2nd Largest Liquefied Natural Gas Producer Knocked Offline In Malware Attack 71
chicksdaddy writes "Securityledger reports that, days after Saudi Aramco said it had cleansed its network of a malware infection, Qatari firm RasGas, the world's second largest producer of liquefied natural gas, has been knocked offline in a similar attack. RasGas's corporate web site was offline late Thursday and a RasGas spokesman, speaking to the website arabianoilandgas.com acknowledged that 'an unknown virus has affected' the company's office systems since Monday, August 27. The company has notified its suppliers by fax that the company is 'experiencing technical issues with its office computer systems,' ArabianOilandGas.com reported. However, a company spokesperson said that the company's LNG production and distribution operations were unaffected."
Here's an idea (Score:3, Insightful)
Don't plug the those things into the Internet. Don't run a system where silly things like "install on insertion" are enabled. When the software needs updating, have a tech drive over there and stick an update CD in a drive. That oughta cover it. (Remember, I said no autorun).
Re: (Score:1)
Hmm if only had this idea. Oh wait they did. The company's website and office computers were affected. boo hoo, the gas trains keep on humming along as if nothing happened.
Re: (Score:2)
Leveling the field (Score:5, Insightful)
Re: (Score:1)
Yep, just like torture, if you approve, then you approve it for everybody.
But what this will lead to is that powerful computers will be tagged and require a license to operate, like in Burma [blc-burma.org]. The rest of us will use iPods and Kindles, like it or not.
Re: (Score:3)
It doesn't take a powerful computer to make and distribute a virus. That would be pointless. Any such crippling would probably be more effectively done by restricting protocol usage (e.g. number of connections per second, etc.) given that the biggest threat consumer devices pose to industry is in their DDoS and botnet potential.
Just be glad the thieves over on Wall Street don't seem to have figured out how to make enough money of prior knowlege of a corporate security incident to justify the assumed risk
Re: (Score:3)
Yeah...because there were *never* cyberattacks or worms before Stuxnet. Damn you, Obama, for giving rise to hacking and malware!
Re:Leveling the field (Score:5, Interesting)
I think he meant *U.S. sanctioned attacks*. When Egypt was rounding-up and tossing people in jail w/o trial, they pointed to the U.S. and said, "The Americans do it, so it must be okay." Now other powers like Iran, Israel, Turkey, etc are saying the same thing about cyberattacks: "The Americans did it so it must be okay."
America sets the example of how a human rights-protecting Republic should act, and lately we've been setting a very bad example by Not respecting basic individual rights.
Re: (Score:2)
I'm pretty sure that China and Russia along with countries like Venezuela have done a very fine job of setting an example of not respecting individual basic rights.
Re:Leveling the field (Score:4, Insightful)
But they aren't America. People don't expect China or Russia to be "good guys" or protective of basic rights. America has fulfilled that role for the las 200 years, so if we do something like shoot guns at a crowd, other think it must be okay. "The world's symbol of democracy is doing it, so we can do it too."
Re:Leveling the field (Score:4, Interesting)
We should demand that the U.S. behave in an ethical fashion, but I'm not sure what is supposed to be unethical about Stuxnet or Flame. The Iranians have secretly launched a program that will allow them to enrich uranium to weapons grade. Since Iran is swimming in oil and natural gas, this is a pretty clear signal that the regime wants to build a nuclear bomb, or at the very least, they want that option on the table. Rather than bomb the facility, and putting American pilots and Iranian civilians at risk, the U.S. and the Israelis blew up their centrifuges with a virus. That's a hell of a lot more humane than dropping bunker-busters from a B-2. As for Flame, it spies on people... and yeah, espionage is sort of a dirty business, but it's always been that way, long before the internet. I don't see how spying digitally makes it any more unethical than planting a bug in their office. There are weapons that are by their nature unethical- nuclear, chemical, and biological weapons, which are indiscriminant and cause a lot of suffering. But cyberwarfare isn't like that, it's capable of being extremely targeted and can neutralize a target without any loss of life or suffering.
