PDA

View Full Version : Nat'l Security The cyber war counter attack by Iran begins on Citi, BOA and JP Morgan Chase


BigRedChief
09-21-2012, 07:07 PM
http://news.yahoo.com/exclusive-iranian-hackers-target-bank-america-jpmorgan-citi-181945856--sector.html

(Reuters) - Iranian hackers have repeatedly attacked Bank of America Corp , JPMorgan Chase & Co and Citigroup Inc over the past year, as part of a broad cyber campaign targeting the United States, according to people familiar with the situation.


The attacks, which began in late 2011 and escalated this year, have primarily been "denial of service" campaigns that disrupted the banks' websites and corporate networks by overwhelming them with incoming web traffic, said the sources.


Whether the hackers have been able to inflict more serious damage on computer networks or steal critical data is not yet known. The sources said there was evidence suggesting the hackers targeted the banks in retaliation for their enforcement of Western economic sanctions against Iran.


Iran has beefed up its cyber capabilities after its nuclear program was damaged in 2010 by the Stuxnet virus, widely believed to have been developed by the United States. Tehran has publicly advertised its intentions to build a cyber army and encouraged private citizens to hack against Western countries.


The attacks on the three largest U.S. banks originated in Iran, but it is not clear if they were launched by the state, groups working on behalf of the government, or "patriotic" citizens, according to the sources, who requested anonymity as they were not authorized to discuss the matter.
They said the attacks shed new light on the potential for Iran to lash out at Western nations' information networks.


"Most people didn't take Iran seriously. Now most people are taking them very seriously," said one of the sources, referring to Iran's cyber capabilities.


Iranian officials were not available for comment. Bank of America, JPMorgan and Citigroup declined to comment, as did officials with the Pentagon, U.S. Department of Homeland Security, Federal Bureau of Investigation, National Security Agency and Secret Service.
A U.S. financial services industry group this week warned banks, brokerages and insurers to be on heightened alert for cyber attacks after the websites of Bank of America and JPMorgan Chase's experienced unexplained service disruptions.
NBC reported late on Thursday that the Iranian government was behind these attacks, citing U.S. national security sources. Reuters could not verify that independently.
Tensions between the United States and Iran, which date back to the revolution in 1979 that resulted in the current Islamic republic, have escalated in recent years as Washington led the effort to prevent Tehran from getting a nuclear bomb and imposed tough economic sanctions.
DISRUPTIVE CAMPAIGN
Denial-of-service campaigns are among the oldest types of cyber attacks and do not require highly skilled computer programmers or advanced expertise, compared with sophisticated and destructive weapons like Stuxnet.
But denial-of-service attacks can still be very disruptive: If a bank's website is repeatedly shut down, the attacks can hurt its reputation, affect customer retention and cause revenue losses as customers cannot open accounts or conduct other business.


Bank of America, Citigroup and JPMorgan Chase have consulted the FBI, Department of Homeland Security and National Security Agency on how to strengthen their networks in the face of the Iranian attacks, the sources said. It was not clear whether law enforcement agencies are formally investigating the attacks.


The Iranian attackers may have used denial-of-service to distract the victims from other, more destructive assaults that have yet to be uncovered, the sources said.


Frank Cilluffo, who served as homeland security adviser to U.S. President George W. Bush, told Reuters that he knows of "cyber reconnaissance" missions that have come from Iran but declined to give specifics.
"It is yet to be seen whether they have the wherewithal to cause significant damage," said Cilluffo, who is now director of the Homeland Security Policy Institute at George Washington University.


security experts said Iran's cyber capabilities are not as sophisticated as those of the China, Russia, the United States or many of its Western allies. Jim Lewis, a former U.S. Foreign Service officer, said Iran has been testing its cyber technology against Israel and other Gulf states in recent years
.
"It's like the nuclear program: It isn't particularly sophisticated but it makes progress every year," said Lewis, who is a senior fellow at the Center for Strategic & International Studies.

BigRedChief
09-22-2012, 07:22 PM
Not a single comment? No one understands this is an an act of war? They didnt try to break in and steal some secrets, they sought to destroy our financial system.

Lucky for us they suck at cyber war.

HonestChieffan
09-22-2012, 07:25 PM
Much ado about nothing

Bowser
09-22-2012, 07:28 PM
Not a single comment? No one understands this is an an act of war? They didnt try to break in and steal some secrets, they sought to destroy our financial system.

Lucky for us they suck at cyber war.

BEP will be along shortly to point out what a strawman column that is.

BigRedChief
09-22-2012, 07:29 PM
Much ado about nothingthis time maybe because Iran sucks at cyber.

Dont feel too safe because they are inept, your military and communications are semi-safe. But, your water, electricity and power grids are vulnerable as hell to someone or some country that knows what they are doing.

HonestChieffan
09-22-2012, 07:36 PM
I feel safe with big sis and Obama looking out for me

BigRedChief
09-22-2012, 07:40 PM
I feel safe with big sis and Obama looking out for meahhhhhh :grouphug:

qabbaan
09-22-2012, 07:40 PM
Not a single comment? No one understands this is an an act of war? They didnt try to break in and steal some secrets, they sought to destroy our financial system.

Lucky for us they suck at cyber war.

What do you propose we do that we aren't already?

ClevelandBronco
09-22-2012, 07:44 PM
Not a single comment? No one understands this is an an act of war? They didnt try to break in and steal some secrets, they sought to destroy our financial system.

We don't need their help with that.

BigRedChief
09-22-2012, 07:58 PM
What do you propose we do that we aren't already?"we" aren't doing shit because it costs money. And there is a bottom line that has to be met or in the case of the utilities a lack of expertise and know how.

The military has some of the best techs and techniques because security matters more than the cost of that security. Thats not the case concerning utilites. We as a country need to help our utilities get their act together or we are all going to pay the price.

HonestChieffan
09-22-2012, 08:30 PM
Costing money is not an issue. Obama is protecting us. all hail Obama

qabbaan
09-22-2012, 09:09 PM
I feel safe with big sis and Obama looking out for me

I'm sure Al Queda is terrified of Manet and the lesbian frat house she is running over at DHS

BigRedChief
09-22-2012, 09:43 PM
I'm sure Al Queda is terrified of Manet and the lesbian frat house she is running over at DHSDHS is a fucking joke.

KILLER_CLOWN
09-22-2012, 10:43 PM
Awwww the poor bankers, lets nuke iran for tha Bankstaz!

Save the Children....errr Save the Banksters..

Hmmm I smell another bailout...quick give them yer moneyz.

Comrade Crapski
09-23-2012, 06:42 AM
http://moonbattery.com/ben-bernanke.gif

BigRedChief
09-23-2012, 09:24 AM
Costing money is not an issue. Obama is protecting us. all hail ObamaYou can make jokes and pretend this is not a big issue. But, I know and I told you its a big deal.

At this point you can educate yourself or keep sticking your head in the sand.

J Diddy
09-23-2012, 09:27 AM
Awwww the poor bankers, lets nuke iran for tha Bankstaz!

Save the Children....errr Save the Banksters..

Hmmm I smell another bailout...quick give them yer moneyz.

I hope you giggle like this when Ahmed fukwad busts into your bank account and steals the contents of your checking account.

Maybe overly dramatic however let's not forget whose money are in those banks.

BigRedChief
09-23-2012, 09:34 AM
I hope you giggle like this when Ahmed fukwad busts into your bank account and steals the contents of your checking account.

Maybe overly dramatic however let's not forget whose money are in those banks.Banks are not the real issue. They need to improve but in the last 5 years they have made great strides in cyber security.

The main thing you should be worried about is our utilites. They will be yucking it up when they are without power for days/weeks because their power grid is controlled by computers and a state/country got by their lax security.

And then they will be on here going........... where was Obama?

BucEyedPea
09-23-2012, 11:19 AM
An act of war? On what, private businesses that are crooks and frauds?

Seriously, if we've been doing to same to them by sending computer worms, you expect them to just lie down and take it without retaliation? You're as bad as some of the NeoConservatives.

Meanwhile, the current Department of State has removed the Marxist-Islamist death and murder cult, Mujahedeen Khalq (MeK), from the US terror list this past Friday. They engage in murder and mayhem inside Iran against civilian targets. But since the US and Israeli's fund and train them, our terror is okay especially on people who weren't behind 9/11.

J Diddy
09-23-2012, 08:05 PM
Banks are not the real issue. They need to improve but in the last 5 years they have made great strides in cyber security.

The main thing you should be worried about is our utilites. They will be yucking it up when they are without power for days/weeks because their power grid is controlled by computers and a state/country got by their lax security.

And then they will be on here going........... where was Obama?

Well I'm going to have to disagree. If they're without power, they won't be on here.

:D

BigRedChief
09-23-2012, 08:10 PM
An act of war? On what, private businesses that are crooks and frauds? I said banks are the biggest issue. And as the wall street debacle made it plain, we are all dependent on each other and our shared infrastructure. You think you wont be effected by your utlitity companies being taken down? Your water supply compromised?
An act of war?
Seriously, if we've been doing to same to them by sending computer worms, you expect them to just lie down and take it without retaliation? You're as bad as some of the NeoConservatives.Yes, it was an act of war. They invaded our soverign territory with intent to do commit damage to the USA.

