capabilities
    By PanAsian in forum Strategic Defense
    Replies: 1
    Last Post: 03-26-2007, 08:11 PM
  5. Chinese cyber threat?
    By fromtheright in forum Strategic Defense
    Replies: 9
    Last Post: 09-07-2006, 07:54 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •