Navigation Links
Dam it! Chinese Hackers Tangling with US Infrastructure Again?

New York, NY (PRWEB) May 07, 2013

Last week, The Washington Free Beacon reported the US Army Core of Engineers suffered a potentially devastating cyber intrusion and data breach which US Intelligence agencies say was a China-based cyber attack. And the booty? How about sensitive information related to the vulnerabilities of every major dam in the US, all roughly 8,100 of them. Joe Caruso, founder and CEO/CTO of Global Digital Forensics, talks about the dangers that these type of two-pronged cyber attacks that ultimately target SCADA (Supervisory Control and Data Acquisition) systems, which are an integral part of the US infrastructure, and how regularly and professionally performed cyber threat assessments and penetration testing can play a vital role in shoring up defenses against cyber intruders, both foreign and domestic.

Cyber-spies are everywhere.

“Success on the battlefield has historically favored the side that is technologically advanced. And when you boil down technology today, at the core you always find data. Designs, simulations, production machines, delivery systems, transportation control, weapons systems, robotics, finances, healthcare, space-based systems, engineering, communications, it’s all run on data, and that makes it one precious commodity. In a technology-reliant society like ours, that also makes it a prized target for a multitude of attackers, each with their own agenda. Some attackers are politically motivated, some are driven by pure greed, some by ego, some are thrill-seekers, and yes, for some it’s about shifting the balance of power on a grand scale by using chaos and mayhem as their tools of choice. And when it comes to SCADA systems and critical infrastructure, the latter can pose a monumental threat that could actually put real lives at stake. Focusing more attention and resources on these dangerous cyber threats has never been more important for US organizations essential to our daily way of life.”

An infrastructure hack - a cascade of access

“The compromise of the U.S. Army Corps of Engineers’ National Inventory of Dams (NID) database is not only a pretty scary situation, it could also serve as a text-book example of how a cyber attack on our infrastructure can be realized. Though details have not been revealed yet about the particulars of the initial intrusion, to date the most common form of initial entry is through a successfully executed phishing or spear phishing campaign. Getting just one person in the organization to click on a link leading to a malicious site or opening an infected attachment is all it takes to get the snowball started downhill. And that’s what’s highly frustrating, it’s cyber security awareness 101, and so many organizations we go into to perform cyber threat assessments seem to be trying to get ahead of themselves, worrying primarily about the super advanced threats, which only account for a small percentage of actual intrusions, while forgetting the basics which can stop 90% or better of the cyber threats they are faced with on a daily basis. After one person is compromised an intruder uses that foothold to gain further access in a number of ways, whether it’s by nabbing network credentials, gaining access to other employees, to different internal systems, to other employees, or just navigating from there to exfiltrate precious data, like the mother load in this case, a breakdown of vulnerabilities which can be put to destructive use in the future. It’s really a cascade effect for the intruder, as they gain more and more access every step of the way.”

What can an intruder do with access to a SCADA system?

“An attack on a SCADA system is about affecting critical system and machines in the physical world by taking over low level control and functions. Stuxnet was a famous example of what can be done when an intruder gains access to a SCADA system, a switch changed here, a setting changed there, and presto, they had the Iranian centrifuges spinning so fast they broke, setting their entire uranium enrichment program back almost to the starting blocks. Now imagine what a cyber warrior, state-sponsored or otherwise, could do with control of our dams and the trillions upon trillions of gallons of water they are holding back from populations across the country, not to mention all the hydroelectric power they generate. It could certainly fall into the chaos and mayhem category, that’s for sure.”

Assess, test, rinse and repeat

"Cyber attacks are not a once in a blue moon occurrence, they are a daily reality, and infrastructure targets are tantalizing morsels to a wide range of attackers. The world of cyber threats also never stands still, with hackers constantly honing their techniques and improving their payloads. That’s why regular cyber threat assessments and penetration testing are so important. What worked yesterday from a cyber security perspective may not work today, and will probably work even worse tomorrow."

