Topic: Cyber Attacks (Read 2400 times)

Lizzie Zoom · « **on:** 17 June 2017, 16:10:59 »

I have just caught up with the BBC2 programme, 2017: Cyber Attack - The Day the NHS Stopped on iPlayer and as a layperson I am shocked!!

No doubt those on here who know all about these things like TB will not be surprised even, but in the last quarter of this programme it was made clear that any wireless / Bluetooth reliant device can be used to hack into computer systems or, as one example, effect an attack on the nations power supply. A child's doll, a room heating thermostat, a wireless kettle, a heart pace maker, can be infiltrated to launch personal or national attacks using malware.

It made me think, really think, about how our high tech society is going. I knew about how attacks on bank accounts or city traffic light systems could cause havoc, but using a pace maker x thousands for blackmail, or a thermostat x millions to overload and take out the Nation's power supply to cause carnage and effect, among so many other things, a political process, makes me worried.

Are we being too relaxed about all these Bluetooth / wireless devices we are installing everywhere? Are we being far too complacent? Should we be installing electronic "shields" of some form? What do the experts within this field believe is the right way to go? $:-\$ $:-\$ $:-\$

Field Marshal Dr. Opti · « **Reply #1 on:** 17 June 2017, 17:22:20 »

We have little or no idea who is responsible, Lizzie.

It could be the 'Russian state' or a spotty 15 year old boy in his bedroom. It's way beyond my meagre capacity for understanding.

tidla · « **Reply #2 on:** 17 June 2017, 17:50:57 »

According to the program,Ransomware is a simple bit of software.

The thing that made it so deadly was the leaked military grade worm software.

Lizzie Zoom · « **Reply #3 on:** 17 June 2017, 18:38:59 »

Quote from: tidla on 17 June 2017, 17:50:57

According to the program,Ransomware is a simple bit of software.

The thing that made it so deadly was the leaked military grade worm software.

Yes, a Blue military grade cyber hacking device or something that was developed by our intelligence agencies!

But my question was, is, what about all the wireless and Bluetooth devices that apparently open up a portal in our internet systems so that hacking can take place? $:-\$ $:-\$ $:-\$

Field Marshal Dr. Opti · « **Reply #4 on:** 17 June 2017, 19:18:02 »

Quote from: Lizzie Zoom on 17 June 2017, 18:38:59

Quote from: tidla on 17 June 2017, 17:50:57
According to the program,Ransomware is a simple bit of software.

The thing that made it so deadly was the leaked military grade worm software.

Yes, a Blue military grade cyber hacking device or something that was developed by our intelligence agencies!

But my question was, is, what about all the wireless and Bluetooth devices that apparently open up a portal in our internet systems so that hacking can take place? $:-\$ $:-\$ $:-\$

Big brother is watching you, Lizzie........24/7.

Lizzie Zoom · « **Reply #5 on:** 17 June 2017, 19:30:58 »

Quote from: Lord Sittapong Meerkat on 17 June 2017, 19:18:02

Quote from: Lizzie Zoom on 17 June 2017, 18:38:59
Quote from: tidla on 17 June 2017, 17:50:57
According to the program,Ransomware is a simple bit of software.

The thing that made it so deadly was the leaked military grade worm software.

Yes, a Blue military grade cyber hacking device or something that was developed by our intelligence agencies!

But my question was, is, what about all the wireless and Bluetooth devices that apparently open up a portal in our internet systems so that hacking can take place? $:-\$ $:-\$ $:-\$

Big brother is watching you, Lizzie........24/7.

Oh, I know that. It goes back to my fathers communist days and my work for the police...........

Migv6 le Frog Fan · « **Reply #6 on:** 17 June 2017, 20:06:49 »

I read today - in an unmentionable publication - that the NHS computer meltdown has now been ascertained to have been carried out by the North Koreans. $:-\$

Lizzie Zoom · « **Reply #7 on:** 17 June 2017, 20:30:51 »

Quote from: Migv6 on 17 June 2017, 20:06:49

I read today - in an unmentionable publication - that the NHS computer meltdown has now been ascertained to have been carried out by the North Koreans. $:-\$

If I remember correctly the programme stated that back in 2016 a group called the Shadowgroup, or something like it, tried unsuccessfully to sell hacking kits with Blue Grade military hacking devices for $450 million, but there were no takers. Then they gave them away free to whoever wanted to take them.

They couldn't prove any connection, but around that time an American military contractor was arrested with stocks of the hacking devices in his garage. His stocks were seized, but obviously others had obtained them, although it has not been proved he supplied the Shadowgroup.

TheBoy · « **Reply #8 on:** 18 June 2017, 17:15:38 »

I didn't see the programme, but...

Several months ago the NSA was compromised and their cyber attack/intelligence tools were stolen. The hacking group behind it tried to sell these tools on the black market, but failed, so starting releasing the code on the web at various intervals. The set of tools released a couple of months back had the capability to compromise many common operating systems, including Windows, Linux, Solaris etc... ...which pretty much means virtually all internet servers, and most PCs.

The script kiddies then trivially bundled a few of these, and (its believed) targeted IT and communication companies, with some success (not that media would care about that). Unfortunatley, the NHS staff are easy targets, and it's fairly easy to social engineer them. Once inside various parts of the organisation, game over. Obviously, British media, wank themselves senseless that it happened to the NHS.

As to the OP, yes, other "devices" rather than traditional computers/servers, are frequently hacked. The biggest botnets are currently the cheapo CCTV cameras that consumers or small businesses buy. These sorts of devices need patching regularly, but nobody ever does, and hackers know that. With the much hyped IoT, this will get so much worse

About 5yrs ago there was a major flaw found in a whole host of Siemens controllers, used in everything from factory HVAC to nuclear power stations (allegedly). I bet the majority of those haven't been patched. Again, this was a flaw actively exploited by and alleged Middle East government agency.

Too many people have always stuck with that 20+ year old mentality of you can protect yourself by protecting the perimeter of your network. As any security expert will have told you in the last 15yrs, this is no longer a viable solution - and the NHS learnt the hard way. Although the perimeter is now less definable, due to wireless technologies built into devices, the easiest way to get into a network is the gullibility of the staff inside that network.

STEMO · « **Reply #9 on:** 18 June 2017, 17:19:41 »

Alexa..turn on the lights.
F**k off, I've been hacked, you winker.

TheBoy · « **Reply #10 on:** 18 June 2017, 17:43:14 »

Quote from: STEMO on 18 June 2017, 17:19:41

Alexa..turn on the lights.
F**k off, I've been hacked, you winker.

On my old pre-Siri iPhone, I bodged on a dodgy version of Siri. Only it had a real attitude problem

VXL V6 · « **Reply #11 on:** 18 June 2017, 17:54:36 »

Quote from: TheBoy on 18 June 2017, 17:15:38

I didn't see the programme, but...

Several months ago the NSA was compromised and their cyber attack/intelligence tools were stolen. The hacking group behind it tried to sell these tools on the black market, but failed, so starting releasing the code on the web at various intervals. The set of tools released a couple of months back had the capability to compromise many common operating systems, including Windows, Linux, Solaris etc... ...which pretty much means virtually all internet servers, and most PCs.

The script kiddies then trivially bundled a few of these, and (its believed) targeted IT and communication companies, with some success (not that media would care about that). Unfortunatley, the NHS staff are easy targets, and it's fairly easy to social engineer them. Once inside various parts of the organisation, game over. Obviously, British media, wank themselves senseless that it happened to the NHS.

As to the OP, yes, other "devices" rather than traditional computers/servers, are frequently hacked. The biggest botnets are currently the cheapo CCTV cameras that consumers or small businesses buy. These sorts of devices need patching regularly, but nobody ever does, and hackers know that. With the much hyped IoT, this will get so much worse

About 5yrs ago there was a major flaw found in a whole host of Siemens controllers, used in everything from factory HVAC to nuclear power stations (allegedly). I bet the majority of those haven't been patched. Again, this was a flaw actively exploited by and alleged Middle East government agency.

Too many people have always stuck with that 20+ year old mentality of you can protect yourself by protecting the perimeter of your network. As any security expert will have told you in the last 15yrs, this is no longer a viable solution - and the NHS learnt the hard way. Although the perimeter is now less definable, due to wireless technologies built into devices, the easiest way to get into a network is the gullibility of the staff inside that network.

Absolutely, one problem is that as the systems become more critically important the less opportunity there is for downtime, it's become far less acceptable to take systems down for maintenance purposes (patching, upgrading etc), therefore duplicate, failover, dual-homed systems, for want of a better descriptions, has become the norm.

I also think a cyber attack has affected my electric toothbrush, it's a wireless charging type you see, only it seems to only last a couple of uses between charges so I think it's been compromised with some sort of malware, unfortunately it doesn't support the installation of Malwarebytes as it seems to be a proprietry Braun operating system. If anyone knows the fix i'd be grateful, I've tried changing the head and rebooting it but it still flashes the red battery LED of death...

TD · « **Reply #12 on:** 18 June 2017, 18:05:26 »

Quote from: VXL V6 on 18 June 2017, 17:54:36

Quote from: TheBoy on 18 June 2017, 17:15:38
I didn't see the programme, but...

Several months ago the NSA was compromised and their cyber attack/intelligence tools were stolen. The hacking group behind it tried to sell these tools on the black market, but failed, so starting releasing the code on the web at various intervals. The set of tools released a couple of months back had the capability to compromise many common operating systems, including Windows, Linux, Solaris etc... ...which pretty much means virtually all internet servers, and most PCs.

