Global Cyber Attack Imminent

A devastating global cyber attack is imminent (http://www.dailymail.co.uk/)

Technology

Experts have warned that a devastating global cyber attack is imminent.
The hack, called ‘ExplodingCan’, targets computers running on Microsoft Windows 2003, which means that it could be used to attack 375,000 computers worldwide.
This puts it in the same risk category as last month’s WannaCry ransomware attack which caused mayhem around the world, crippling vital servers such as those used by the NHS.
ShadowBrokers, the group behind the WannaCry hack, stole the ExplodingCan from the NSA, along with an arsenal of other cyber weapons.

The hack targets Microsoft Windows 2003 servers running the Internet Information Services version 6.0 (IIS 6.0) web server.
According to Manchester-based security company, Secarma, Exploding Can exploits a known flaw in the IIS 6.0 servers, triggering a buffer overflow.
This in turn can be used for remote access to the computer, and could allow hackers to plant ransomware in a similar fashion to the WannaCry worm.

Continue reading at http://www.dailymail.co.uk/

My Two Cents:
Another reason supporting moving to the Adept Secure Platform. Microsoft Windows Server 2003 has been retired for many years, outdated software is just one little problem…

Amazon explains big AWS outage

Amazon explains big AWS outage (http://www.geekwire.com)

Technology

Amazon explains big AWS outage, says employee error took servers offline, promises changes.

Amazon has released an explanation of the events that caused the big outage of its Simple Storage Service Tuesday, also known as S3, crippling significant portions of the web for several hours.

RELATED: AWS cloud storage back online after outage knocks out popular sites

Amazon said the S3 team was working on an issue that was slowing down its billing system. Here’s what happened, according to Amazon, at 9:37 a.m. Pacific, starting the outage: “an authorized S3 team member using an established playbook executed a command which was intended to remove a small number of servers for one of the S3 subsystems that is used by the S3 billing process. Unfortunately, one of the inputs to the command was entered incorrectly and a larger set of servers was removed than intended.”

Those servers affected other S3 “subsystems,” one of which was responsible for all metadata and location information in the Northern Virginia data centers. Amazon had to restart these systems and complete safety checks, a process that took several hours. In the interim, it became impossible to complete network requests with these servers. Other AWS services that relied on S3 for storage were also affected.

About three hours after the issues began, parts of S3 started to function again. By about 1:50 p.m. Pacific, all S3 systems were back to normal. Amazon said it has not had to fully reboot these S3 systems for several years, and the program has grown extensively since then, causing the restart to take longer than expected.

Amazon said it is making changes as a result of this event, promising to speed up recovery time of S3 systems. The company also created new safeguards to ensure that teams don’t take too much server capacity offline when working on maintenance issues like the S3 billing system slowdown.

Amazon is also making changes to its service health dashboard, which is designed to track AWS issues. The outage knocked out the service health dashboard for several hours, and AWS had to distribute updates via its Twitter account and by programming in text at the top of the page. In the message, Amazon said it made a change to spread that site over multiple AWS regions.

Continue reading at http://www.geekwire.com

My Two Cents:
We were working with the ESRI ArcGIS Web Services API when it went down. I was not aware that ESRI leveraged the Amazon S3 Cloud systems. If you are going to run API Services, make sure you have redundancy. I was surprised. The old saying “do not put all your eggs in one basket” is obviously alive and well with some Tech corporations.

Buying cloud access security brokers with confidence

Buying cloud access security brokers with confidence (http://searchcloudsecurity.techtarget.com)

Technology

IT security professionals buying cloud access security broker services must focus on what the technology now offers and determine precisely what their company IT architecture requires. Here’s how.

With the explosion in cloud service adoption in the last several years, organizations are realizing a disturbing security reality — they don’t know what they don’t know. Data is being stored and accessed in cloud environments that organizations do not see and cannot control, and security capabilities within the cloud provider environments have been slow to reach parity with in-house enterprise security controls. Buying cloud security services that control and monitor the information organizations are sending to the cloud is essential to any organization’s security strategy.

