Free Essay

Information Tech

In:

Submitted By Ericlj20
Words 1413
Pages 6
The Virus Event
Mike Williams
Dr. James Wilson

Abstract

The world’s most complex malware ever created, the Stuxnet virus which was designed and enforced by the U.S. and Israel against Iran a few years ago, may have ended up infecting the International Space Station according to leading security analyst Eugene Kaspersky head of IT security at Kaspersky Labs. The virus was designed to only attack specific software and specific hardware in a specific uranium enrichment plant at Natanz, Iran. Stuxnet, however, isn’t at all specific on the targets it infects – basically it’s all over the world. It’s been long thought that only a country or organization with vasts amounts of resources could develop a virus of Stuxnet’s complexity. Last year, the Obama administration stepped out and confirmed that indeed the virus was made as a joint-operation with Israel against Iran, to nobody’s surprise frankly. A leftover from the Bush administration, Stuxnet operations were accelerated during Obama’s presidency and eventually launched against Iran.

How the virus works and propagated itself onto servers
It primarily spreads via USB sticks, which allows it to get into computers and networks not normally connected to the Internet. Once inside a network, it uses a variety of mechanisms to propagate to other machines within that network and gain privilege once it has infected those machines. These mechanisms include both known and patched vulnerabilities, and four “zero-day exploits”: vulnerabilities that were unknown and unpatched when the worm was released. (All the infection vulnerabilities have since been patched.) Stuxnet also acted like a rootkit – hiding its actions and its presence. It was the first virus to include code to attack Supervisory Control and Data Acquisition (SCADA) systems. Discovered by Sergey Ulasen in June, 2010, was at the time working for a small Belarus anti-virus company (VirusBlokAda). One of their customers in Iran had been experiencing a number of BSOD failures and wanted help finding the cause.
Research into that problem led to the discovery of the virus. The Stuxnet version discovered in June, 2010 initially spread through flash drives. *.lnk file on flash drive identifies a reference to a file (expected to be an icon). However, no test to verify, was used to reference a file on the flash drive that contained the virus. The virus was also able to propagate through P2P. Some of the machines expected to be network isolated, but might have access to infected machines through the use of RPC were discovered as having being infected. The infection process starts with 2 threads used to infect the logic controllers (PLCs). Then the first thread checks for candidate PLC files every 15 minutes. If it finds a candidate file, it infects it with one of two similar by unique infection sequences (A or B). The second thread monitors the PLCs, looking for a specific system data block (SBD) injected by the first thread. When the infected PLC’s begins its attack, this second thread contacts all other infected PLCs to coordinate the attack.
Graphic depiction of how the virus was able to replicate

Common Vulnerabilities for other utility companies

Utilities have two networks, a production network and a corporate network. The production systems are supposed to be kept off line. An industry practice known as creating an ‘air gap’ – so they aren’t vulnerable to viruses distributed via the Internet. But experts and industry officials say the risk of an cyber attack is nonetheless a great concern. They say these “air gaps” can be hopped if the two systems use common computer peripherals, such as printers or USB sticks, or if the production networks use public networks to send alerts. And while utilities follow industry standards regarding security, even industry officials admit these standards are not sufficient safeguards against the most significant threats.
Elements of the control infrastructure sometimes need to be updated, which can create a scenario in which workers bring in code and connect potentially compromised computers. Lax internal securities behind the firewall are also common vulnerabilities. Some networks have strong firewalls that protect their perimeter, but insufficient internal boundaries. In those cases, hackers who manage to penetrate a firewall can move around inside of an organization with relative impunity. Shared network gear and peripherals make it possible for production and corporate networks to share network routers. They also might share peripherals like faxes, scanners and printers, which can be connected to the Internet, creating a potential entry point for hackers.
People can move laptops, thumb drives and other devices and storage media from the corporate network to the control network. This may be forbidden by policy, but it may happen in practice. It is possible to build in protections so that computers assigned to a corporate network can’t work on a production network, but such defenses aren’t always put in place. Vulnerable supply chains are also a concern with utility companies. The hardware and software that companies use to build the control networks may not be safe, especially given the fact that economic pressures drive utilities to find the lowest cost provider. Some SCADA networks are connected directly to the Internet. Researchers have found thousands of industrial control systems that can be accessed from the Internet, according to a report from the Department of Homeland Security. DHS has set out to notify utilities when their systems are discovered online. If control systems send out status alerts to workers using devices that are connected to the Internet, those alerts can be used by hackers to gain access to a SCADA system.

Secure Coding efforts and practices to Mitigate Vulnerabilities

It’s key to always understand the developers' approach before starting a secure code review, talk to the developers and understand their approaches to mechanisms like authentication and data validation. Information gathered during this discussion can help jump-start the review and significantly decrease the time a reviewer spends trying to understand the code. If possible, use both manual and automated techniques for the review because each method to help find vulnerabilities that the other doesn't. In addition, try to use more than one automated tool because the strengths of each differ and complement the others.
Do not assess level of risk. Secure coding should not attempt to make judgments about what is acceptable risk. The review team should report what risk and vulnerabilities that are discovered. The customer uses the program's approved risk assessment plan to assess risk and decide whether to accept it or not. Focus on the big picture. When performing a manual review, resist trying to understand the details of every line of code. Instead, gain an understanding of what the code as a whole is doing and then focus the review on important areas, such as functions that handle login or interactions with a database. Leverage automated tools to get details on specific flaws.
It’s also good practice to focus on the big picture. When looking to mitigate risks in the review, you should resist trying to understand the details of every line of code. Instead, it’s best to gain an understanding of what the code as a whole is doing and then focus the review on important areas, such as functions that handle login or interactions with a database. Being able to leverage automated tools, to get details on specific flaws will ensure many risks that are discovered can be mitigated in an acceptable timeframe. Follow up on review points. After a review, hold a follow-up discussion with the development team to help them understand what the findings mean and how to address them. Stick to the intent of the review. Secure code review is not penetration testing. Review teams should not be allowed to "pen-test" a running version of the code because it can bias the results by giving a false sense of completeness

References

Forbes. (2014).The Story Behind The Stuxnet . Retrieved March 8, 2014 from http://www.forbes.com/2010/10/06/iran-nuclear-computer-technology-security-stuxnet-worm.html

Intelligent Utility. (2013).The Rise of Critical Infrastructure . Retrieved March 7, 2014 from http://www.intelligentutility.com/article/13/08/rise-critical-infrastructure-attacks-understanding-privileged-connection-and-common-thread

MITRE. (2013). Systems Engineering Guide. Retrieved March 5, 2014 from http://www.mitre.org/publications/systems-engineering-guide/enterprise-engineering/systems-engineering-for-mission-assurance/secure-code-review

ZME Science. (2013).The Stuxnet Virus that Crippled . Retrieved March 9, 2014 from http://www.zmescience.com/research/discoveries/stuxnet-virus-iran-internationa-space-station-05443/

Similar Documents

Premium Essay

Information Tech

...Questions 1-10 1. Information technology (IT) refers to the combination of hardware, software, and services that people use to manage, communicate, and share information. IT is important to businesses for reasons such as communicating with customers, efficiency of operations, security, and research capacity. 2. Business Profile: Is an overview of a company’s mission, functions, organization, products, services, customers, suppliers, competitors, constraints, and future direction. Business Process: Is a specific set of transactions, events, and results that can be described and documented. Business Process Model (BPM): Graphically displays one or more business processes, such as handling an airline reservation, filling a product order, or updating a customer account. 3. The main components of an information system are hardware, software, data/Information, processes/procedures, and people. Stakeholders are the people who have an interest in an information system. This includes the management group, the users (end users), and IT staff members. 4. A horizontal application is a basic software package system that can be adapted to common business processes for example inventory and payroll. A vertical application system is customized to meet the unique needs of a particular business, industry, or organization. 5. Companies use EDI to plan production, adjust inventory levels, or stock up on raw materials using data from another company’s information system. XML enables...

