Iranian Hackers Compromised Airlines, Critical Infrastructure Companies 61
itwbennett writes: For the past two years, a team of Iranian hackers has compromised computers and networks belonging to over 50 organizations in 16 countries, including airlines, defense contractors, universities, military installations, hospitals, airports, telecommunications firms, government agencies, and energy and gas companies, researchers from IT security firm Cylance said in an extensive report released Tuesday (PDF). According to the report, "ten of these victims are headquartered in the U.S. and include a major airline, a medical university, an energy company specializing in natural gas production, an automobile manufacturer, a large defense contractor, and a major military installation."
Re: (Score:3, Informative)
Hold on. You have to slow down. You're losing it. You have to take a breath. Listen to yourself. You're connecting a computer bug I had with a computer bug you might have had and some religious hogwash. You want to find the number 216 in the world, you will be able to find it everywhere. 216 steps from a mere street corner to your front door. 216 seconds you spend riding on the elevator. When your mind becomes obsessed with anything, you will filter everything else out and find that thing everywhere.
Re: (Score:3)
Re: (Score:1)
guns
Re: (Score:1)
I can assure you they need no help from the Americans.
In before... (Score:3)
ha fucking ha (Score:2, Insightful)
So Stuxnet; what a fucking good idea. Let's all start a computer virus arms war. No blowback from that for first world computer dominated societies. No sir; none at all.
OTOH; at least the OpenBSD and SELinux guys may finally get a bit of attention; if only we can find some non compromised hardware to run it on.
Re: (Score:2)
You think that cyber-warfare started with Stuxnet? That's funny.
Who said it "started" with Stuxnet? (Score:5, Insightful)
Stuxnet/Duqu/FLAME and several other exploits were easily tracked to US 3 letter agencies and Israel. Stuxnet was the first Virus created by Government agencies (from any country) specifically intended to cause physical damage, not just perform non-destructive information gathering. Any idiot looking at the facts can make this determination.
Lets not neglect the fact that the US sponsors the largest group of black hat hackers in the world and claims "national security" when people complain about being hacked by them. I'm not talking about the porn spammers like we see out of Russia, I'm talking about people who actually cause physical, social, and financial damage to anyone and everyone including our "Allies".
Now compare what the NSA has done with what these "evil Iranian terrorist haxxors" did in terms of damage. There is no evidence that they did really anything except prove that they can behave like script kiddies. They stole a few files and some personal information, but this is what spear phishing does all the time and with much greater success than this group's 50 companies in a few years time frame. There is no evidence that they damaged anything at all, just a wild speculation which reads like typical fear mongering.
Before you ask for a citation, I'll simply point you to everything Snowden leaked. Not that empirical evidence is of any interest to you or anything...
injected by spearfishing component suppliers (Score:2)
> one thing a lot of people often overlook is that Stuxnet required physical infiltration of the Iranian lab to plant the virus. It also required someone
No, Stuxnet was injected by spearfishing and waterholing several companies that make components which later go into SCADA systems, some of which were used in the enrichment facility.
http://blog.kaspersky.com/stux... [kaspersky.com]
Note that the rest of your post is based on reasoning from your mistake about the initial infection. Also BTW, it's a worm, not a virus.
Only Fifty (Score:3)
Gees, talking about lame, only fifty organisations in then years, that's pretty lame, the NSA does that in about ten minutes. So if the Iranians are meant to be considered evil for doing it what does that make the NSA. Of course the most important thing not mentioned in the story was how significant were the hacks, how quickly were they discovered and how difficult were they to remove. Hmm, also were they discovered by the NSA just because the NSA was hacking those systems themselves and just discovered those 'other people's' hacks as a result.
PS. Due to the nature of the internet and the predilection of black hat hackers to use other people's computers, that they have already hacked, in order to reduce risk when targeting high risk targets. You are meant to say, hacks sourced out of Iran but you can not claim Iranians did it with out significant proof, for all we know the NSA could have conducted those attacks remotely via computers they had already hacked in Iran. So would the NSA do this, from all indications, abso'fucking'lutely, especially based on anti-Iran Israeli government policy and their ability to control their foolishly bumbling attack dog, Uncle Sam.