The script kiddies then trivially bundled a few of these, and (its believed) targeted IT and communication companies, with some success (not that media would care about that). Unfortunatley, the NHS staff are easy targets, and it's fairly easy to social engineer them. Once inside various parts of the organisation, game over. Obviously, British media, wank themselves senseless that it happened to the NHS.

As to the OP, yes, other "devices" rather than traditional computers/servers, are frequently hacked. The biggest botnets are currently the cheapo CCTV cameras that consumers or small businesses buy. These sorts of devices need patching regularly, but nobody ever does, and hackers know that. With the much hyped IoT, this will get so much worse

About 5yrs ago there was a major flaw found in a whole host of Siemens controllers, used in everything from factory HVAC to nuclear power stations (allegedly). I bet the majority of those haven't been patched. Again, this was a flaw actively exploited by and alleged Middle East government agency.

Too many people have always stuck with that 20+ year old mentality of you can protect yourself by protecting the perimeter of your network. As any security expert will have told you in the last 15yrs, this is no longer a viable solution - and the NHS learnt the hard way. Although the perimeter is now less definable, due to wireless technologies built into devices, the easiest way to get into a network is the gullibility of the staff inside that network.

Absolutely, one problem is that as the systems become more critically important the less opportunity there is for downtime, it's become far less acceptable to take systems down for maintenance purposes (patching, upgrading etc), therefore duplicate, failover, dual-homed systems, for want of a better descriptions, has become the norm.

I also think a cyber attack has affected my electric toothbrush, it's a wireless charging type you see, only it seems to only last a couple of uses between charges so I think it's been compromised with some sort of malware, unfortunately it doesn't support the installation of Malwarebytes as it seems to be a proprietry Braun operating system. If anyone knows the fix i'd be grateful, I've tried changing the head and rebooting it but it still flashes the red battery LED of death...

I also have an electric toothbrush with a Braun operating system on it....However mine is different to yours.....When mine gets hacked and the battery runs out....I just pop off the bottom of the toothbrush and replace the battery....then it runs fine again until its hacked again

TheBoy · « **Reply #13 on:** 18 June 2017, 18:09:55 »

Quote from: VXL V6 on 18 June 2017, 17:54:36

I also think a cyber attack has affected my electric toothbrush, it's a wireless charging type you see, only it seems to only last a couple of uses between charges so I think it's been compromised with some sort of malware, unfortunately it doesn't support the installation of Malwarebytes as it seems to be a proprietry Braun operating system. If anyone knows the fix i'd be grateful, I've tried changing the head and rebooting it but it still flashes the red battery LED of death...

Was it NHS supplied

Obviously PhillipsOS is more secure, as my toothbrush hasn't been hacked in this saga

Lizzie Zoom · « **Reply #14 on:** 18 June 2017, 20:40:57 »

Quote from: TheBoy on 18 June 2017, 17:15:38

I didn't see the programme, but...

As to the OP, yes, other "devices" rather than traditional computers/servers, are frequently hacked. The biggest botnets are currently the cheapo CCTV cameras that consumers or small businesses buy. These sorts of devices need patching regularly, but nobody ever does, and hackers know that. With the much hyped IoT, this will get so much worse

About 5yrs ago there was a major flaw found in a whole host of Siemens controllers, used in everything from factory HVAC to nuclear power stations (allegedly). I bet the majority of those haven't been patched. Again, this was a flaw actively exploited by and alleged Middle East government agency.

Too many people have always stuck with that 20+ year old mentality of you can protect yourself by protecting the perimeter of your network. As any security expert will have told you in the last 15yrs, this is no longer a viable solution - and the NHS learnt the hard way. Although the perimeter is now less definable, due to wireless technologies built into devices, the easiest way to get into a network is the gullibility of the staff inside that network.

Thanks TB, that confirms what the programme stated.

News:

Author Topic: Cyber Attacks (Read 2400 times)

Lizzie Zoom

Cyber Attacks

Field Marshal Dr. Opti

Re: Cyber Attacks

tidla

Re: Cyber Attacks

Lizzie Zoom

Re: Cyber Attacks

Field Marshal Dr. Opti

Re: Cyber Attacks

Lizzie Zoom

Re: Cyber Attacks

Migv6 le Frog Fan

Re: Cyber Attacks

Lizzie Zoom

Re: Cyber Attacks

TheBoy

Re: Cyber Attacks

STEMO

Re: Cyber Attacks

TheBoy

Re: Cyber Attacks

VXL V6

Re: Cyber Attacks

TD

Re: Cyber Attacks

TheBoy

Re: Cyber Attacks

Lizzie Zoom

Re: Cyber Attacks