[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] One of the "most dangerous hackers in the world"
From: InfoSec News <alerts () infosecnews ! org>
Date: 2018-10-24 5:41:18
Message-ID: alpine.DEB.2.20.1810240541000.9150 () ip-172-30-0-239 ! ec2 ! internal
[Download RAW message or body]
https://www.sueddeutsche.de/digital/hacker-russland-cyberangriff-1.4179866!amp
[Bing translate of German - WK]
By Jan Lukas Strozyk and Hakan Tanriverdi
Suddeutsche Zeitung GmbH
October 23, 2018
The hackers did not waste time on trivialities. They did not spy on the
office network, made no effort to divert data, did not use any software
that secretly photographed the screen. This was not one of the usual
espionage operations, the digital attackers pursuing a different goal at
the gas power plant in Saudi Arabia. They have targeted safety systems
that protect people and the environment. They accepted that people die.
Back in the summer of 2017 , they sneaked straight into the production
networks. Where the plants of the gas power plant were operated.
The following cyberattack is considered one of the most dangerous in
recent years. IT security experts see it as a blatant escalation of the
already increasingly aggressive digital burglaries. Now there is a trail
to the perpetrators. A state laboratory affiliated to the Russian military
is said to have played an essential role in the preparation of the attack:
the "Central Scientific Research Institute for Chemistry and Mechanics",
located in Moscow. This is from a report by the IT security firm Fireeye
to their paying customers out - he is not public. The report is available
Süddeutscher Zeitung, NDR and WDR.
Enormous excitement in German security agencies
Fireeye is considered one of the market leaders in the analysis of hacker
attacks. The company was commissioned by the operator of the power plant
with the investigation of the attack. The suspected Moscow Institute is
owned by the state and has existed since 1894. In the tsarist period,
people started experimenting with gunpowder. Today, the laboratory has
specialized in the development of military equipment. The report said that
the staff of the Moscow Institute had, among other things, the task of
allowing hackers to penetrate unnoticed in the network.
Immediately after the attack became public knowledge in December 2017,
employees of the Federal Office for Information Security (BSI) responsible
for IT security met for weeks with companies in the chemical industry.
After all, hundreds of industrial plants in Germany use similar security
systems. The actions of the attackers in Saudi Arabia were analyzed in
detail. Two sources confirmed that experts from the agency and the
companies have reconstructed key steps in the attack in a specially
equipped test environment. In June 2018, the BSI publishes technical tools
that help companies detect such attacks at an early stage.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic