ClearSky Cyberdefense Forum

At least 48 chemical and defense companies were victims of a coordinated cyber attack that has been traced to a man in China, according to a new report from security firm Symantec Corp.

Computers belonging to these companies were infected with malicious software known as “PoisonIvy,” which was used to steal information such as design documents, formulas and details on manufacturing processes, Symantec said on Monday.

http://www.msnbc.msn.com/id/45105397/ns/technology_and_science-security/#.Tq76lUOF9tM

SAN JOSE, Calif. — When a computer attack hobbled Iran’s unfinished nuclear power plant last year, it was assumed to be a military-grade strike, the handiwork of elite hacking professionals with nation-state backing.

Yet for all its science fiction sophistication, key elements have now been replicated in laboratory settings by security experts with little time, money or specialized skill. It is an alarming development that shows how technical advances are eroding the barrier that has long prevented computer assaults from leaping from the digital to the physical world.

The techniques demonstrated in recent months highlight the danger to operators of power plants, water systems and other critical infrastructure around the world.

http://www.huffingtonpost.com/2011/10/23/power-systems-hack_n_1027132.html

The data breach disclosed in March by security firm RSA received worldwide attention because it highlighted the challenges that organizations face in detecting and blocking intrusions from targeted cyber attacks. The subtext of the story was that if this could happen to one of the largest and most integral security firms, what hope was there for organizations that aren’t focused on security?

http://krebsonsecurity.com/2011/10/who-else-was-hit-by-the-rsa-attackers/

Computer hackers, possibly from the Chinese military, interfered with two U.S. government satellites four times in 2007 and 2008 through a ground station in Norway, according to a congressional commission.

The intrusions on the satellites, used for earth climate and terrain observation, underscore the potential danger posed by hackers, according to excerpts from the final draft of the annual report by the U.S.-China Economic and Security Review Commission. The report is scheduled to be released next month.

http://www.bloomberg.com/news/2011-10-27/chinese-military-suspected-in-hacker-attacks-on-u-s-satellites.html

Sensitive information concerning vital defense equipment, such as fighter jets, as well as nuclear power plant design and safety plans, apparently was stolen from Mitsubishi Heavy Industries Ltd. computers during a cyber-attack in August, sources said.

An internal investigation found signs that the information had been transmitted outside the company’s computer network, with the strong possibility that an outsider was involved.

This is the first time that sources have acknowledged that defense and nuclear plant information may have leaked from Mitsubishi Heavy’s computers due to a computer virus, despite the company saying it had taken appropriate safeguard measures.

The computers were found to have been hacked in August, and 83 computers were found to have been infected with a virus. Those computers were spread out over 11 locations, including the Kobe and Nagasaki shipyards that construct submarines and destroyers as well as the Nagoya facility that is in charge of manufacturing a guided missile system.

http://ajw.asahi.com/article/behind_news/social_affairs/AJ2011102415638

WASHINGTON (Reuters) – The U.S. Department of Energy has been hit by recent successful cyber attacks and needs to do more to protect its computer systems, the department’s internal watchdog said in a report on Monday.

The report by the department’s inspector general did not disclose who launched the cyber attacks or the consequences at four affected locations.

It also did not state explicitly that the National Nuclear Security Administration had been a target of the attacks, but the agency defended itself.

The National Nuclear Security Administration criticized the report for failing to recognize the effectiveness of its “layered” approach to cybersecurity, calling some of the problems identified in the report “isolated issues.”

http://sg.news.yahoo.com/cyber-attacks-against-energy-department-disclosed-163811018.html

The report :

http://energy.gov/sites/prod/files/IG-0856_0.pdf

The likelihood of a cyber war between the United States and China was dismissed by U.S. State Department officials in a press statement issued on Wednesday. The State Department is calling for the building bilateral trust to avoid such a troubling scenario.

In early 2011, there were several reports that the Chinese government had launched cyber attacks against the U.S. with allegations of Chinese intrusions of the web sites of U.S. military contractors.

There were also allegations that China illegal penetrated the Google e-mail accounts of several high-level U.S. officials. Government officials in China has denied the allegations of government involvement, but did not comment further.

http://www.examiner.com/law-enforcement-in-national/us-chinese-cyber-war-dismissed-by-state-department

The computer networks that control power plants and financial systems will never be secure enough, so government and corporate leaders should consider developing a new, highly secure alternative Internet, a top FBI official said Thursday.

Shawn Henry, the FBI’s executive assistant director, said critical systems are under increasing threat from terror groups looking to buy or lease the computer skills and malware needed to launch a cyber attack.

http://news.smh.com.au/breaking-news-technology/fbi-official-calls-for-secure-alternate-internet-20111021-1mazg.html

Hackers who infiltrated the Nasdaq’s computer systems installed malicious software on the exchange’s computers that allowed them to spy on scores of directors of publicly held companies, according to two people familiar with an investigation into the matter.

http://tvnz.co.nz/business-news/nasdaq-hacking-details-revealed-4478711

A QR code has a pretty big capacity (compared to a simple barcode) and is able to store 7089 numeric characters or 4296 alphanumeric characters; and it is more than enough to store text or URL.

https://www.securelist.com/en/blog/208193145/Malicious_QR_Codes_Pushing_Android_Malware