Words: 258 - Pages: 2

Premium Essay

Information Tech Acts

...Information Technology Acts J Lacy Parson BIS/220 4 Oct 2014 Lisa Paulson Information Technology Acts There were many different acts to choose from. Throughout the years so much as changed in terms of information technology, it seems that every year there are new issues. The most interesting to me were the No Electronic Theft (NET) Act, enacted in 1997 and the Federal Information Security Management Act of 2002. The No Electronic Theft Act protects copyright owners against infringement. According to Indiana University it makes copyrighted material “federal crime to reproduce, distribute, or share copies of electronic copyrighted works such as songs, movies, games, or software programs, even if the person copying or distributing the material acts without commercial purpose and/or receives no private financial gain.” (What is the No Electronic Theft Act 2014) This came from the progression that the internet made. The internet made is so easy to share information or download songs. It was a necessary act in my opinion. With blogs being such a big thing it also protected against someone claiming information as their own. The next very interesting act is the Federal Information Management Security Act of 2002. The act states that; “The Department of Homeland Security activities will include (but will not be limited to): overseeing the government-wide and agency-specific implementation of and reporting on cyber security policies and guidance; overseeing...

Words: 481 - Pages: 2

Free Essay

Information Tech

...CARIBBEAN EXAMINATIONS COUNCIL Caribbean Secondary Education Certificate CSEC ® INFORMATION TECHNOLOGY SYLLABUS Effective for examinations from May/June 2010 C XC 30/G /S YLL 08 1 Published by the Caribbean Examinations Council All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form, or by any means electronic, photocopying, recording or otherwise without prior permission of the author or publisher. Correspondence related to the syllabus should be addressed to: The Pro-Registrar Caribbean Examinations Council Caenwood Centre 37 Arnold Road, Kingston 5, Jamaica, W.I. Telephone: (876) 630-5200 Facsimile Number: (876) 967-4972 E-mail address: cxcwzo@cxc.org Website: www.cxc.org Copyright © 2008, by Caribbean Examinations Council The Garrison, St Michael BB14038, Barbados CXC 30/G/SYLL 08 Contents RATIONALE .............................................................................................................................................. AIMS ...................................................................................................................................................... 1 2 2 2 3 4 5 5 7 7 8 10 12 13 15 16 19 21 23 46 47 ORGANIZATION OF THE SYLLABUS .................................................................................................. SUGGESTED TIME-TABLE ALLOCATION .......................................................................................... FORMAT...

Words: 16882 - Pages: 68

Premium Essay

Information Tech

...credentials are offered. In the authentication action, the claimed identity of the user is confirmed. Following verification procedure is done; authorization is included in meaning of exactly what the user is capable of doing in the application. During all this procedure, the accounting procedure monitors the user activities. Much like in other security procedures, this technique is a sequence (Charndra & Calderor, 2005). If there is a break in one of the factors; the entire chain is likely to break apart. This attracts focus on the importance of verification system. The accounting as well as authorization is only likely after correct identification and verification of the users (Hiltgen et al., 2006). Effects of authentication for new information systems An application security has got the ability of trading off between the higher security level and much more functionality. For that reason after including more security to verification, the result is observed through decrease in the approval rate of users when enhancing the usability. As a result, it's very difficult to discover the most dependable system of verification which the users can approve. Users are always looking for latest features as well as applications whose interfaces will be simple to use. By the same token, these types of users convey concerns that the dangers continues to enhance. Additionally, the rules continue to push organizations as well as producers towards security of their clients’ secrecy. One...

Words: 570 - Pages: 3

Premium Essay

Information Tech

...September 11, 2013 By Timothy Hale, U.S. Army Reserve Command Chief Warrant Officer 5 Phyllis J. Wilson, the U.S. Army Reserve command chief warrant officer, shared what she sees as the top five qualities: strong character, strong leadership skills, technical savvy, across the board competence, and the capacity to be a counselor, adviser and mentor. "We want some of the best NCOs to come into the Army warrant officer corps," Wilson said. "You've got to be extremely good at your skill set: being a strong leader and knowing your technical skills so you can advise -- the same things that the rest of the Army leadership talks about." She said the competence a warrant officer must have is not only the technical aspect of their MOS, but also tactical competence. "Character -- that's not exchangeable for anything else," Wilson said. The path to becoming a warrant officer is not unlike the enlisted or officer career track. Once recruited, warrant officer candidates attend the five-week Warrant Officer Candidate School, known as WOCS, at Fort Rucker, Ala. "It's a very vigorous course of training," Peak said. "The course is designed for the cadre to evaluate the candidates' skills, qualities, and traits to ensure they are commensurate to what the Army expects of a warrant officer one." He said that individual skills and leadership capabilities are tested along with transition training from being enlisted to officer. * Copyright © 2013 TheHuffingtonPost.com, Inc...

