Tag Archives: Stuxnet

A Flame on the Cyberwarfare Horizon

Irony of fate: not even a day after the publication of a provocative article on the role of Cyber Warfare for maintaining peace, a new cyber threat appears, which is destined to leave an indelible mark on the cyber weapons’ landscape.

Today is one of those days that the Infosec Community will remember for a long time. It looks like the mystery of the malware targeting the Iranian Oil business a month ago has come to a solution, and it is not that kind of conclusion we would have hoped and expected.

read more

Cyberwarfare and the Principle of Deterrence

Cyberwarfare is generally considered asymmetric since, in theory, inside the cyber world “size does not matter” and a smaller and weaker state could declare a cyber war against an enemy, regardless of the size of the latter in the real world. Think for instance to the example of China and Philippines to quickly understand how this assertion can dramatically come true.

read more

The Unbearable Lightness of Being an APT

Or better “The Unbearable Lightness of (Human) Beings and APTs”. Immediately after my post on Cyber Weapons, I was pointed out that APTs are not Cyber Weapons. On a more general perspective, APTs are not things but (groups of) human beings who have the capability and the intent to target specific entries with multi-factor attacks. Said in few words an APT is not a “what” but is a “who”. On the other hand, how many could afford to hire (and pay) a double agent capable of implanting a malware inside a nuclear complex through an infected USB thumb?

read more

Middle East Cyber War: Revenge Of The Drones

In the same hours in which I was publishing my post on Cyber Weapons, news agencies all around the world have begun to release (few) details about a new alleged Cyber Attack targeting the Iranian Oil Ministry, the National Iranian Oil Company and several other state-owned businesses.

read more

What is a Cyber Weapon?

What is a Cyber Weapon? At first glance this seems an immediate question to answer, but should anyone try to analyze the meaning of this term more deeply, probably he would be quite surprised and disappointed in discovering that the answer is not so immediate since an exact definition has not been given (at least so far).

read more

Middle East Cyber War Timeline (Part 5)

Click here for the Middle East Cyber War Master Index with the Complete Timeline.

This week of Cyber War on the Middle East front, has shown a slight change on the Cyber Conflict trend. For the first time since January, psyops have deserved a primary role, maybe on the wake of the video released by the Anonymous against Israel one week ago. Not only the Jerusalem Post calls the video into question, but also argues that it may have been forged by Iran, identifying a state sponsored impersonation behind the entry of Anonymous in this cyber war.

read more

Another Certification Authority Breached (the 12th!)

2011 CA Attacks Timeline (Click To Enlarge)This year is nearly at the end but it looks like it is really endless, at least from an Information Security Perspective. As a matter of fact this 2011 will leave an heavy and embarassing heritage to Information Security: the Certification Authority authentication model, which has been continuously under siege in this troubled year; a siege that seems endless and which has shown its ultimate expression on the alleged compromise of yet another Dutch Certification Authority: Gemnet.

read more

October 2011 Cyber Attacks Timeline (Part II)

Halloween has just gone and here it is Part II of the October 2011 Cyber Attacks Timeline covering the second half (15-31) of this month.

From an Information Security Perspective, the 10th month of 2011 has been characterized by Duqu, the brand new Advanced Persistent Threat dubbed “The Sun Of Stuxnet”, whose echo is far from being silent (a brand new 0-day vulnerability targeting Windows Kernel has just been discovered in the Malware Installer). Duqu affected the timeline in two circumstances: not only the malware was discovered, but also an Indian Provider called Web Werks had some servers seized from a Data Center in Mumbai because they were discovered to be involved in the C&C communication of the infected endpoints.

read more

Stuxnet, Duqu, Stars And Galaxies…

NGC 6745 produces material densities sufficien...

In few circumstances I happen to deal with my old (and short) career of Astrophysical. Except when I enjoy to tell my friends the history of the Hubble Constant, and my delusion when I discovered that its value is greater than 50 (most precise determination is 72 ± 8 km/s/Mpc implying a forever expanding Universe which will likely  die of Entropy), the chances in which my current activity, information security, and my “would-have-been” career of Astrophysics overlap are really rare.

read more