nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

back to article
Someone's phishing US nuke power stations. So far, no kaboom

Silver badge

Why isn't it stuxnet?

This time it would make perfect sense if it were the US's own security forces. Their job is to protect US security, and probing vulnerabilities of critical infrastructure is surely part of that job.

So, if it falls short of a stuxnet (OK, perhaps stuxnet-with-dummy-payload), does that mean they're not doing their job? Or just that attacks are being reported selectively?

Coincidentally, some of those same security forces are well-known for framing foreign powers.

1
0
Silver badge

Re: Why isn't it stuxnet?

That will be the weak anthropic principle. If it was stuxnet we wouldn't still be here to question why it isn't stuxnet.

3
0
Anonymous Coward

Re: Why isn't it stuxnet?

I'm frankly quite astonished they even managed to detect the attempts!

4
0
Anonymous Coward

Re: Why isn't it stuxnet?

Yes but then would we be hearing about it? I'm a little surprised we're hearing about it anyway. truth be told

1
0
Silver badge
Paris Hilton

watering hole attacks?

Ok I have to ask what is a watering hole attack? I thought I was familiar with most of the terminology to do with malware but thats a new one for me...

3
0
Silver badge

Re: watering hole attacks?

Setting up a website or other delivery mechanism such as social media account (watering hole) to deliver malware and then using your phishing emails and/or search result manipulation, etc to get your marks to go and drink the bad stuff.

I think anyway. Happy to be corrected.

6
0
Pint

Re: watering hole attacks?

The idea is that you wait for your prey to come to you: so rather than send phishing mails to their place of work, you target weak spots where they may turn up. For example, web forums where they might hang out, manufacturer sites, etc.

Mine's a pint in my local with the compromised Wi-fi.

6
0
Silver badge

Re: watering hole attacks?

you target weak spots where they may turn up. For example, web forums where they might hang out

Like here. Watering hole attacks can be quite targeted, but they don't need to be. If you're a spy agency interested in high value targets across a whole range of industries, then Facebook and Twitter aren't the places to hang out, as there's too little focus, too much dross. But here, well......

8
0
Silver badge

Re: watering hole attacks?

That’d be... frustrating... for our heroes, at least if they were trying to get something using the email address and password I use on El Reg. This addy has limited use, and as that use is out in public, anything addressed to it is regarded with Extreme Suspicion. And the password, while silly and not particularly secure, is used only on this site.

Good luck, phishers.

1
0
Gold badge
Unhappy

"The idea is that you wait for your prey to come to you: "

For example if you could infect El Reg literally XXX of companies could be affected

0
0
Silver badge

Re: watering hole attacks?

"If you're a spy agency interested in high value targets across a whole range of industries, then Facebook and Twitter aren't the places to hang out, as there's too little focus, too much dross. But here, well......"

Well, now I feel flattered and am on the verge of coyly blushing.

1
0
Anonymous Coward

Re: watering hole attacks?

"And the password, while silly and not particularly secure, is used only on this site."

So you use "hunter1234" on higher value sites, then?

1
0

This post has been deleted by its author

This post has been deleted by its author

This post has been deleted by its author

This post has been deleted by its author

This post has been deleted by its author

(Written by Reg staff) Silver badge

Re: intermediary contact

Contact is being established...

C.

1
0
Anonymous Coward

Air-gapping...

Doesn't give complete protection - systems need complete physical protection to prevent accidental introduction of nasties. I remember reading about a US drone control site that was still infected because someone brought in an infected USB drive.

7
0
Anonymous Coward

Re: Air-gapping...

infected because someone brought in an infected USB drive

By modern standards, I would have thought that a system would not be considered to be air gapped if people can plug in any form of portable media. That has consequences for tech support, but that has to be the case because IIRC there was a suspicion that Stuxnet was transferred via tech support USB drives.

14
1
Silver badge

"the attackers had apparently gained at least one set of user credentials"

Obviously the response is that all user credentials have been changed, or at the very least, if they know which user then they changed that one (prefer the former though).

Happy to read that there is at least one installation which sets its industrial comm infrastructure apart from its public corporate one.

5
0
Anonymous Coward

Unnamed officials believe...

"Unnamed officials who believe" are like zombies out of the Walking Dead.

You meet them whenever there is a calm moment, there are always more and getting rid of them is extremely hard.

Reminder of the non-story of “Russian hackers penetrated U.S. electricity grid through a utility in Vermont, U.S. officials say.” pushed by WaPo: 'Fake News' And How The Washington Post Rewrote Its Story On Russian Hacking Of The Power Grid

(Also reminder that the item "17 intelligence agencies are confident that Russia hacked the elections" (Clinton) has been downgraded to "a closed circle of shifty individuals from 3 intelligence agencies issue the statement that Russia hacked the elections", but that's for another day).

8
1
Silver badge
Trollface

Re: Unnamed officials believe...

that the other 'Unnamed officials' are SO full of it...

5
0

Re: Unnamed officials believe...

Wondered what happened to the Iraqi information minister who said no bombs were dropping as they fell in the background...presumably reinvented himself as Trump's head of fake news generation.

1
2
Silver badge
Happy

Re: Unnamed officials believe...

(Also reminder that the item "17 intelligence agencies are confident that Russia hacked the elections"

Was it just me that read "item 17" as Team 17 and expected to see a reference to Worms?

2
0
Silver badge

"There is no indication that hackers were able to jump from their victims’ computers into the control systems of the facilities, nor is it clear how many facilities were breached."

Translation: We don't know what's going on.

12
0
Silver badge
WTF?

Nukes on the 'net?

I understand that you might want to send telemetry over the intertubes, but connecting the control system of a nuclear power plant to the 'net seems...unnecessary. Surely all necessary control inputs are local?

And any internet connection is surely authenticated by something more significant than username/password? Like perhaps encryption boxes or RSA tokens at each end?

0
0

NRC does not want its inspectors to need to know technical stuff

My one experience with dealing with the US NRC (Nuclear Regulatory Commission) is that they want the software to be so easy to use that its inspectors don't need to know anything technical:

https://shape-of-code.coding-guidelines.com/2012/06/27/trying-to-sell-analysis-tools-to-the-nuclear-regulatory-commission/

3
0
Silver badge

Take Note

"maintained separate networks for corporate and operations systems"

No mention that the "operations systems" are isolated from the Internet.

2
0
Silver badge

No mention that the "operations systems" are isolated from the Internet.

Apparently the control systems are - or were - connected to the internet.

I base that on an article IEEE had in their magazine Spectrum some years ago - must be 9 years ago or more, since that is when I let my membership lapse.

IIRC: The gist of the article was that hackers had accessed the control systems, but the reactor was off line or in training mode or? at the time. I remember that the hacker actions had to do with coolant in the reactor.

1
0

Why do these idiots continue to put sensitive information on the internet? Are they that d****d cheap or stupid?

0
1
Silver badge
Facepalm

Totally pointless article ...

If you're not going to post any actual technicals details you might as well not bother. Boo hoo hoo, I'm so scared who will save me from the Russian bogeyman ...

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing