Destructive Shamoon Malware Targets Energy Sector 34
An anonymous reader writes "A new spear-phishing attack targeting a number of specific companies in a few industries, including the energy sector, has been spotted by several security companies. Dubbed 'Shamoon' due to a string of a folder name within the malware executable, the attack ends up with delivering destructive malware on the targeted computers that ends up making them unusable. The interesting part of this malware is that instead of staying under the radar and collecting information, the malware was designed to overwrite and wipe the files and the master boot record of the computer."
The attribution issue (Score:5, Informative)
And that's a huge problem with cyber: attribution. Even if an attack appears to be coming from a particular source, that doesn't mean it originated from and/or was ordered by that source. In fact, intentional misattribution or denial of attribution is yet another element of cyber operations. From a US perspective, we still don't have a comprehensive set of rules of engagement for cyber, or even really have consistent, well-understood definitions for what constitutes "cyber war" (though there's certainly a lot of hype...)
Some relevant recent articles:
---
Cyber Command struggles to define its place on a shifting battlefield - Nextgov
The U.S. Cyber Command, which directs network offensive operations for the Pentagon and protects its networks, is becoming more open about the military’s capabilities in cyberspace. Recently, the Defense Department was forced to show part of its hand when leaks surfaced about U.S.-manufactured cyber weapons and cyber espionage missions. Still, since 2011, the department has told the world it stands prepared to protect U.S. national security interests through cyberspace maneuvers.
http://www.nextgov.com/cybersecurity/2012/08/hacker-wars/57438/ [nextgov.com]
---
Confusion Reigns In Cyber Planning - AVIATION WEEK
Pentagon warfighters have for years been asking for a cybercombat policy, rules of engagement, funding and a less-fragmented chain of authority. But those needs remain unfulfilled as bureaucrats, lawmakers and top Defense Department civilian officials thrash about in a pit of indecision while an international complex of digital threats continues to emerge.
http://www.aviationweek.com/Article.aspx?id=%2Farticle-xml%2FDT_05_01_2012_p38-444018.xml&guid=74908 [aviationweek.com]
---
'Turf War' Slows New U.S. Cyber Rules - Defense News
Despite the ongoing concern about the escalating pace of cyber attacks, a new set of standing rules of engagement for cyber operations — policy guidelines that would specify how the Pentagon would respond to different types of cyber attacks — is being delayed by a debate over the role of the U.S. military in defending non-military networks, sources said.
http://www.defensenews.com/article/20120507/C4ISR01/305070015/-8216-Turf-War-8217-Slows-New-U-S-Cyber-Rules [defensenews.com]
---
Pentagon revamps rules of engagement for cyberwar - The Hill
The Pentagon is rewriting the book on how it defends against and possibly responds to cyberattacks against the United States, the top uniformed officer in charge of the effort told Congress on Tuesday.
http://thehill.com/blogs/defcon-hill/policy-and-strategy/218435-pentagon-revamps-rules-of-engagement-for-cyberwar [thehill.com]
ah, a good old fashioned virus (Score:5, Informative)
reminds me of the late 80's and 90's where malware typically deleted your files and otherwise screwed up your computer.
We have come full circle.
The destructive viruses of yesteryear (Score:2, Informative)
"instead of staying under the radar and collecting information, the malware was designed to overwrite and wipe the files and the master boot record of the computer."
In other words, a return to the classic viruses of the late 80's and 90's. It's been years since I've seen any virus that does anything more than remotely spy/lurk or disrupt internet connectivity.