Richard Clarke writes about this in his book Cyber War, and it's actually a pretty insightful take on the situation. His argument is that there's no point in some kind of blanket treaty against cyberwarfare. But, he argues, it makes sense to have policy and treaties that prohibit certain kinds of cyberwarfare. He argued that the banking system should be off limits. Civilian targets should be off limits. Attacking power grids and other infrastructure should be off limits, unless you'd already entered into a shooting war. So far, the U.S. appears to have restrained from these sort of attacks. You can't really say the same thing about certain other countries. North Korea has been involved in attacks against banks; Russia has attacked civilian sites, and China has supposedly spent years planting logic bombs that would allow them to turn off the lights in the U.S.
I think this view makes a lot of sense. Talking about banning cyberwarfare is sort of like looking at the Wright Brother's plane and saying that we should ban the use in aircraft in war because civilians might be targeted. First off, it's a legitimate tool of war. Second of all, it's gives you a tremendous military advantage, so it's going to happen, the only question is how. As a good rule of thumb, I think you could argue that if you'd be justified in dropping a bomb on a target, you're certainly justified in taking it out with a piece of code. Likewise, if it's not okay to bomb it, it's not okay to take it out with a logic bomb.
Re: (Score:2)
So far the only 'evidence' of that is unverifiable stories from paid informants and some blatantly forged documents. Every competent investigation has come up empty, including those whose stated goal from the beginning was to find a nuclear weapons program.
Iran has three large energy deposits, oil, gas and uranium, and only one of them is entirely unexploited at this time. With the worldwide bo
Re: (Score:1)
*sigh*... this again?
The Iranians have secretly launched a program that will allow them to enrich uranium to weapons grade.
Really. I thought that they've publicly launched a program that will allow them to enrich uranium, as they are legally entitled to as a signatory of the NPT. At least that's what the IAEA says, and they're the ones that have been regularly monitoring the program. I suppose it is possible that you have some inside source that knows otherwise, whose cover you're willing to blow by posting this on slashdot, but I find that unlikely.
Since Iran is swimming in oil and natural gas,
Iran has very limited oil refining infrastructure. They ac
Re: (Score:2)
>>>The Iranians have secretly launched a program that will allow them to enrich uranium to weapons grade
False claim made w/o ANY evidence to support it. At least when Idiot Bush attacked Iraq for having WMDs, he had some evidence (photos) to back him up. The current president has nothing and yet he's attacking anyway. That would be like if I said, "I don't know if you have a meth factory in your basement, and have zero evidence to back it up, but I'm going to start attacking your PCs with virus
Re: (Score:2)
What makes you think people don't expect China or Russia to be "good guys" or that people expect the US to be "good guys"? Chinese, Russian, and American politicians all claim their country to be beacons of some sort, leaders in progress, yet you only hold one of them to that claim.
Re: (Score:2)
Re: (Score:2)
" America has fulfilled that role for the last 200 years, so if we do something like shoot guns at a crowd, other think it must be okay."
Pointing to an example doesn't equate to actually giving a fuck about that example. Symbols are invoked as window dressing, that is all.
The world is NOT made up of simple "natives" who look up, wide-eyed, to what the White Colonial does then attempt to ape his ways.
Re: (Score:2)
America sets the example of how a human rights-violating Republic should act, and lately we've been setting a very bad example by Not respecting basic individual rights.
FTFY
Re: (Score:2)
Now other powers like Iran, Israel, Turkey, etc are saying the same thing about cyberattacks: "The Americans did it so it must be okay."
That's not even remotely close to being true- countries have been launching cyberattacks a long time before Stuxnet was discovered. Russia launched cyberattacks against Estonia in 2007 and then against Georgia in 2008 during the war over South Ossetia. North Korea allegedly launched a massive attack on U.S. government sites in 2009. In 2007, the Israelis used a cyberattack to disable Syria's air defenses so they could bomb the Syrian nuclear program. And China's supposedly been planting logic bombs and back
Re: (Score:1)
So... you're saying that before Stuxnet Iran wouldn't perform a cyber-attack?
Re: (Score:2)
"America sets the example"? I can bet if we were talking about some positive aspect, you wouldn't use such egotistical US-centric rhetoric. The fact is those countries you listed would have done what they did no matter what, and used whatever excuse was convenient to them.
Re: (Score:2)
Yes they would have however it could have made them pariahs on the world stage. Now if we ever condim such an attack or take umbridge It's gonna ring a bit hollow, the first reachion is going to be "well you are not exactly above that sorta thing either". It's not how you build coalitions and reliable partners
i will say this ONLY once (Score:1)
these attacks are done by govts NOT hacker groups any more mention in articles blaiming us we will begin to target bad news posters
the fucking leader of the largest hacker group on earth.
CHRoNo
p.s. smarten the fuck up you wankers
Re: (Score:2)
Re: (Score:2)
Don't forget, once slavery got "legalized" by tribes in Africa, it became ok to trade slaves across the Atlantic. Oops, that reasoning doesn't work.
Re: (Score:2)
Not sure what history you read but yea people pretty much decided it was okay after that for the better part of century. They even defended that position with their lives.
Re: (Score:2)
What I meant was that slavery by Africans had no effect on the general progression of slavery in the world, because institutionalized slavery is ancient and it had tremendous inertia. The US was going to be a part of the Atlantic slave trade with or without African slave lords, in the same way that cyberattacks were going to happen with or without Stuxnet
Office Computers Infected, Film At 11 (Score:1)
The fact that it's specifically an 'Oil Production' company doesn't seem relevant here, unless I'm missing something.
Re: (Score:2)
But, OIL! Shit! Fuck! (runs in circles screaming in terror).
Imagine the fapulent esplody pyroconsequences!
And yes, I've heard of this:
http://en.wikipedia.org/wiki/Siberian_pipeline_sabotage [wikipedia.org]
Sensationalism at its finest (Score:4, Insightful)
So, office computers got infected with viruses, and the headline makes it sound like their entire production was shut down. Yawn.
Re: (Score:3)
I always subscribe to the public/DMZ/private method of network design. The three only meet through the routers, and from the private side, the DMZ is just as untrusted as the public side. In this company's case, apparently either the office computers are able to more directly reach the DMZ segment than they shoul
Re: (Score:2)
Re: (Score:2)
The blurb first says it's their website, but then says it's their office computers, which is more serious.
Really?!? Some office drones (finance, lawyers, secretaries, perhaps geologists & geophysicists) have stuffed up Win* boxes. Big deal.
Then it says they're notifying their suppliers of this by fax, which sounds bad. Not "wells are exploding" bad, but if email is down, things like payroll or maintenance records might also be down, and indirectly affect production.
You mean petroleum production companies put critical production and maintenance data in MS-SQL or Oracle or MySQL running on Windows servers which can be taken down by malware?
Boo. Hoo. I've worked most of my life with O&G prospecting and production companies. They are *stupid* rich and *stupid* cheap. If this happened to any of them, they asked for it. It's no
Re: (Score:1)
Not necessarily intended to be sensationalist. "Offline" means different things in different contexts, but often people (even we humble nerds) get stuck in whatever context they're used to using. It might not have occurred to submitter or the editor at all.
I told Strickland propane not to use MySpace (Score:2)
I told Strickland propane not to use MySpace and now I need to call dale's dead bug they do pc work now as well.
Who benefits... (Score:3, Interesting)
from doing all these electronic raids over the Middle-East?
Some think the rising tension these 'accidents' are causing will build up to a nasty conflict between US/Russia/China...
http://www.youtube.com/watch?v=beonoKiVYzY [youtube.com]
How about setting up some solar panels instead?
I'm looking at you... (Score:4, Funny)
Re: (Score:3)
Re: (Score:2)
"Quatari" [sic]???? (Score:1)
Argh.
Blackboard time. (Score:5, Insightful)
I will not connect industrial control systems to the internet.
...
I will not connect industrial control systems to the internet.
I will not connect industrial control systems to the internet.
Okay. Good. Now, onto the next set... I will not allow anyone to connect outside storage devices to any networked system.
