Blog: US Power Grid Infiltrated

SANS NewsBites Vol. 11 Num. 28 (4/10/2009)

US Power Grid Infiltrated (April 8 & 9, 2009)

US national security officials said that the computer networks of the country's electrical grid and other utilities have been infiltrated and seeded with tools that could potentially be used to disrupt communications, electricity, and other elements of the country's critical infrastructure. As yet, there have been no attempts made to use the software to cause damage. Most of the intrusions were not detected by the companies responsible for the systems, but by US intelligence. In light of this report, cyber security experts have begun urging the Federal Energy Regulatory Commission (FERC), the Nuclear Regulatory Commission (NRC) and the Energy Department to push for legislation that would grant them more oversight and authority to manage grid (cyber) security. Earlier this week, before reports of the intrusions, the North American Electric Reliability Corporation (NERC) recommended that energy companies look closely at how they identify critical assets and critical cyber assets. A link to NERC Vice President and Chief Security Officer Michael Assante's letter regarding a compliance survey on critical cyber asset identification can be found below.

http://online.wsj.com/article/SB123914805204099085.html

http://fcw.com/Articles/2009/04/08/FERC-needs-to-step-up-oversight-to-safeguard-grid.aspx

http://www.nextgov.com/nextgov/ng_20090408_1423.php

http://www.washingtonpost.com/wp-dyn/content/article/2009/04/08/AR2009040803904_pf.html

http://www.cnn.com/2009/TECH/04/08/grid.threat/index.html

http://www.eweek.com/c/a/Security/Before-Grid-Hack-Reports-NERC-Advises-Industry-on-Cyber-Assets-479748/

Q&A About Grid Intrusions:

http://lastwatchdog.com/chinese-russian-cyberspies-lurk-us-electrical-grid/

Assante Letter:

http://online.wsj.com/public/resources/documents/CIP-002-Identification-Letter-040609.pdf

[Editor's Note (Schultz): Over the years there have been many indications that security within electrical companies is deficient. The recent discovery of widespread malware ostensibly installed by agents of foreign countries should leave no doubt that this problem exists and that is is extremely serious given the critical role of the energy sector in the US critical infrastructure. I am thus appaled that all NERC is doing is recommending "that energy companies look closely at how they identify critical assets and critical cyber assets."

Recommendations in this arena abound, but they have been largely ignored. Mandates are now clearly necessary.]

Blog: Microsoft's intelligence security report: The top 5 takeaways

Microsoft's intelligence security report: The top 5 takeaways

Posted by Larry Dignan; April 8th, 2009 @ 2:15 am

Microsoft on Wednesday will unveil its sixth Security Intelligence Report and the tome—all 184 pages of it—has a lot of interesting data points culled from the software giant's antivirus applications. Microsoft concludes that rogue security software is a big threat, lost and stolen equipment is a bigger issue than hacking and PDF and Office extensions are leading vectors.

Blog: Quantum Computers Will Require Complex Software to Manage Errors

Quantum Computers Will Require Complex Software to Manage Errors
National Institute of Standards and Technology (04/07/09) Boutin, Chad

National Institute of Standards and Technology (NIST) theorists have demonstrated that a type of software operation, believed to be a solution to the fundamental problems with computer hardware, will not function as originally hoped, adding additional complexity to the development of quantum computers. If quantum computers are ever realized, they will use effects associated with atomic physics to solve enormously complicated problems. Prototype quantum processors have proven to be prone to errors caused by noise from stray electric or magnetic fields. To make error correction more efficient, researchers are designing quantum computing architectures to limit errors, including creating software that does not permit qubits to interact if their errors could compound one another. Quantum software with this property is called "transversal encoded quantum gates." However, the NIST team has proven that this software, which is heavily studied due to its simplicity and robustness against interfering noise, is insufficient for performing arbitrary computations, meaning any software that quantum computers use will have to be far more complicated and resource-intensive to ensure devices work properly. The NIST researchers mathematically proved that transversal gates cannot be used exclusively and that more complex solutions for error management and correction need to be found and deployed.

View Full Article

Blog: Microsoft and Facebook Team Up to Put the Kibosh on Koobface

SANS NewsBites Vol. 11 Num. 27 (4/7/2009)

Microsoft and Facebook Team Up to Put the Kibosh on Koobface (April 6, 2009)

Microsoft and Facebook are working together to protect users from the Koobface worm. Koobface spreads through Facebook and MySpace social networking sites and infects users who run vulnerable versions of Windows. It steals login information so it can hijack accounts and spam users' contact lists. The spam usually contains a link to what is billed as a video, but users who click the link are told they must download a program to watch the clip. If users agree to the download, their machines become infected with malware. Microsoft has added Koobface to its Malicious Software Removal Tool (MSRT), which removed nearly 200,000 instances of Koobface from more than 133,000 computers in two weeks.

http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=216403016

http://www.scmagazineuk.com/Microsoft-and-Facebook-join-forces-to-battle-and-crush-Koobface-worm/article/130153/

http://www.theregister.co.uk/2009/04/06/koobface_clean_up/