ESET Threat Blog

[Update: that article "IMF and the weakest link" is now up on SC Magazine's Cybercrime Corner.]
In a recent article for SC Magazine (I'll post the link here when it gets posted) on the International Monetary Fund security breach, I focused on the implications of technological versus psychosocial threats and countermeasures. Not, of course, the first time I've … Read More…

It appears North Korea is expanding their cyber warrior savvy in a plan that includes sending the best and brightest of young programmers abroad to bone up on hacking, with the alleged goal of holding their own in cyber warfare. On the heels of the recent Pentagon announcement where cyber terrorism acts may be met … Read More…

Cyber Security pundits have been keenly watching the development of nascent state targeted attacks such as the Stuxnet worm with interest for some time and warning of the possible implications, but now it’s official. According to The Wall Street Journal,
“The Pentagon’s first formal cyber strategy, unclassified portions of which are expected to become public next … Read More…

The death of Osama bin Laden has gone viral, with blogs, social media and search engines pumping terabytes of rumor, innuendo and conspiracy theories at the speed of light, along with the occasional kilobyte of truth.  As the number of people searching for pictures and videos of bin Laden’s execution has skyrocketed, the criminal syndicates … Read More…

Added 5th March 2011 to the Stuxnet resources page at http://blog.eset.com/?p=5945.

Myriam Dunn Cavelty at Parliamentary Brief Online (29 October 2010): The real cyberwar is about beating the crooks and the spooks
Myriam Dunn Cavelty and Oliver Rolofs for Munich Security Conference: MSC Booklet Paper: From Cyberwar to Cybersecurity: Proportionality of Fear and Countermeasures

Hat tip to @vmyths, … Read More…

Some extra resources:

J. Oquendo takes a cold, clear look on Infosec Island at some of the hype that surrounds the Stuxnet story: Cyberterrorism – As Seen On TV
While Visible Risk, while by no means entirely negative about the Vanity Fair Stuxnet story (see http://blog.eset.com/2011/03/02/more-on-stuxnet), makes an entirely reasonable point about Irresponsible Sensationalism. I have to … Read More…

Now that cyberwarfare is out of the bottle, will anyone agree to not use it? In the summer of 1945 in New Mexico, the Trinity test gave rise to the term ground zero. Could Stuxnet may be measured as a definitive ground zero in cyberwarfare comparable to Trinity?
Concerning Stuxnet’s latest rise in China, David Harley … Read More…

In researching today’s SC Magazine Cybercrime Corner article “From sci-fi to Stuxnet: Exploding gas pipelines and the Farewell Dossier”, I came across this ‘Damn Interesting’ article which showcases the successful cyberwarfare compromise of a SCADA / pipeline control system nearly thirty years ago, an event which I had heard stories about in Navy circles but … Read More…

While the defining research on the Stuxnet topic doesn’t go this far, Forbes writer Trevor Butterworth went out on a limb to name names along with detailing the warfare aspects:

As I noted last week – and as the news media have only begun to grasp – Stuxnet represents  a conceptual change in the history of … Read More…

In a page directly out of Hollywood’s Terminator script the US Navy released details today about a rogue robot helicopter which diverted twenty-three miles penetrating restricted Washington DC airspace (ADIZ) after a complete loss of command and control on August 2nd due to “software anomaly.” Considering that a trojan-infected maintenance system is partially responsible … Read More…