Archive

Posts Tagged ‘cyber attack’

Cyber-attack concerns raised over Boeing 787 chip’s ‘back door’

Source: guardian.co.uk

Two Cambridge experts have discovered a “back door” in a computer chip used in military systems and aircraft such as the Boeing 787 that could allow the chip to be taken over via the internet.
The discovery will heighten concerns about the risks of cyber-attacks on sensitive installations, coming on the heels of the discovery this week of the ’Flamer’ virus which has been attacking computer systems in Iran, Syria and Saudi Arabia.
In a paper that has been published in draft form online and seen by the Guardian, researchers Sergei Skorobogatov of Cambridge University and Chris Woods of Quo Vadis Labs say that they have discovered a method that a hacker can use to connect to the internals of a chip made by Actel, a US manufacturer.
“An attacker can disable all the security on the chip, reprogram cryptographic and access keys … or permanently damage the device,” they noted.
Woods told the Guardian that they have offered all the necessary information about how the hack can be done to government agencies – but that their response is classified.
“The real issue is the level of security that can be compromised through any back door, and how easy they are to find and exploit,” Woods said.
The back door may have been inserted by Actel itself, whose ProASIC3 chip is used in medical, automotive, communications and consumer products, as well as military use.
More here: http://www.guardian.co.uk/technology/2012/may/29/cyber-attack-concerns-boeing-chip
Advertisements

Virus could disable cyber attack source

Space Daily;

Japanese computer scientists say they’ve developed a computer virus that can be launched online to track down and disable the source of a cyber attack.

While many computer experts say they remain skeptical, such a development would solve one of the major problems encountered by the online security community — the so-called source attribution problem.

Attackers can launch malicious viruses or denial of service attacks by using layers of proxy servers or a botnet to disguise their source Internet address, masking the true origination of the attack. The Japanese company Fujitsu, working on a three-year project for the Japanese Ministry of Defense, said it’s not only worked out how to solve this attribution problem but also how to destroy any attacking code it meets en route, NewScientist.com reported Wednesday.

“The “virtual cyberweapon” has passed tests in closed networks in which it jumped between attacking computers, reached the origin of the attack and sent back ID information to its controllers, the Yomiuri Shimbun reported.

Rik Ferguson, director of security research at British company Trend Micro, says he’s not so confident in the results.

“It is not a simple matter to ‘break into’ a computer that is found to be part of a chain of attack,” he said. “If it were possible to backtrack through every stage of the attack chain and examine data then this task would be made significantly more simple, but that is and remains a major challenge ethically, legally and technologically.”

Security firm Imperva warns a defensive virus such as Fujitsu’s could be “a disaster in terms of going after the wrong people.”

U.S. intelligence officials concerned about cyber attack

Director of the CIA says such a terrorist attack is ‘a real national security threat’ that would damage financial and government systems.

A major cyber attack somewhere in the United States is becoming increasingly possible, top government intelligence officials said Thursday, warning that an assault on America’s power grid system “represents the battleground for the future.”

The officials, speaking at a special hearing on Capitol Hill, also said that although Al Qaeda has been diminished after nine years of the U.S. war on terror, more foreign groups have risen up, increasing concerns among U.S. authorities that one of them may eventually get their hands on a nuclear device.

“I don’t think there’s any question but that this is a real national security threat that we have to pay attention to,” CIA Director Leon Panetta said of a cyber attack in this country. “The Internet, the cyber arena … this is a vastly growing area of information that can be used and abused in a number of ways.”

With that in mind, he told the House Permanent Select Committee on Intelligence, “when it comes to national security, I think this represents the battleground for the future. I’ve often said that I think the potential for the next Pearl Harbor could very well be a cyber attack.”

Panetta said terrorists are determined to find a way to hack into the power grid system in the United States, which he said “brings down the financial system, brings down our government systems. You could paralyze this country.”

He noted that extremists in Iran, Russia and China are developing “a significant capacity” to stage such an attack, and that “hundreds of thousands” of attempts are being made to sneak into national security networks.

“We’ve got to develop not only a defense against that,” he said, “but we’ve got to put our assets in places where we can provide sufficient warning that these attacks are coming”.