Words: 3105 - Pages: 13

Free Essay

Information Tech

...02/19/13 Version 2.0 Blackboard Tips Before logging into Blackboard, clear the computer’s Temporary Internet files and Cookies by completing these steps: It is important to complete all steps. NOTE: ELLC Blackboard will not work with Internet Explorer Version 7. Internet Explorer* (Version 8 or 9) 1. Open a browser window 2. Select Tools from the menu options 3. Select Internet Options 4. In the Browsing history section, click Delete 5. Uncheck Preserve Favorites website data (if checked) 6. Check Temporary Internet files and Cookies (if unchecked) 7. Click Delete 8. Click OK 9. Close the browser window 10. Open a new browser window and access Blackboard Following the steps outlined above will help with common problems such as seeing a “red banner” error across the top of the screen in Blackboard, or not being able to see the SMTC Home tab or SMTC Course Catalog. Students may use their AKO username and password or CAC to enroll in a course.   Internet Explorer (Versions 8 and 9) works with both CACs do not work with Firefox To access Blackboard:        Go to https://ssi.ellc.learn.army.mil Log in using your CAC or AKO username and password Select the Courses menu item at the top of the screen Click on SMTC Courses in the Course Catalog area o A list of available courses will display Click on the down arrow next to the Course ID for your course and select Enroll Enter the Access Code provided by the instructor, and click Submit o An Action Successful message...

Words: 434 - Pages: 2

Premium Essay

It Information Tech

...Introduction Every student is obliged to pass all the subjects taken in a certain curriculum. In order for us to make it, we have to comply all the requirements and one of those is to participate in educational plant tour. Educational tour(s) purpose is to expose us student in real industries, manufacturing companies wherein we learn some of their processes, system and workflows. Educational tours are one of the main ways that us students can be drawn in to experience learning first-hand rather than by sitting in a classroom. Because not all students learn the same way. Some students are able to understand how something works only by seeing a hands-on demonstration or viewing the "real thing." Educational tour gives us ideas likewise opportunities to visit different industries or manufacturing companies that may help us visualize what we are learning at school. Also in this activity helps us develop our personality since social graces and etiquette are learned too by experience. Moreover, important to every student since it is a part of our learning process to acquire more knowledge through actual exposure to the different real manufacturing industries. Educational tour can inspire students to be excited more about the learning process. Visiting a new place, meeting new people and seeing and experiencing the things they learn about in the classroom provide ways that students can be stimulated by their environment. Rationale Going on an educational plant tour means more...

Words: 319 - Pages: 2

Free Essay

Information Tech

...research is done Population all over the world can work together now, despite living far in states or even countries. Before the Internet, we use to do research in different ways by going to the library using books and encyclopedias. Now a day you can use the Internet for anything you want, from researching an article, buying clothes, food, music and movies, and is the reason there is Internet law that is created to protect customers, brands and companies. An Internet law is the Communications Decency Act (CDA) in 1996, correcting the information in the websites. The purpose of this was to keep children and minors away from pornography. It is required that more laws concerning the Internet will be created and pass in order to protect consumers, buyers, marketers and businesses from the negative effects of misconducts or cybercrimes. Congress has to modernize almost daily with technological changes. Communication technology and new information available today are challenging the intellectual property system in ways that may be resolved with substantial changes, in a system or with new mechanisms to allocate both rights and remedies. Technological change is now leaving behind the legal structure that governs the system and is creating pressure to Congress to adjust the law to accommodate these changes. Some of the concerns are: Authors, publishers, filmmakers, and producers; representatives of the recording industry whose work can be released on the internet. This group...