"By establishing a regular routine of having experienced cyber security professionals like Global Digital Forensics assess the cyber threat landscape as it pertains to your particular organization and digital infrastructure, including advancements in technologies and how those new technologies are implemented and used internally, like smartphones and tablets, and regularly simulating real-world attacks with comprehensive penetrations testing, not only are weaknesses in the client’s cyber security posture revealed, but cyber security awareness for employees, managers and executive is substantially improved as well. And remember, even if you are not part of our nation’s critical infrastructure as an organization, you could very easily be used as a springboard for an attacker if they can gain access to your clients or vendors, who just may be the “in” an attacker needs to move on to bigger and better targets. So our collective safety is actually everyone’s responsibility that does business in our cyber world, making the real question, are you doing your part too?"

*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, electronic discovery (eDiscovery), cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit

Read the full story at

Source: PRWeb
Copyright©2012 Vocus, Inc.
All rights reserved

Related medicine news :

1. DNA Testing Finds Allergens, Toxins in Traditional Chinese Medicines
2. EB-5 Expert Brian Su Explores Chinese Inbound Investments in Southern California
3. Tai Chi increases brain size, benefits cognition in randomized controlled trial of Chinese elderly
4. San Francisco EB-5 Conference explores inbound Chinese investments
5. Chinese Drywall Complaint Center Now Demands Leadership From Obama & EPA, For Homeowners In Florida And In The US Southeast Stuck In Toxic Chinese Drywall Hell-Forward?
6. Feinstein Institute researchers discover that bean used in Chinese food could protect against sepsis
7. Chinese Herbal Medicine Can Reach into Prostate Gland and Treat Prostatitis Successfully As A New Option for Prostatitis Sufferers, States Wuhan Dr.Li's Clinic
8. Residents near Chinese e-waste site face greater cancer risk
9. Indoor air puts Chinese women nonsmokers at risk
10. Launch of Chinese-German Center for Bio-Inspired Materials at Mainz University Medical Center
11. Traditional Chinese Medicine Hospitals in China Industry Research Report – Now Available from IBISWorld
Post Your Comments:
(Date:9/22/2017)... PITTSBURGH, PA (PRWEB) , ... September 22, 2017 ... ... as soon as possible, and they often saves lives. However, if one isn’t ... order to widen the availability of defibrillation, I came up with this idea," ...
(Date:9/22/2017)... ... 22, 2017 , ... After a long health ordeal that ... lease on life with assistance from CreditAssociates. CreditAssociates provides debt relief and debt ... debt. The senior is one of the satisfied clients who expressed their appreciation ...
(Date:9/22/2017)... ... September 22, 2017 , ... Happy Living’s mission - to improve ... carries it into the entertaining and delicious worlds of theatre and wines. , ... Living) convinced him to turn his play into a book. The Greener The Grass ...
(Date:9/22/2017)... ... September 22, 2017 , ... ... by Native Remedies that helps promote pancreatic health and regulate blood sugar ... some prescription-based approaches can have negative side effects, and with the changes in ...
(Date:9/22/2017)... ... September 22, 2017 , ... ... brush more effectively even on the go. Their electric toothbrushes aggressively attack oral ... inflammation, with UV sanitizing technology. Combining leading edge Enke technology with a premium ...
Breaking Medicine News(10 mins):
(Date:9/12/2017)... , Sept. 12, 2017  Consumer reviews on the independent ... as the number one company for hearing aids, ranking it ... fifteen other brands. ... Hearing Named #1 by Consumers For Hearing Aids ... Embrace Hearing is an online store that provides high performance, ...
(Date:9/7/2017)... 7, 2017  Eli Lilly and Company (NYSE: ... streamline operations to more efficiently focus resources on ... structure. Global workforce reductions, including those from a ... impact approximately 3,500 positions. With ... savings of approximately $500 million that will begin ...
(Date:9/7/2017)... , Sept. 7, 2017   BioLife Solutions , ... and marketer of proprietary clinical grade cell and tissue ... announces that Mike Rice , President and CEO, will ... Rodman & Renshaw 19 th Annual ... Eastern time (12:25 p.m. Pacific time). The conference is being ...
Breaking Medicine Technology: