Deciphering Stuxnet

Posted: July 12th, 2011 | Author: | Filed under: Blog | Tags: | Comments Off on Deciphering Stuxnet

Most viruses try to do stuff like steal passwords, credit card numbers, or secret information. Very few try to actually affect our physical world. The Stuxnet virus, on the other hand, was developed for one purpose: to surreptitiously and gradually destroy centrifuges at a specific nuclear facility in Iran. It was deployed via usb sticks, expoited four zero-day weaknesses in Windows, and executed subtle but damaging changes in centrifuge speeds in very specific machines. There’s a great article over at Wired about how computer security analysts (in particular Liam O Murchu at Symantec) analyzed & eventually determined the purpose of this unique malware.

via slashdot


Don’t accept Mice from Strangers…

Posted: June 27th, 2011 | Author: | Filed under: Blog | Tags: , | Comments Off on Don’t accept Mice from Strangers…

I think we’ve all been reading about the increasing onslaught of hacker penetration that has been going on lately. In a new angle on possible techniques, This piece in the Register describes how computer penetration testing firm Netragard successfully gained access into one of their clients’ PCs. They were forced into a unique solution by their client’s demand that they try to gain access without using the more common network-related intrusion methods (social media, telephony, etc). They also couldn’t break in & use the computers either, so an unobtrusive hardware solution was arrived at. In the photo above you’ll see their method in the underside of a common Logitech mouse. Inside is a Teensy USB development board (such as I have posted about before) along with a USB flash drive. Since the Teensy can be seen by your PC as a keyboard device they were able to program the device to execute keyboard commands that installed nasty intrusion software into the PC hard drive which within a few days remotely connected to Netragard’s servers through the internet.

To get the hardware into the company, they packaged the mouse with fake promotional documents and sent it to an employee, who of course tried it out.

How relevant is this type of intrusion? Check out this article over at Bloomberg. In particular:

The U.S. Department of Homeland Security ran a test this year to see how hard it was for hackers to corrupt workers and gain access to computer systems. Not very, it turned out.

Staff secretly dropped computer discs and USB thumb drives in the parking lots of government buildings and private contractors. Of those who picked them up, 60 percent plugged the devices into office computers, curious to see what they contained. If the drive or CD case had an official logo, 90 percent were installed.

!!!

via Adafruit