If a country was responsible for the stuxnut and flame virus in Iran. That would also be considered an act of war.

Chocolate Hog
09-23-2012, 08:44 PM
Let's send foreign aide to Iran's allies.


Oh wait

BucEyedPea
09-23-2012, 09:08 PM
Yes, it was an act of war. They invaded our soverign territory with intent to do commit damage to the USA.

Well, like I said, we invaded their sovereign territory circa 2003 and Bush and Obama have been ordering cyber attacks already on Iran.

If a country was responsible for the stuxnut and flame virus in Iran. That would also be considered an act of war.

Well, duh, who did that? The Stuxnet worm was developed by our CIA, other U.S. agencies and Israel. You completely ignored who started these acts of war. Pay attention to cause and effect sequences.


WASHINGTON—The U.S. is pursuing a wide-ranging, high-tech campaign against Iran's nuclear program that includes the cybersabotage project known as Stuxnet, which was developed by the Central Intelligence Agency in conjunction with Idaho National Laboratory, the Israeli government, and other U.S. agencies, according to people familiar with the efforts.

Through the administrations of President Barack Obama and his predecessor, George W. Bush, the U.S. has pursued a cyber campaign, code-named "Olympic Games," to attack the Iranian program, former officials said.

"It's part of a larger campaign," said a former U.S. official familiar with the efforts. "It's a preferable alternative to airstrikes."

http://online.wsj.com/article/SB10001424052702304821304577440703810436564.html?mod=googlenews_wsj

BigRedChief
09-23-2012, 09:20 PM
Well, like I said, we invaded their sovereign territory circa 2003 and Bush and Obama have been ordering cyber attacks already on Iran.

Well, duh, who did that? The Stuxnet worm was developed by our CIA, other U.S. agencies and Israel. You completely ignored who started these acts of war. Pay attention to cause and effect sequences.
http://online.wsj.com/article/SB10001424052702304821304577440703810436564.html?mod=googlenews_wsjI'm not publically acknowledging that the USA did anything against Iran.

BucEyedPea
09-23-2012, 09:24 PM
I'm not publically acknowledging that the USA did anything against Iran.

Well the Wall Street Journal has.

BucEyedPea
09-23-2012, 09:26 PM
The least you could do was not put up a thread making it look like Iran started an act of war, when it's a response to one.

BigRedChief
09-23-2012, 09:27 PM
Well the Wall Street Journal has.welllll that makes it a fact then. :facepalm:

BigRedChief
09-23-2012, 09:32 PM
The least you could do was not put up a thread making it look like Iran started an act of war, when it's a response to one.As I said whoever has been sabtoging their nuclear plants and killing their nuclear scientists could be accused of starting a war.

There is no evidence that was the USA. We have evidence that would stand up in a court of law in the USA that these attacks were directed by the Iranian government.

BucEyedPea
09-23-2012, 11:34 PM
There is no evidence that was the USA.

Absolute BS there's no evidence.

Testimony is part of the evidence. From same link:
It's part of a larger campaign," said a former U.S. official familiar with the efforts. "It's a preferable alternative to airstrikes."

They're just not talking enough because it's a covert action. Remember, those who are pushing this game believe in the Nobel Lie.

Garcia Bronco
09-24-2012, 09:29 AM
I promise you that more denial of service attacks come from China than anyone else. Stopping this is easy. Just cut off Iran from a public ip perspective.

patteeu
09-24-2012, 01:00 PM
Banks are not the real issue. They need to improve but in the last 5 years they have made great strides in cyber security.

The main thing you should be worried about is our utilites. They will be yucking it up when they are without power for days/weeks because their power grid is controlled by computers and a state/country got by their lax security.

And then they will be on here going........... where was Obama?

If it happens, Obama will deserve all the blame we can heap.

blaise
09-24-2012, 01:03 PM
Banks are not the real issue. They need to improve but in the last 5 years they have made great strides in cyber security.

The main thing you should be worried about is our utilites. They will be yucking it up when they are without power for days/weeks because their power grid is controlled by computers and a state/country got by their lax security.

And then they will be on here going........... where was Obama?

You're right. We should say, "where was Bush," or something instead.

Garcia Bronco
09-24-2012, 01:42 PM
If it happens, Obama will deserve all the blame we can heap.

How so?

If the utilities were nationalized...sure. But they aren't in most cases. they're private business.

Amnorix
09-24-2012, 02:29 PM
How so?

If the utilities were nationalized...sure. But they aren't in most cases. they're private business.


Because according to Pat, if a bear shits on your lawn, or a tree falls on your car, that's Obama's fault too.

:D

patteeu
09-24-2012, 03:26 PM
How so?

If the utilities were nationalized...sure. But they aren't in most cases. they're private business.

If we have so much warning that BigRedChief is sounding the alarm about the vulnerability then we either ought to be building an ironclad defense (likely not possible) or aggressively convincing them that it wouldn't be in their interests to attack us in that way (not Obama's style, IMO).

patteeu
09-24-2012, 03:27 PM
Because according to Pat, if a bear shits on your lawn, or a tree falls on your car, that's Obama's fault too.

:D

I saw an Obama sign lurking in the shadows around my neighborhood and the next thing I knew, my neighbor's mailbox was knocked off it's post. I don't have proof beyond a reasonable doubt, but I have my suspicions.

j/k There are no Obama signs in my neighborhood.

BigRedChief
09-24-2012, 06:08 PM
I promise you that more denial of service attacks come from China than anyone else. Stopping this is easy. Just cut off Iran from a public ip perspective.you guys are still not getting the issue. DOS can be launched by anyone who has access to google. It's the lowest hanging fruit there is in cyber. Your local grocery store should know how to prevent DOS attacks. This was just a test. It was too amateurish to be a serious attempt. If they can build nuclear plants, they can use Google and know of that website that for some reason this website blocks the name.

Cut off an IP range? Are you serious? Really? Dont you think they know thats the first thing we would do? They will launch from within the USA.

BigRedChief
09-24-2012, 06:09 PM
I saw an Obama sign lurking in the shadows around my neighborhood and the next thing I knew, my neighbor's mailbox was knocked off it's post. I don't have proof beyond a reasonable doubt, but I have my suspicions.

j/k There are no Obama signs in my neighborhood.Saw a couple more pop up in my neighborhood.

BigRedChief
09-24-2012, 06:17 PM
If we have so much warning that BigRedChief is sounding the alarm about the vulnerability then we either ought to be building an ironclad defense (likely not possible) or aggressively convincing them that it wouldn't be in their interests to attack us in that way (not Obama's style, IMO).UHHH it costs money to build out and more money to maintain. They say they cant afford it. Since its not a local group that will threaten it, but a country/state, the feds should pick up the cost.

So what happened, the Dems came up with a bill to attach to the patriot act and the Republicans killed the bill in committe. Saying the states and cities should pay the freight themselves, not the Federal government.

While we are arguing over how to pay for the increased security that everyone agrees needs to happen, our enemies increase the knowledge and capacity to do us harm.

But, WTH right Patteau....... It'll be Obama's fault the Republicans killed the bill.

patteeu
09-25-2012, 06:57 AM
UHHH it costs money to build out and more money to maintain. They say they cant afford it. Since its not a local group that will threaten it, but a country/state, the feds should pick up the cost.

So what happened, the Dems came up with a bill to attach to the patriot act and the Republicans killed the bill in committe. Saying the states and cities should pay the freight themselves, not the Federal government.

While we are arguing over how to pay for the increased security that everyone agrees needs to happen, our enemies increase the knowledge and capacity to do us harm.

But, WTH right Patteau....... It'll be Obama's fault the Republicans killed the bill.

Link?

Lzen
09-25-2012, 11:09 AM
Cut off an IP range? Are you serious? Really? Dont you think they know thats the first thing we would do? They will launch from within the USA.


Uhhhh.....

The attacks on the three largest U.S. banks originated in Iran

BigRedChief
09-25-2012, 04:40 PM
Uhhhh.....I was talking about a serious attack not the amateurish one this thread is about.

BigRedChief
09-27-2012, 06:43 PM
Biggest cyber attacks in history against banks
http://money.cnn.com/2012/09/27/technology/bank-cyberattacks/?source=cnn_bin

NEW YORK (CNNMoney) -- There's a good chance your bank's website was attacked over the past week.



Since Sept. 19, the websites of Bank of America (BAC (http://money.cnn.com/quote/quote.html?symb=BAC&source=story_quote_link), Fortune 500 (http://money.cnn.com/magazines/fortune/fortune500/2012/snapshots/2580.html?iid=EL)), JPMorgan Chase (JPM (http://money.cnn.com/quote/quote.html?symb=JPM&source=story_quote_link), Fortune 500 (http://money.cnn.com/magazines/fortune/fortune500/2012/snapshots/2608.html?iid=EL)), Wells Fargo (WFC (http://money.cnn.com/quote/quote.html?symb=WFC&source=story_quote_link), Fortune 500 (http://money.cnn.com/magazines/fortune/fortune500/2012/snapshots/2578.html?iid=EL)), U.S. Bank (USB (http://money.cnn.com/quote/quote.html?symb=USB&source=story_quote_link), Fortune 500 (http://money.cnn.com/magazines/fortune/fortune500/2012/snapshots/2950.html?iid=EL)) and PNC Bank have all suffered day-long slowdowns and been sporadically unreachable for many customers. The attackers, who took aim at Bank of America first, went after their targets in sequence. Thursday's victim, PNC's website, was inaccessible at the time this article was published.