Words: 403 - Pages: 2

Free Essay

Computer Information Tech

...are then distributed globally to computers connected to the internet to be completed by the Microtask’s workforce. By breaking these tasks into smaller, individual tasks, workers working on these tasks will not be able to identify information relating to the client or the larger task. The way how the company can have its microtasks to be completed in the shortest time is because Microtask supplies the workers everything needed to accomplish the task so they can focused on one screen without having to surf the internet to look for any other information. Not only is Microtask offering a software that breaks work into smaller tasks to be completed efficiently, CloudCrowd is offering the same thing. Microtask’s creation of this software might be the best innovation ever because it would really benefit any company who choose to use it. It will help increase companies’ efficiency a lot. Efficiency is what companies want because it is the key to improving their businesses and helping them prosper. Companies using this software can spend less time doing tedious and boring tasks because the software is developed to complete these tedious and boring tasks at a very fast rate for them. Compared to a regular worker doing tedious work like inserting information into the company’s database which will take a very long time to finish, the software can complete the task within seconds. It saves time in doing these kinds of work and the company can focus more on completing the more...

Words: 382 - Pages: 2

Premium Essay

Information and Communication Tech

...limited amount of copyrighted material for educational or research purposes? Correct Response: Fair Use Question 4Question Code: ICT-COMMv1-02-04-01-01 Users scan Web pages searching for keywords or headings that interest them. What should the text and image content on your Web pages contain in order to capture the visitor's attention? Correct Response: Clear, understandable, complete and concise information Question 5Question Code: ICT-COMMv1-02-05-03-02 Which part of an e-mail address identifies the Internet Service Provider (ISP) through which you can access e-mail? Correct Response: The domain name Question 6Question Code: ICT-COMMv1-02-05-06-02 Which term describes an online contacts list that contains the names, phone numbers and e-mail addresses of the people to whom you want to send e-mail messages? Correct Response: Address book Question 7Question Code: ICT-COMMv1-02-03-04-03 Which of the following should you practice to help ensure that you do not become the victim of a spammer or a cyberbully? Correct Response: Avoid revealing too much personal information on social network sites. Question 8Question Code: ICT-COMMv1-02-03-03-01 Which of the following describes a form of cyberbullying? Correct Response: Sending hurtful messages, posting mean comments or gossiping about others online Question 9Question Code: ICT-COMMv1-02-03-02-01 When communicating on social networking sites, it is...

Words: 711 - Pages: 3

Free Essay

Guillermo Furniture

...previous years and uphold the quality product their customers have come accustom to over the years. Guillermo Furniture Store Recommendation Analysis and Recommend Financial Decision The economy is weak, new competitors’ establishing a presents, Guillermo must tackle a tough decision, which is to become a furniture distributor or stay on the manufacturing side, or possibility do both. Guillermo understands that change is forth coming and he has to venture forward but the dilemma is what the best alternative is. First Guillermo must analysis the financial alternatives and establish which objective is beneficial for the company. The next step is to gather information and formulate a pro forma cash flow budget to analyze the projected earnings for the next five years for the company (University of Phoenix, 2007). Hi-Tech Option Guillermo established his wealth various years ago because of the low cost in labor along with an extraordinary location for manufacturing. The company’s success has held strong on those foundations until now. There are a few concerns for Guillermo that may cause the company to change the way it does...

Words: 2497 - Pages: 10

Free Essay

Mjlfdkjgl

...DARA & SON PVT. LTD Rohini, Sec. 29, New Delhi Research Paper by Manish Bhatt and Prabhudas Lilladher ATTRACTIVE MIDCAPS AMONGST RECENT IPO ISSUES:- [pic]Tech Mahindra and GMR Infrastructure have once again raised interest in the IPO segment. While Tech Mahindra and GMR Infra are obvious choices experts are also bullish on Nectar Life sciences, Unity Infra, All cargo Global and…With over subscription of Voltamp Transformer recently experts give attractive midcap picks from this fraternity for the long-term.   Future business model, sound managements, availability at prices below their issue price, attractive valuations, niche positioning within their industry and future growth are important reasons why investors should log on to these IPOs feel a bevy of experts Money control spoke with.   Apart from that Keynote Capitals in its report titled ‘Attractive Recently Listed Midcap Stocks’ have mentioned names like Nectar Life sciences, Repro India, Talbros Automotive and K Sera.   While a number of them are available at a substantial premium to their offer price, six of them are still quoting at a discount to their issue price.    Everest Kanto looks pretty good at current levels for the long term. All cargo Global also looks good in the recently listed midcap IPOs.   Both the companies are in a niche segment and have done quite well on the fundamentals post-listing. Everest Kanto ranks first as far as LPG cylinder manufacturing is concerned. It posted fairly...

