Security concerns remain in the forefront of Information Technology issues. Recent news stories again emphasize the importance of consulting with expert professionals. Suppliers of E-commerce solutions for business and consumers need to be aware of the ongoing security issues and concerns.
First true SCADA-specific malware detected
Scott McPherson July 22, 2010
- TAGS:ACADA, enterprise, Siemens, smart grid, W32.Stuxnet
- IT TOPICS:Cybercrime & Hacking, Devices, Emerging Technology, LAN/WAN/Broadband/Wireless, Security, Windows
// <!–[CDATA[// Back in 1999, when I ran then-governor Jeb Bush’s statewide Y2K awareness and remediation effort, I first happened to learn about SCADA systems. What is SCADA, you ask? SCADA stands for Supervisory Control and Data Acquisition. SCADA systems basically are remotely-activated and remotely-operated devices that perform certain specialized functions. SCADA systems are used, for example, to monitor, open and close freshwater pumps; operate wastewater pumping systems; perform routine functions in power plants; perform functions in manufacturing plants, refineries, and other facilities; and monitor the next-generation electric “smart grid” that is becoming so popular these days.–>
In short, SCADA systems have become a vital component of the nation’s critical infrastructure, since so many SCADA functions deal with water, power, and heavy manufacturing processes. This, naturally, makes them an ideal target for terrorists and naughty nation-states.
The first SCADA devices were radio-controlled, which minimized but did not eliminate their vulnerabilities. Back during Y2K remediation, we worried that the “embedded systems” within those SCADA devices would fail come 1/1/2000. They did not, which was a decidedly good thing.
But today’s SCADA systems are almost all connected to some version of an internet, whether it be a private, sealed IP network or the greater Internet itself.
FBI says mastermind of botnet nabbed
Slovenian accused of creating code that infected some 12 million computers
by LOLITA C. BALDOR
updated 7/27/2010 10:08:07 PM ET
WASHINGTON — International authorities have arrested a computer hacker believed responsible for creating the malicious computer code that infected as many as 12 million computers, invading major banks and corporations around the world, FBI officials told The Associated Press on Tuesday.
A 23-year-old Slovenian known as Iserdo was snagged in Maribor, Slovenia, after a lengthy investigation by Slovenian Criminal Police there along with FBI and Spanish authorities.
His arrest comes about five months after Spanish police broke up the massive cyber scam, arresting three of the alleged ringleaders who operated the so-called Mariposa botnet, stealing credit cards and online banking credentials. The botnet — a network of infected computers — appeared in December 2008 and infected more than half of the Fortune 1,000 companies and at least 40 major banks.
Botnets are networks of infected PCs that have been hijacked from their owners, often without their knowledge, and put into the control of criminals.
Jeffrey Troy, the FBI’s deputy assistant director for the cyber division, said Tuesday that Iserdo’s arrest is a major break in the investigation. He said it will take the alleged cyber mastermind off the street and prevent him from updating the malicious software code or somehow regaining control of computers that are still infected.
Software developers and website designers must closely scrutinize security features prior to implementation. Major Information Technology companies are working to solve security issues.
July 28, 2010
Computerworld – Just a few short years ago, all a PC needed for protection was a basic antivirus program to guard against any malware that arrived via an e-mail attachment, embedded in a shareware application or piggy-backed on a floppy disk.
These days, however, the threat landscape has changed drastically. Now PC users have to cope not only with viruses, but also with spyware, spam, infected Web sites, adware, key loggers, phishing schemes and much, much more. It’s enough to make your head spin.
Information technology experts recognize the importance to consumers and E-commerce clients of preventing security breaches while developing software or web page design. Dedicated experts work diligently to continually supply updated solutions for the ever-changing security issues of our global community.