...
I will not allow anyone to connect outside storage devices to any networked system.
I will not allow anyone to connect outside storage devices to any networked system.
Sigh. How effing hard is it to understand the concept of an "air gap"? Air -- something that doesn't conduct electricity or data. Gap -- a space between two other things. Jeez.
Re: (Score:2)
Waaaaah!
But that's not convenient...
Waaaah!!
Re: (Score:3)
Re: (Score:2)
Then connect the industrial control systems to a system that presents a limited API to an intranet that you can get to by VPN. Make sure that chokepoint machine requires strong authentication and that nobody gets to load external storage devices on it for any reason.
Most SCADA equipment seems to be designed assuming that everything on the network is trustworthy no matter what marketing might claim.
Know that this solution is a compromise and that you are increasing the odds that you'll find the tanks high a
Re: (Score:3)
Sigh. How effing hard is it to understand the concept of an "air gap"? Air -- something that doesn't conduct electricity or data. Gap -- a space between two other things. Jeez.
I'm not so sure about electricity (Do NOT try this at home, kids) but I am reasonably sure that the vast majority of 'air gaps' that I come in contact with (the ones between people's ears) don't conduct data well.
Which seems to be the crux of the problem.
Re: (Score:2)
Re: (Score:2)
I will not connect industrial control systems to the internet.
Actually (though I did not RTFA), it appears they got that bit right. Production was unaffected, though their website, office, and backroom (email & db) systems were compromised. Somebody there's cognizant of the concept of air gap, methinks.
Re: (Score:2)
Easy to understand, not easy to convince management that they do not need live production stats from sites all around the world on their office computers.
Sometimes the specification of what the system "MUST DO" rules out air gaps... It is stupid, but if the customer signs off on the security implications fuck it... Their problem, not mine.
Re: (Score:1)
Read the article. the attack was restricted to office computers.
Re: (Score:2)
There is no letter U in Qatar.
http://en.wikipedia.org/wiki/Qatar
That's right. Most of slashdot are in the US.
Sorry. Could not resist.
*facepalm* (Score:5, Interesting)
Enough with the oversensationalized titles.
No. No, Rasgas was not knocked offline. Rasgas's WEBSITE was knocked offline. Their facilities or production were not affected even slightly.
Who the fuck even goes to corporate webpages anyway?!?
Re: (Score:2)
Who the fuck even goes to corporate webpages anyway?!?
Investors, regulators, competitors, and job hunters.
Re: (Score:2)
Who the fuck even goes to corporate webpages anyway?!?
Investors, regulators, competitors, and job hunters.
And crackers apprently.
A better question is who the fuck runs internet facing webservers on production networks? You crack my webservers you get the webservers, that's it. you don't get keys to the entire company.
Obligatory XKCD (Score:2)
http://xkcd.com/932/ [xkcd.com]
Re: (Score:2)
http://www.sandmaker.biz
http://www.shunkycrusher.com/ [shunkycrusher.com]
http://www.jaw-breaker.org/ [jaw-breaker.org]
http://www.jawcrusher.hk/ [jawcrusher.hk]
http://www.c-crusher.net/ [c-crusher.net]
http://www.sandmakingplant.net/ [sandmakingplant.net]
http://www.vibrating-screen.biz/ [vibrating-screen.biz]
http://www.mcrushingstation.com/ [mcrushingstation.com]
http://www.cnstonecrusher.com/ [cnstonecrusher.com]
http://www.cnimpactcrusher.com/ [cnimpactcrusher.com]
http://www.vibrating-screen.cn/ [vibrating-screen.cn]
http://www.stoneproductionline.com/ [stoneproductionline.com]
http://www.hydraulicconecrusher.net/ [hydraulicconecrusher.net]
Gee, a whole bunch of potential targets for Anonymous or LulzSec. Thanks! No, I'm not affiliated.
Segregate the dam network! (Score:2)
Split your internet network into seperate sub-networks and put firewalls in between. Stop being 'tards oil companies and let your IT people do the job you are paying them to do!
Said it before (Score:2)