Continue reading at http://searchcloudsecurity.techtarget.com

My Two Cents:
We at Adept Technologies are excited based on our new release of our Secure Cloud “Adept Secure” that protects the Adept Enterprise foundation, its modular platforms and data. Customers who are already on the myadept.com infrastructure will be moved automatically over to the adeptsecure.com infrastructure. No need for our customers to purchase cloud access security broker services. Its included in our offerings.

Reliable Grid Operations – NERC

Reliable Grid Operations – NERC (http://www.nerc.com)

Technology

Electricity is unique in that it can’t be conventionally stored for later use. It’s produced and consumed in real time.

Electricity must be produced and delivered at the same time consumers need it.

While most people take reliable electric service for granted, it is something the electrical industry makes a daily priority. Disruptions to electric service are more than an inconvenience, they are matters of health and safety. In addition, power disruptions can be costly to consumers and businesses.

The sustained dependability of electric service is a crucial component of modern life and a key to the economic vitality of the world.

The North American Electric Reliability Corporation (NERC) is a not-for-profit international regulatory authority whose mission is to assure the reliability of the bulk power system in North America. NERC develops and enforces Reliability Standards; annually assesses seasonal and long‐term reliability; monitors the bulk power system through system awareness; and educates, trains, and certifies industry personnel. NERC’s area of responsibility spans the continental United States, Canada, and the northern portion of Baja California, Mexico. NERC is the electric reliability organization for North America, subject to oversight by the Federal Energy Regulatory Commission and governmental authorities in Canada. NERC’s jurisdiction includes users, owners, and operators of the bulk power system, which serves more than 334 million people.

Cyber Security is enforced via the CIP – Critical Infrastructure Protection Reliability Standards.

Reliability Standard Violations in New England Result in $3 Million Penalty, March 30 – After completing its fact-finding, FERC’s Office of Enforcement concluded that Berkshire Power Company LLC (Berkshire) and Power Plant Management Services LLC (PPMS) violated the FPA, jurisdictional tariffs, various FERC regulations, and NERC Reliability Standards.

My Two Cents:
NERC can issue large fines if you get into their crosshairs. I understand why NERC exists today with regard to Cyber Security. My question would be will NERC help you after an event like what happened in the Ukraine last December, or would they issue you a $3 Million Penalty? Will they share information to others or fine them too? Will this type of enforcement help or make it worse?

We are at a point, where Cyber Security is going to change big time. The way it is being handled today is not the way it will be handled after a successful Cyber 911 attack takes the power grid down… Electricity must be produced and delivered at the same time consumers need it, cyber security will be a HUGE part of making sure it happens…

German nuclear plant suffers cyber attack designed to give hackers remote access

German nuclear plant suffers cyber attack designed to give hackers remote access (http://www.telegraph.co.uk)

Technology – Security

German nuclear plant suffers cyber attack designed to give hackers remote access

A nuclear power plant in Germany has been found to be infected with computer viruses, but they appear not to have posed a threat to the facility’s operations because it is isolated from the Internet, the station’s operator said on Tuesday.

The Gundremmingen plant, located about 120 km (75 miles) northwest of Munich, is run by the German utility RWE.

The viruses, which include “W32.Ramnit” and “Conficker”, were discovered at Gundremmingen’s B unit in a computer system retrofitted in 2008 with data visualisation software associated with equipment for moving nuclear fuel rods, RWE said.

Malware was also found on 18 removable data drives, mainly USB sticks, in office computers maintained separately from the plant’s operating systems. RWE said it had increased cyber-security measures as a result.

W32.Ramnit is designed to steal files from infected computers and targets Microsoft Windows software, according to the security firm Symantec.

First discovered in 2010, it is distributed through data sticks, among other methods, and is intended to give an attacker remote control over a system when it is connected to the Internet.

Conficker has infected millions of Windows computers worldwide since it first came to light in 2008. It is able to spread through networks and by copying itself onto removable data drives, Symantec said.

RWE has informed Germany’s Federal Office for Information Security (BSI), which is working with IT specialists at the group to look into the incident.

The BSI was not immediately available for comment.

My Two Cents:
Again…The DOE, and FERC need to address cyber security problems as a national security clear and present danger issue (TLP) RED level. I personally feel that the DOE and FERC are NOT the type of government agencies that mission statements are for this type of national security challenge (Protecting the USA Power Grid(s)). The DHS, US-CERT and FBI need to take control and get some move on in this power industry…