Security experts say the outages stem from one of the biggest cyberattacks they've ever seen. These "denial of service" attacks (http://money.cnn.com/galleries/2011/technology/1107/gallery.common_hacks/?iid=EL) -- huge amounts of traffic directed at a website to make it crash -- were the largest ever recorded by a wide margin, according to two researchers.
Banks get hit by cyberattackers all the time and typically have some of the best defenses against them. This time, they were outgunned.
"The volume of traffic sent to these sites is frankly unprecedented," said Dmitri Alperovitch, co-founder of CrowdStrike (http://www.crowdstrike.com/), a security firm that has been investigating the attacks. "It's 10 to 20 times the volume that we normally see, and twice the previous record for a denial of service attack."



To carry out the cyberattacks, the attackers got hold of thousands of high-powered application servers and pointed them all at the targeted banks. That overwhelmed Bank of America (http://money.cnn.com/2012/09/18/technology/bank-of-america-site-down/index.html?iid=EL) and Chase's Web servers (http://money.cnn.com/2012/09/19/technology/chase-site-slow/index.html?iid=EL) on Sept. 19, Wells Fargo and U.S. Bank on Wednesday and PNC on Thursday. Fred Solomon, a spokesman for PNC, confirmed that a high volume of traffic on Thursday was affecting users' ability to access the website, but he declined to go into more detail.



Denial of service attacks are an effective but unsophisticated tool that doesn't involve any actual hacking. No data was stolen from the banks, and their transactional systems -- like their ATM networks -- remained unaffected. The aim of the attacks was simply to temporarily knock down the banks' public-facing websites.

BigRedChief
01-25-2013, 06:23 PM
PSA and public info: Credible cyber threat to us and others has been discovered. Shit is going to get real soon.

Australia is even in on the alerts now:
http://www.theage.com.au/opinion/political-news/gillard-puts-nation-on-cyberattack-alert-20130123-2d665.html

patteeu
01-25-2013, 06:29 PM
PSA and public info: Credible cyber threat to us and others has been discovered. Shit is going to get real soon.

Australia is even in on the alerts now:
http://www.theage.com.au/opinion/political-news/gillard-puts-nation-on-cyberattack-alert-20130123-2d665.html

If Iran was behind yesterday's AT&T outage, it's time to level the place.

2bikemike
01-25-2013, 06:32 PM
PSA and public info: Credible cyber threat to us and others has been discovered. Shit is going to get real soon.

Australia is even in on the alerts now:
http://www.theage.com.au/opinion/political-news/gillard-puts-nation-on-cyberattack-alert-20130123-2d665.html

We have been preparing for this for a couple years now at my work, so we are ahead of the game. I will say the country as a whole is way behind the 8 ball on this one. Even folks in the same industry are a bit behind.

CrazyPhuD
01-25-2013, 06:35 PM
Can I cyber Iran too? I'm feeling a bit randy!

BigRedChief
01-25-2013, 06:55 PM
We have been preparing for this for a couple years now at my work, so we are ahead of the game. I will say the country as a whole is way behind the 8 ball on this one. Even folks in the same industry are a bit behind.The cyber security experts tried to get a bill through congress to make them take just basic security steps to protect their networks. The republicans killed the bill. Government interfering with business. It was a bunch of BS. It was focused on utility, gas and other public "stuff" that we all use, not individual private business.

It's going to take a power outage in multiple states for people to wake the fuck up and secure their networks.

notorious
01-25-2013, 07:06 PM
"His name is Robert Paulson."

2bikemike
01-25-2013, 08:28 PM
The cyber security experts tried to get a bill through congress to make them take just basic security steps to protect their networks. The republicans killed the bill. Government interfering with business. It was a bunch of BS. It was focused on utility, gas and other public "stuff" that we all use, not individual private business.

It's going to take a power outage in multiple states for people to wake the **** up and secure their networks.

Thats not exactly true.

http://www.ferc.gov/industries/electric/indus-act/reliability/cybersecurity.asp

Cyber & Grid Security

The Energy Policy Act of 2005 (Energy Policy Act) gave the Federal Energy Regulatory Commission (Commission or FERC) authority to oversee the reliability of the bulk power system, commonly referred to as the bulk electric system or the power grid. This includes authority to approve mandatory cybersecurity reliability standards.

The North American Electric Reliability Corporation (NERC), which FERC has certified as the nation’s Electric Reliability Organization, developed Critical Infrastructure Protection (CIP) cyber security reliability standards. On January 18, 2008, the Commission issued Order No. 706, the Final Rule approving the CIP reliability standards, while concurrently directing NERC to develop significant modifications addressing specific concerns.

