blog trackingRealtime Web Statistics Plant | Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘plant’

FEMA to evaluate Maryland’s preparedness to respond to emergency at nuke plant

Top Priority Sector:  disaster_preparedness_emergency_response Image Caption:  Calvert Cliffsnuclear plant inState of Maryland Read More….

View full post on The Cyber Wars

FEMA updates its guide for nuclear plant alerts and notifications

Jacob Goodwin Top Priority Sector:  infrastructure_protection Read More….

View full post on The Cyber Wars

NRC keeps an eye on NJ nuclear plant that sounded warning during storm

Mark Rockwell Top Priority Sector:  disaster_preparedness_emergency_response Image Caption:  Oyster Creek Federal nuclear regulators continue to monitor a nuclear power plant on New Jersey’s Barnegat Bay that declared an alert as Hurricane Sandy came ashore in the state. The official alert, issued by the Oyster Creek plant owned by Excelon Corp. located near Lacey Township in […]

View full post on The Cyber Wars

Legislation takes aim at overlapping nuclear plant licensing renewals

Mark Rockwell Top Priority Sector:  cbrne_detection Image Caption:  Seabrook Station Citing the safety of aging nuclear power plants, two congressmen introduced legislation on Sept. 26 that would prevent overlapping operating license renewals for the facilities. The legislation would prevent nuclear reactor owners from applying for 20-year license renewal years before their original 40-year operations license […]

View full post on The Cyber Wars

ICS-CERT issues alert on power plant control system

Mark Rockwell Top Priority Sector:  cyber_security A control system used by electrical power plants could have a vulnerability that leaves a back door open for hackers to get into the system, according to DHS’ critical infrastructure Cyber protection team. The vulnerability in the Rugged Operating System, made by Siemens subsidiary RuggedCom, was found by researcher […]

View full post on The Cyber Wars

Applied DNA Sciences expands plant and personnel

Top Priority Sector:  access_control_identification Applied DNA Sciences, Inc., a provider of DNA-based anti-counterfeiting technology, announced on August 8 that it has significantly expanded its office, production and laboratory space and increased its personnel. Homepage position:  10 read more View full post on Government Security News

View full post on The Cyber Wars

Sr. Manufacturing Plant Engineer in US-OK-Oklahoma City

Company: National Recruiting Experts. Posted on May-08-12.
View full post on Latest Tech Jobs from Dev Bistro

View full post on National Cyber Security

Irishman decoded virus that entered Iranian nuclear plant- VIDEO

An Irishman living in the US was the first to decipher the complex nature of Stuxnet, a computer worm that affected Iranian nuclear facilities in 2010. The worm is believed to have been the work of the CIA or Israeli security forces.

View full post on computer worm – Yahoo! News Search Results

View full post on National Cyber Security » Virus/Malware/Worms

Report: Stuxnet delivered to Iranian nuclear plant on thumb drive

CBS Interactive)

(CNET) An Iranian double agent working for Israel used a standard thumb drive carrying a deadly payload to infect Iran’s Natanz nuclear facility with the highly destructive Stuxnet computer worm, according to a story by ISSSource.

Stuxnet quickly propagated throughout Natanz — knocking that facility offline and at least temporarily crippling Iran’s nuclear program — once a user did nothing more than click on a Windows icon. The worm was discovered nearly two years ago.

ISSSource’s report yesterday was based on sources inside the U.S. intelligence community.

These sources, who requested anonymity because of their close proximity to investigations, said a saboteur at the Natanz nuclear facility, probably a member of an Iranian dissident group, used a memory stick to infect the machines there. They said using a person on the ground would greatly increase the probability of computer infection, as opposed to passively waiting for the software to spread through the computer facility. “Iranian double agents” would have helped to target the most vulnerable spots in the system,” one source said. In October 2010, Iran’s intelligence minister, Heydar Moslehi said an unspecified number of “nuclear spies” were arrested in connection with Stuxnet.33 virus.

As CNET first reported in August 2010, Stuxnet, as a worm intended to hit critical infrastructure companies, wasn’t meant to remove data from Natanz. Rather, it left a back door that was meant to be accessed remotely to allow outsiders to stealthily control the plant.

The Stuxnet worm infected industrial control system companies around the world, particularly in Iran and India but also companies in the U.S. energy industry, Liam O’Murchu, manager of operations for Symantec Security Response, told CNET. He declined to say how many companies may have been infected or to identify any of them.

“This is quite a serious development in the threat landscape,” he said. “It’s essentially giving an attacker control of the physical system in an industrial control environment.”

According to ISSSource, the double agent was likely a member of the Mujahedeen-e-Khalq (MEK), a shadowy organization often engaged by Israel to carry out targeted assassinations of Iraninan nationals, the publication’s sources said.

As CNET reported in August 2010:

The Stuxnet worm propagates by exploiting a hole in all versions of Windows in the code that processes shortcut files, ending in “.lnk,” according to…[the] Microsoft Malware Protection Center….Merely browsing to the removable media drive using an application that displays shortcut icons, such as Windows Explorer, will run the malware without the user clicking on the icons. The worm infects USB drives or other removable storage devices that are subsequently connected to the infected machine. Those USB drives then infect other machines much like the common cold is spread by infected people sneezing into their hands and then touching door knobs that others are handling.

The malware includes a rootkit, which is software designed to hide the fact that a computer has been compromised, and other software that sneaks onto computers by using a digital certificates signed two Taiwanese chip manufacturers that are based in the same industrial complex in Taiwan–RealTek and JMicron, according to Chester Wisniewski, senior security advisor at Sophos…. It is unclear how the digital signatures were acquired by the attacker, but experts believe they were stolen and that the companies were not involved.

Once the machine is infected, a Trojan looks to see if the computer it lands on is running Siemens’ Simatic WinCC software. The malware then automatically uses a default password that is hard-coded into the software to access the control system’s Microsoft SQL database.

This story originally appeared on CNET.

Article source:

View full post on National Cyber Security » Virus/Malware/Worms

Page 1 of 3123»

My Twitter

Gregory D. Evans On Facebook