Image 01 Image 03

Good and bad cyberwar news

Good and bad cyberwar news

First the good news, completely unconfirmed but great to speculate about:

Is the Stuxnet computer malworm back on the warpath in Iran?

Exhaustive investigations into the deadly explosion last Saturday, Nov. 12 of the Sejil-2 ballistic missile at the Revolutionary Guards (IRGC) Alghadir base point increasingly to a technical fault originating in the computer system controlling the missile and not the missile itself. The head of Iran’s ballistic missile program Maj. Gen. Hassan Moghaddam was among the 36 officers killed in the blast which rocked Tehran 46 kilometers away.

Next, the good news which is more likely confirmed than not:

For much of the last decade, as Iran methodically built its nuclear program, Israel has been assembling a multibillion-dollar array of high-tech weapons that would allow it to jam, blind, and deafen Tehran’s defenses in the case of a pre-emptive aerial strike.

Next, the not so good news which is confirmed:

Hackers gained remote access into the control system of the city water utility in Springfield, Illinois, last week and destroyed a pump, according to a report released by a state fusion center and obtained by a security expert.

The hackers were discovered on Nov. 8 when a water district employee noticed problems in the city’s Supervisory Control and Data Acquisition System (SCADA). The system kept turning on and off, resulting in the burnout of a water pump.

Forensic evidence indicates that the hackers may have been in the system as early as September, according to the “Public Water District Cyber Intrusion” report, released by the Illinois Statewide Terrorism and Intelligence Center on November 10.


Donations tax deductible
to the full extent allowed by law.


While Obama gives us rhetorical tropes, Israel gives us historical hope.

LukeHandCool (who would only add, put that in your hopey-changey pipe and smoke it, pathetic hipsters!)

Hire a $7/hr undocumented guest worker to sit on a stool by a phone and turn the pump on and off when told to.

SCADA systems have been the weakest link since….forever.

Old and never hardened–most likely, will have to be replaced with SCADA v.3 (or whatever) to become securitized.

    Owen J in reply to dad29. | November 18, 2011 at 7:32 pm

    SCADA does have issues, but I think they tend to be overblown. I’d love to see the source material for that Wired report. Wired tends to be goofy.

      Norris in reply to Owen J. | November 19, 2011 at 12:14 am

      If the story in Wired is right, it’s pretty ridiculous that an infrastructure agency would let a vendor log in with access to control equipment and apply software updates. That’s an unconscionable negligence about security.

      It reminds me of my job at a defense contractor. We made great efforts toward security (and had few lapses) because our jobs depended on it. We wouldn’t let a vendor touch a keyboard on site or access a computer remotely, but our engineers saw military personnel using rather casual security practices on their systems: passwords written on paper, etc. As usual, the private sector was more motivated to get it right than the government sector was.

Speaking of craters what was it I saw in Debka to the effect the blast was a screwup in mounting a [nuclear?] test warhead to their new nuclear capable missle?