Additionally, the electric industry is incorporating information technology (IT) systems into its operations – commonly referred to as smart grid – as part of nationwide efforts to improve reliability and efficiency. There is concern that if these efforts are not implemented securely, the electric grid could become more vulnerable to attacks and loss of service. To address this concern, the Energy Independence and Security Act of 2007 (EISA) gave FERC and the National Institute of Standards and Technology (NIST) responsibilities related to coordinating the development and adoption of smart grid guidelines and standards.

BigRedChief
01-25-2013, 09:23 PM
Thats not exactly true.

http://www.ferc.gov/industries/electric/indus-act/reliability/cybersecurity.asp

Cyber & Grid Security

The Energy Policy Act of 2005 (Energy Policy Act) gave the Federal Energy Regulatory Commission (Commission or FERC) authority to oversee the reliability of the bulk power system, commonly referred to as the bulk electric system or the power grid. This includes authority to approve mandatory cybersecurity reliability standards.

The North American Electric Reliability Corporation (NERC), which FERC has certified as the nation’s Electric Reliability Organization, developed Critical Infrastructure Protection (CIP) cyber security reliability standards. On January 18, 2008, the Commission issued Order No. 706, the Final Rule approving the CIP reliability standards, while concurrently directing NERC to develop significant modifications addressing specific concerns.

Additionally, the electric industry is incorporating information technology (IT) systems into its operations – commonly referred to as smart grid – as part of nationwide efforts to improve reliability and efficiency. There is concern that if these efforts are not implemented securely, the electric grid could become more vulnerable to attacks and loss of service. To address this concern, the Energy Independence and Security Act of 2007 (EISA) gave FERC and the National Institute of Standards and Technology (NIST) responsibilities related to coordinating the development and adoption of smart grid guidelines and standards.This is just a starter package. It's Windows 2000 and we need to upgrade to Windows 2008 R2 like last year.

I will not be surprised to see something major attacked with the week. And I'm not talking the small potatoes ATT attack that happened this week.

2bikemike
01-25-2013, 09:36 PM
This is just a starter package. It's Windows 2000 and we need to upgrade to Windows 2008 R2 like last year.

I will not be surprised to see something major attacked with the week. And I'm not talking the small potatoes ATT attack that happened this week.

I woud be willing to bet any attack will be in the financial sector. I don't thing the Bulk Electric system is that vulnerable.

BigRedChief
01-25-2013, 09:40 PM
I woud be willing to bet any attack will be in the financial sector. I don't thing the Bulk Electric system is that vulnerable.Banks are 10X farther along than utilities. Most utilities are still allowing USB's to be plugged in by employees.

2bikemike
01-25-2013, 11:02 PM
Banks are 10X farther along than utilities. Most utilities are still allowing USB's to be plugged in by employees.

I work for a utility and I can tell you we are much further along than what you are implying.

Now there are some IPP's out there who are not on the bulk system that are not as far along and they are not necessarily required to be unless they are in the Critical Path for Black Start.

BigRedChief
01-25-2013, 11:22 PM
I work for a utility and I can tell you we are much further along than what you are implying.

Now there are some IPP's out there who are not on the bulk system that are not as far along and they are not necessarily required to be unless they are in the Critical Path for Black Start.I KNOW our current state. It's the northeast ones that are the most vulnerable. It's the USB's. It's going to hurt. Already happened 5 out 6 times in a test.

LiveSteam
01-25-2013, 11:34 PM
Has this been debunked?
BREAKING NEWS: SABOTAGE ATTACK? KEY IRANIAN NUCLEAR FACILITY HIT?

January 25, 2013

http://endtimeheadlines.wordpress.com/2013/01/25/breaking-news-sabotage-attack-key-iranian-nuclear-facility-hit/

BigRedChief
01-25-2013, 11:48 PM
Has this been debunked?
BREAKING NEWS: SABOTAGE ATTACK? KEY IRANIAN NUCLEAR FACILITY HIT?

January 25, 2013

http://endtimeheadlines.wordpress.com/2013/01/25/breaking-news-sabotage-attack-key-iranian-nuclear-facility-hit/no the unfortunate accident with cleaning supplies inside Iran's "double secret probation" nuclear plant has nothing to do with the ATT attack or the cyber warnings issues all over the world. Pure coincidence. I mean really, how much damage can cleaning supplies really do?

