Don't expose critical infrastructure. It's as simple as that.
Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks
An Iranian government-linked cybercriminal crew used custom malware called IOCONTROL to attack and remotely control US and Israel-based water and fuel management systems, according to security researchers. While IOCONTROL is a custom-built backdoor for hijacking IoT devices, it also has a "direct impact" on operational …
COMMENTS
-
-
Saturday 14th December 2024 15:55 GMT vtcodger
The problemis
If you ask me, the problem is that too many people think that not exposing critical infrastructure is simple. Y'know what? It's not simple at all. It's hideously difficult. Quite likely impossible with all the features of the modern Internet in place.
I doubt the answer is more/better technology.
I suspect the answer if there is one is likely to be a hell of a lot LESS technology.
And I'm pretty certain that the answer is not AI.
Keep in mind. Not only is the internet becoming a very bad neighborhood. It's getting worse. And, guess what, On the internet, every scumbag, sleaze artist, and malicious national agent on the planet is your next door neighbor.
-
This post has been deleted by its author
-
Monday 16th December 2024 15:08 GMT vtcodger
Re: The problemis
I should possibly have explained, but one can get only so much into one post. IMO, the problem isn't technology per se but rather the fact that it seems mostly to be built with way too much "Golly, Gee Whiz, Look at what THIS can do" and way to little "What could possibly go wrong?"
The result is all too often flawed attack surfaces stretching as far as the eye can see. We have what looks to be attack surfaces and flaws to last many decades already. The last thing the Internet needs would seem to be more flawed attack surfaces. You are free to think that more technology can somehow solve that problem without introducing as many exploitable flaws as it resolves. Maybe someone somewhere is smart enough to do that. It's not me. Or anyone I've ever encountered. No offense, but it's probably not you either.
-
Monday 16th December 2024 16:00 GMT Zolko
Re: The problemis
But this is nothing new: in the days of Windows95, when I was using Linux, lots of user laughed at me about the complexity of making stuff work, needing root account and password, where "they" only had to click and "it worked". Of course, only until it didn't, and then they came to me for help.
I suspect that some developers – and may-be managers – think that their job is to implement "features" that they can show off. And security is very difficult to demonstrate, even more difficult to parade with it in a meeting room, as it is mostly a negative demonstration : "try to break this system " is less sexy than "look how many colorful button this UI has ".
-
-
-
-
-
Saturday 14th December 2024 10:00 GMT Mike 137
"The malware was embedded in Gasboy's Payment Terminal"
How?
Although, as usual, the capabilities of the malicious agent once installed get reported in detail, the key issue of how it got in in the first place seems either to have been ignored or suppressed by the investigators. This is commonly the case, particularly where the intrusion has been reported as "a sophisticated attack" (and ultimately turns out to have been a complete push-over). The result is that improvement is hampered. Stopping the initial intrusion is the strongest defence there is, but you have to know what you're up against.
-
Saturday 14th December 2024 14:10 GMT Gene Cash
Re: "The malware was embedded in Gasboy's Payment Terminal"
If you go to gasboy.com it proudly says:
Military Grade Data Security
Data security is paramount to your organization. Gasboy's Islander PRIME employs data encryption so secure, it's approved by the US Military. Trust Gasboy to keep your data safe and secure.
So I think the "how" is going to be very heavily suppressed, as it would seem to embarrass a bunch of folks.
-
Saturday 14th December 2024 19:09 GMT that one in the corner
Re: "The malware was embedded in Gasboy's Payment Terminal"
> data encryption so secure, it's approved by the US Military.
A totally meaningless statement, and one we so often see in blurb.
Heck, they aren't even claiming it is "military grade" encryption!
Approved to do - what? Does the US military approve the use of ROT13 for the Xmas puzzle for the kids living on base? A passworded Zip file for emailing the entire month's worth of grocery orders from the kitchen to the QM stories?
-
Monday 16th December 2024 01:28 GMT Yet Another Anonymous coward
Re: "The malware was embedded in Gasboy's Payment Terminal"
The military doesn't use encryption, it plainly and simply calls a spade an "M1 manual entrenching and ground material transferal tool (Green) troops, for the use of"
( is it some US DoD security through obscurity program to cal every bit of kit an M1 ?)
-
-
-
Tuesday 17th December 2024 02:50 GMT ecarlseen
Re: "The malware was embedded in Gasboy's Payment Terminal"
You'd be surprised how awful a lot of this stuff is. I've seen gas pump terminals attached to the Internet with cellular modems with the admin interface over telnet (!) with a four-digit PIN. And not in Ye Bad Olde Days, in the last few years. I wouldn't be shocked if there were buffer overflows, input sanitization problems, etc. by the truckload in that software.
-
-
Monday 16th December 2024 01:35 GMT Yet Another Anonymous coward
A technical superior nation state enemy
So Iran is a theocracy where all education and science is subservient to the will of mad medieval mullahs. While North Korea is a state where the adult population all have to spend 10 years of "conscription" as unpaid agricultural labourers.
And yet both of these are apparently beating us at cyberweapons.
Where are our politicians with the vision to call for a solely bible based education and a return to field slavery - to counter the cyber threat .