Words: 1132 - Pages: 5

Free Essay

Globant

...a growing information technology (IT) enterprise that was founded in Argentina in 2003 by four engineers. These founders now make up Globant’s management team. Martin Migoya is the company’s CEO, and has an extensive background in business management, sales and marketing. Guibert Englebienne is Globant’s CTO, with experience in IT and communications. Martin Umaran is the COO, and has a background in executive and business management for technology companies. Lastly, Nestor Nocetti is the VP of Corporate Services, with experience in the IT industry. The four engineers saw an opportunity to start their company with the rapid growth of the IT outsourcing industry in India and China. They recognized that Latin America’s advantages in labor quality, labor supply and time zone would give them a leg up on their competition, even though both India and China have lower labor cost. By exploiting these advantages, they were able to grow at a rapid pace. By 2009, Globant had over 1500 employees and was generating three million dollars per month in revenue. Despite their success, Globant found themselves at a crossroads. For four years the founders pursued clients that needed IT expertise in anything under the broad spectrum of IT services. However, the management team recognized that Globant needed to target specific industries to remain competitive in the market. The team therefore, narrowed their scope to four very distinct market segments for further analysis: high-tech, telecom, travel...

Words: 1502 - Pages: 7

Premium Essay

Stanford Essay

...based on the advice available in Your MBA Game Plan. The question that he answers in this essay is: What are your short-term and long-term career aspirations? How will an MBA education further your development? Why does the academic experience offered at the Stanford GSB appeal to you? (Unlimited length) I work at the Information Technology industry since 1993, when I was recruited to the classified electronic surveillance unit of Israel Defense Force (IDF). Since I've advanced to management positions in a very early stage of my professional career (at the age of 19 I've already finished the IDF Technical Officers course and was positioned as a Team Leader commanding 8-10 network professionals and computer technicians), it was a natural step to continue my career on management positions in the industry after my release from the active duty at 1997. I started my civilian career as an Information Systems Manager at Mobile Solutions Ltd., a dynamic Ireland-based start-up company developing various hardware devices for mobile satellite antenna’s technology. During my military service I've come to realization that in order to be a successful manager in high-tech industry it isn't enough to have excellent technical expertise: in fact, I would say that technical capabilities aren't the most important ability of a technical manager. For instance, my team and another team in our military unit were competing about certain extremely interesting and well-funded technological project. The...

Words: 2709 - Pages: 11

Premium Essay

Hrm in Israel

...The transition from a Socialist approach to a free market approach and the rise of a new high-tech sector are two remarkable shifts that have occurred in the last two decades in Israel. In the face of these changes, human resource (HR) practitioners are currently expected to assume new roles, adopt different work values, and apply appropriate strategies. HR managers in the low-tech industry still adhere to traditional values and strategies, including a reliance on trade unions and an emphasis on job security and the employees’ years of work experience and seniority as key criteria for promotion. In the emerging high-tech sector, HR managers have adopted new values and developed new strategies, including human resource management programs, employee empowerment, higher salaries and better benefits, while placing an emphasis on employees’ talents and qualifications. Source: http://www.emeraldinsight.com/journals.htm/journals.htm?issn=01437720&volume=22&issue=3&articleid=848302&show=html&PHPSESSID=qj5kp1babsuadbfaj 47luam41 Recent changes in Israeli society and economy and their relation to Organizational Politics Over the past three decades, Israel has undergone significant economic, industrial and cultural transformations. These developments have shifted public values considerably and may indirectly affect OP and HR practices. For example, Sagie and Weisberg (2001) maintain that in recent years, Israeli society has gone from being ascetic...

Words: 1651 - Pages: 7