Monday, December 22, 2014

"Coming soon: Forget the Sony hack, this could be the biggest cyber attack yet"

Oh my fargin'...
From Quartz:
...But according to cyber-security professionals, the Sony hack may be a prelude to a cyber attack on US infrastructure that could occur in 2015, as a result of a very different, self-inflicted document dump from the Department of Homeland Security in July.

2015: The year of Aurora?
Here’s the background: On July 3, DHS, which plays “key role” in responding to cyber-attacks on the nation, replied to a Freedom of Information Act (FOIA) request on a malware attack on Google called “Operation Aurora.”

Unfortunately, as Threatpost writer Dennis Fisher reportsDHS officials made a grave error in their response. DHSreleased more than 800 pages of documents related not to Operation Aurora but rather the Aurora Project, a 2007 research effort led by Idaho National Laboratory demonstrating how easy it was to hack elements in power and water systems.

Oops.

The Aurora Project exposed a vulnerability common to many electrical generators, water pumps and other pieces of infrastructure, wherein an attacker remotely opens and closes key circuit breakers, throwing the machine’s rotating parts out of synchronization causing parts of the system to break down....MUCH MORE