LiveSteam
01-25-2013, 11:54 PM
"double secret probation" nuclear plant

LMAO

BigRedChief
01-31-2013, 05:41 PM
Wall street Journal and the NY Times hacked by the Chinese military after publishing bad pr articles about China.

http://www.cbsnews.com/8301-205_162-57567010/wall-street-journal-chinese-hacked-us-too/

BigRedChief
02-01-2013, 10:55 PM
Twitter hacked. 250K account passwords compromised. China is responsible.
http://www.bloomberg.com/news/2013-02-02/twitter-says-attack-may-have-given-hackers-access-to-user-data.html

LiveSteam
02-02-2013, 12:29 AM
Twitter hacked. 250K account passwords compromised. China is responsible.
http://www.bloomberg.com/news/2013-02-02/twitter-says-attack-may-have-given-hackers-access-to-user-data.html

Lets put together an army of Trolls,& go fuck these guys up.

Fish
02-02-2013, 09:43 AM
Hacking Twitter? LOL... What's the point?

That's like a car thief stealing this:

http://img20.imageshack.us/img20/7055/kgrhqvhke323neobqcntzsm.jpg

blaise
02-02-2013, 02:35 PM
Guess what, as long as there's an internet there's going to be hackers. Good luck trying to stop it.

BigRedChief
02-02-2013, 08:22 PM
Hacking Twitter? LOL... What's the point?

That's like a car thief stealing this:

http://img20.imageshack.us/img20/7055/kgrhqvhke323neobqcntzsm.jpgit is better to remain stupid in silence than open your mouth and confirm it.

/some smart old dude

ClevelandBronco
02-02-2013, 09:27 PM
it is better to remain stupid in silence than open your mouth and confirm it.

/some smart old dude

I don't mind admitting that I can't figure out why anyone would bother hacking Twitter. Can you explain to me why this is might be important?

BigRedChief
02-02-2013, 10:12 PM
I don't mind admitting that I can't figure out why anyone would bother hacking Twitter. Can you explain to me why this is might be important?In general using public information and standard cyber security practices.

You are using a known state sponsored IP range to perform the attack. People are going to know who it was. First question? Why do you want other countries to know you did this?

Twitter supposedly has state of the art security due to a hack a couple of years ago. It's been touted in cyber security seminars.

If you wanted to let your enemies know of your capabilities to deter them from harming you. You need to publically show them those capabilities. A don't fuck with us statement. But, you didn't really harm your enemy.

By choosing a non military or essential part of the infrastruture a statement can be made without also a tremendous retribution from the cyber arm of the military in the territory that you invaded.

This is subtle genius. As opposed to the stupid ass lumbering hacks on the banks from Iran.

DaveNull
02-03-2013, 08:34 AM
I don't mind admitting that I can't figure out why anyone would bother hacking Twitter. Can you explain to me why this is might be important?


- snagging direct messages
- pulling credentials so that they could pivot to other accounts
- watching GPS coordinates for posts
- lulz

It's been touted in cyber security seminars.

Wut?

ChiliConCarnage
02-03-2013, 09:32 AM
I don't mind admitting that I can't figure out why anyone would bother hacking Twitter. Can you explain to me why this is might be important?

Information

If it was indeed China then it's probably so they could spy on their own people. China blocked twitter years ago. China has popular micro-blogging services like Sina Weibo. If you're circumventing their firewall in order to communicate over twitter they surely want to know why.

There's really only two reasons to do that. The largest percentage are going to be tech savvy people who just want to follow or interact with foreigners. Maybe you're a big soccer fan and want to follow Lionel Messi, etc.

The others are purposefully looking to communicate without the government being able to monitor them. Political dissidents, people trading in state secrets, tibetan supporters

BigRedChief
02-03-2013, 09:40 AM
The others are purposefully looking to communicate without the government being able to monitor them. Political dissidents, people trading in state secrets, tibetan supportersDo you even read what you write? If you are in I.T. you need some more education.

They are going to use twitter to communicate without the government knowing? :facepalm:

ClevelandBronco
02-03-2013, 01:41 PM
In general using public information and standard cyber security practices.

You are using a known state sponsored IP range to perform the attack. People are going to know who it was. First question? Why do you want other countries to know you did this?

Twitter supposedly has state of the art security due to a hack a couple of years ago. It's been touted in cyber security seminars.

If you wanted to let your enemies know of your capabilities to deter them from harming you. You need to publically show them those capabilities. A don't **** with us statement. But, you didn't really harm your enemy.

By choosing a non military or essential part of the infrastruture a statement can be made without also a tremendous retribution from the cyber arm of the military in the territory that you invaded.

This is subtle genius. As opposed to the stupid ass lumbering hacks on the banks from Iran.

Maybe. I appreciate the answer.

Information

If it was indeed China then it's probably so they could spy on their own people. China blocked twitter years ago. China has popular micro-blogging services like Sina Weibo. If you're circumventing their firewall in order to communicate over twitter they surely want to know why.

