[GLLUG] Cyber Warfare: In case you missed this

[Clay Dowling]

On 6/7/2012 11:18 PM, Stanley Mortel wrote:
>>
>> Having taken such an aggressive stance on deploying Stuxnet, it will be
>> very difficult for the U.S. to keep casting itself as the innocent
>> victim of unprovoked attacks by countries looking to steal our economic
>> and military secrets. Today's report makes it clear that the White House
>> long ago decided to embrace digital warfare, and puts the onus squarely
>> back on the administration to clearly explain its rules of engagement
>> online. But the greatest impact may be internationally, where hostile
>> nations now have confirmation the U.S. could be targeting their
>> networks. If hackers in those countries weren't already attempting to
>> take down U.S. critical infrastructure, they probably are now.
It's generally accepted in the security community that China is already 
performing extensive espionage against U.S. companies and physical 
infrastructure.  Last week I saw logs that showed Chinese attackers, 
most likely working from a cookbook,  go from no access to a network to 
completely compromised, in four hours. In that time they had the CEO's 
email and complete ownership of the company's four SQL Servers.

Some of the techniques they used showed some of the weaknesses of the 
modern office network.  For instance, after the initial penetration, the 
corporate anti-virus solution was used as the conduit to compromise the 
rest of the network.  While that attack was on a windows network, our 
heterogeneous network at work has similar weaknesses.

Clay