Conficker Infects Critical Medical Devices

By JDavis | 5/3/09 6:13 PM

The Conficker worm didn't just hit PCs -- it also infected several hundred critical medical devices, a security expert said in a panel at the RSA security conference. Right now it's unclear how the devices, which control things like heart monitors and MRI machines, got infected. But it underlines the need to secure medical systems with embedded firewalls and anti-malware software like Mocana's NanoDefender™.

The computers are older machines running Windows NT and Windows 2000 in a local area network that was not supposed to have access to the Internet, however, the network was connected to one that has direct Internet access and so they were infected, he [Marcus Sachs, director of the SANS Internet Storm Center and a former White House cybersecurity official] recently told CNET news.

The situation illustrates the dangers of connecting critical networks, like in hospitals and in SCADA (Supervisory Control and Data Acquisition) systems used by utilities and other critical infrastructure providers, with networks connected to the Internet, he said during the panel "Securing Critical Infrastructures: Infrastructure Exposed."

"We're seeing a huge uptick in probing for SCADA systems," said Jerry Dixon, director of analysis and vice president of government relations at research firm Team Cymru. For years, the SCADA systems were separated from the public networks, but that's not the case anymore, he said.

While PCs do remain the primary targets, hackers and malware-writers are increasingly setting their sites on non-PC SCADA devices attached to the network. In other words, as PC security mechanisms have become more sophisticated, non-PC SCADA devices are becoming the more attractive, comparatively "soft" targets -- an easier way into the host network, thereby threatening our critical national infrastructure.

Download this FREE Whitepaper that dives further into why SCADA devices are under fire and what you can do about it.

Read More >

The (not-so) Dumb Adversary

By JDavis | 5/3/09 6:10 PM

"The adversary doesn't get any dumber," Kevin Fu recently commented to The Boston Globe. To prove his point, Fu, who is investigating RFID attacks and countermeasures at the RFID Consortium for Security and Privacy, or CUSP, at the University of Massachusetts at Amherst, and his researchers conducted a rather extreme experiment.

Read More >

Traffic Lights Hacked in Los Angeles

By JDavis | 11/24/08 1:42 PM

Two traffic engineers illegally disrupted a traffic light control system, disconnecting signal control boxes at four of LA's busiest intersections and hacking the system to prevent other managers from reconnecting the lights. It took four days to fully restore the system. Both have plead guilty to the felony and must now, along with paid restitution and community service, have their computer use at home and work monitored.

Read More >

New SCADA and NanoDefender Whitepaper Available for Download

By JDavis | 11/24/08 1:37 PM

The next-generation intrusion detection system that defeats malware while eliminating false positives -- designed specifically for SCADA's constrained device environments. Learn more.

Read More >

Hints from Mocana Engineering

By JDavis | 11/24/08 1:35 PM

Can I use an automatic update solution or a code patcher with NanoDefender?

Read More >

Cisco Moves to Plug Router Software Flaws

By JDavis | 10/6/08 1:47 PM

Releasing a number of security patches for its Internet Operating System (IOS), Cisco noted that some of the flaws could allow malicious hackers to take over the device, while others left users at risk of denial-of-service attacks. Cisco has released free software updates to address these and other vulnerabilities, as well as workarounds that could mitigate them. The vulnerabilities are listed here.

Read More >

FasTrak or FastHACK?

By JDavis | 9/30/08 1:33 PM
"Incredibly easy to hack" (http://www.scdigest.com/assets/On_Target/08-09-01-1.php?cid=1893) claim experts at computer security firm Root Labs regarding San Francisco's FasTrak auto toll system. Apparently the RFID tags placed in a car's windshield don't use any encryption. "It would be easy, therefore, for a hacker to quickly acquire hundreds or thousands of valid ID numbers that could be cloned onto other transponders."
Just one more reason to road rage.
Read More >
COMMENTS