Re: (Score:3)
"Gees, talking about lame, only fifty organisations in then years, that's pretty lame"
And still didn't tell us what the sofistication level of those attacks was.
Given standard security practices I wouldn't be surprised if by "attack" they meant mounting an Internet-exposed SMB resource and leaving there a virus within a file named "kardashians-bottom-photos-pretty-please-dont-open.exe"
At least they didn't hack WoW (WoD) (Score:2)
Also, not that it matters, but Iraq is pretty much Iranian in leadership after Bush gave it to them.
Consequences.
Hackers has compromised computers? (Score:1)
What goes around comes around (Score:3)
There was a time Iran was an ally to USA.Iran is still an ally, but due to the interests of certain groups they are not allowed to be official ally and have to be in a role of the bad ones.
What would the country do if you realize, one day, that all your critical systems are infected/stuxneted by known and unkown malware?
Re:What goes around comes around (Score:5, Insightful)
Iran, like Cuba, decided to stop being treated like a colony.
That's so challenging to the American world view that they actually become hysterical.
Re: (Score:1)
No, Iran became an "enemy" when they had the gall to overthrow a US-backed dictator and *gasp* want to control their oil interests rather than being dominated by Western oil companies.
Re:What goes around comes around (Score:4, Interesting)
Actually, it has nothing to do with being treated as a colony. They're being punished for nationalizing US corporate infrastructure (not just some but ALL of it). It's the real reason rather than the bullshit reasons given in the past (like communism and they're a threat to the US because of their relationship with Russia ala Cuban Missile Crisis, etc.) I'm not saying this is a good reason, just trying to make it clear why they are being treated the way they are. Cuba is our example to the world of what happens when you do that shit.
Re: (Score:2)
So... thinking that their own country was their own.
Is it getting clearer why the rest of the planet hates you?
Re: (Score:2)
You do know what "nationalizing" means, right? It's flat out theft. And no country would be happy about that. If they would have covered the cost of all the confiscated infrastructure, they would be much better off right now. Again, I'm not saying that they should continue to be punished the way they have. In fact, I think it's gone on way too long. I'm just explaining why it is the way it is.
Re: (Score:1)
Oh, please, Khomeini was called in for the same reason the Shah was installed, to keep the Soviets out. There was no 'revolution'.
Re: (Score:2)
Oh, please, Khomeini was called in for the same reason the Shah was installed, to keep the Soviets out. There was no 'revolution'.
But why was Mosaddegh overthrown?
Re: (Score:1)
He was sick and going to die. The cover for his replacement was the show they put on. The US and Iran do remain as business partners, if not exactly political allies in this charade..
Re: (Score:1)
Sorry! My mistake. The shah was 'overthrown' because he was sick. The previous guy was trying to change the terms of the contract with British Petroleum's ancestor. That's grounds for a coup. You don't mess with big business
Re: (Score:2)
"Bullshit, Iran is not an ally"
And still Reagan's administration provided weapons to them.
Hmm (Score:2)
I find it far more likely that this company is run by Zionists and that many of the statements in the report are false or misleading. I'm sure there are hackers in every country. How hard would it be to drum up charges like this?
Good thing SCADA isn't on internet (Score:3)
And requires IE 6/XP and no security updates or anything.
For a minute I thought we were screwed where the utilities corrupt all our agencies so they can't enforce any polices to change this that would somehow cost MBA access to real time reports and money.
Re: (Score:2)
This. People with no industrial background love to blame the engineers for the security failings of SCADA and Distributed Controls, but we, like all good company drones, are at the mercy of the MBA shitheels and their bankster overlords. It's never been a technical problem. It's a money problem.
oh my god (Score:1)
Re: (Score:2)
Re: (Score:2)
government funding? (Score:2)
And I say this with no malice but how does anyone know where Cylance's bread is buttered? Attribution is very difficult and to say 'We are certain that' is a bit like calling a quantum mechanical state "certain" - its not but it might be a highly probable outcome.
Given the state of relations between the US and Iran (and Israel and Iran), it would make certain groups very happy for Cylance to announce these "findings." But the outsider has no way of knowing what government contracts Cylance has taken, dir
kaJ = Hack (Score:2)