There's really only two reasons to do that. The largest percentage are going to be tech savvy people who just want to follow or interact with foreigners. Maybe you're a big soccer fan and want to follow Lionel Messi, etc.

The others are purposefully looking to communicate without the government being able to monitor them. Political dissidents, people trading in state secrets, tibetan supporters

I suspect that your answer is closer to the fact of the matter, and I have no problem with China spying on its own dissidents.

ChiliConCarnage
02-03-2013, 02:06 PM
Do you even read what you write? If you are in I.T. you need some more education.

They are going to use twitter to communicate without the gover nment knowing? :facepalm:

I've re-read it and I don't know what you're referring to unless you've never used twitter; you can direct message people privately just like e-mail.

BigRedChief
02-03-2013, 02:51 PM
I've re-read it and I don't know what you're referring to unless you've never used twitter; you can direct message people privately just like e-mail.Do you not think there are other avenues to message others privately?

Why would you use something so easily hacked? No underground taking it to the man would use Twitter for private conversations. That ship sailed years ago.

Ace Gunner
02-03-2013, 03:00 PM
be sure to wear safety goggles
http://www.knowthenetwork.com/wp-content/uploads/2010/11/tin-foil-hat-3.jpg

LiveSteam
02-03-2013, 03:05 PM
It just one of a 1000 coincidences. Nothing to worry about

ChiliConCarnage
02-03-2013, 03:34 PM
Do you not think there are other avenues to message others privately?

I don't know why you asked this but of course there are many options. Perhaps, they migrated over from gmail after the 2010 hacking of Chinese human rights activists accounts.

Why would you use something so easily hacked? No underground taking it to the man would use Twitter for private conversations. That ship sailed years ago.

Since when is Twitter easily hacked? This is the first time they've had their data breached and they caught it in the act and stopped it. Most companies don't know until months or years later. I think of twitter as having a strong reputation in terms of security and protecting privacy of user data.

Twitter’s efforts to recruit two of the security community’s most high profile hackers may seem a bit puzzling. But Twitter has been taking pains to prove to users that it aims to protect their privacy and, in some cases, anonymity, to a degree that trumps Facebook and even Google. It remains one of the only mainstream social media services that allows the use of pseudonyms. And it’s currently fighting a landmark legal battle to avoid having to turn over the tweets of Malcolm Harris, an Occupy Wall Street protestor who was charged with disorderly conduct last year.

All of those moves seem designed to define Twitter as a place where users–especially political vulnerable ones–can let loose with controversial political speech without worrying about being identified by government requests or kicked off the service. With the addition of security stars like Miller and Marlinspike, it seems Twitter is aiming to make sure those users are protected from less benevolent hackers, too.

BigRedChief
02-03-2013, 03:43 PM
Since when is Twitter easily hacked? Twitter personal accounts dumbshit. I was just talking about how Twitter's corporate security has advanced since the last time they were hacked.

I'm through talking to you. You are wasting my time with lame arguments. And, you are all red, there is usually a good reason for that.

Fish
02-03-2013, 03:49 PM
The world is in serious trouble if the Chinese take control our ability to type random insignificant bullshit online at 140 characters at a time....

The horror!

ClevelandBronco
02-03-2013, 03:54 PM
The world is in serious trouble if the Chinese take control our ability to type random insignificant bullshit online at 140 characters at a time....

The horror!

Do you know how much can be said in 140 Chinese characters?

Fish
02-03-2013, 03:57 PM
Do you know how much can be said in 140 Chinese characters?

Well I watch an awful lot of Kung Fu movies, and those dudes always say three times as much as what's in the subtitles.

BigRedChief
02-06-2013, 10:36 AM
Investigation is underway if the "anomaly" that caused the power outage at the Super Bowl was triggered electronically. If you had public info, what happened should have caused the entire Superdome to go dark.

BucEyedPea
02-06-2013, 10:40 AM
Investigation is underway if the "anomaly" that caused the power outage at the Super Bowl was triggered electronically. If you had public info, what happened should have caused the entire Superdome to go dark.

Beyonce's performance simply drained the juice and blew the circuit breakers. :D

BigRedChief
02-06-2013, 10:46 AM
Beyonce's performance simply drained the juice and blew the circuit breakers. :DNot directed at you BEP, Stupid ass people I swear...ROFL they have had several events in the Superdome since they did the electrical upgrade including the Sugar Bowl. The Superdome and the electrical company both say their tests show no issues. We know the cause is that the circuit got tripped. No one knows why it was tripped. Tests show nothing. How is that possible?

I doubt they ever admit to being hacked. Or someone on this inside tripped the switch as revenge against Goodell and the NFL for screwing the Saints.