Posts Tagged ‘Germany’
Monday, April 7, 2014 @ 04:04 PM gHale
Siemens and security provider McAfee expanded their security partnership which started in 2011.
Industrial users face new challenges including a wider range of cyber threats than ever before. They often lack the resources necessary to respond efficiently to security incidents and do not have access to the global threat intelligence that would allow proactive defensive measures.
This critical information is vital to keep up with evolving government regulations, industry standards, sector specific best practices, and other risk information necessary for making informed business decisions.
The extended alliance with McAfee will complement Siemens’ service offerings by leveraging security solutions such as next generation firewall, security information and event management (SIEM), endpoint security, and global threat intelligence as part of its Managed Security Service as well as offering professional services. These offerings provide greater visibility and control at the factory level while reducing the risk of IP theft.
“McAfee’s broad portfolio of security technologies can serve as a great enabler of Siemens Industrial Security service offerings,” said Siegfried Russwurm, member of the managing board of Siemens AG and chief executive of Siemens’ Industry Sector speaking at the Hannover Fair in Hannover, Germany. “This will further strengthen our leading position in automation and drive technologies by providing additional security solutions and services to our industrial customer base. Industrial security is one of the building blocks for strong demand of connected manufacturing environments, and for the continued resurgence of the manufacturing sector globally. This partnership will be an important foundation for the future of manufacturing and Industry 4.0.”
“Siemens provides a deep experience in automation across numerous industries,” said Michael Fey, worldwide chief technology officer at McAfee. “By combining forces, McAfee, Intel and Siemens will drive the adoption of connected, managed and secured solutions at the plant level in order to help industrial customers to manage their security while bringing the uptime and reliability of the plant operations to a higher level. This collaboration should allow us to address the unique requirements of Industrial Control System customers for the operations technology market thus providing a complete security view across the entire company.”
The companies will continue to cooperate on the development of security products and solutions, specifically based on industrial protocols, that will enhance managed security service offerings for the process and factory automation industry.
Wednesday, March 19, 2014 @ 02:03 PM gHale
There is a new operation just discovered that has over 25,000 Unix servers suffering from an infection for the past two years.
Called “Windigo” after the mythical creature from Algonquian Native American folklore, the servers are sending out 35 million spam emails each day, putting around 500,000 computers at risk of malware infection.
“Each day over half a million computers are put at risk of infection, as they visit websites that have been poisoned by web server malware planted by Operation Windigo redirecting to malicious exploit kits and advertisements,” said ESET security researcher Marc-Étienne Léveillé.
Most of the infected servers are in the U.S., Germany, France and the UK. Many of the affected servers belong to hosting providers. The list of victims includes companies such as cPanel and kernel.org.
ESET has been investigating the campaign for around one year. In total, 25,000 servers suffered infection, of which 10,000 still have the issue.
Mac users are not out in the cold as Windows users end up directed to malware-serving exploit kits. People who visit the infected websites from Macs end up pushed to adult content or served ads for dating sites.
Léveillé highlights the Ebury backdoor deployed by the attackers doesn’t exploit Linux or OpenSSH vulnerabilities. Instead, it ends up planted manually.
“The fact that they have managed to do this on tens of thousands of different servers is chilling. While anti-virus and two factor authentication is common on the desktop, it is rarely used to protect servers, making them vulnerable to credential stealing and easy malware deployment,” Léveillé said.
Pierre-Marc Bureau, security intelligence program manager at ESET, said they are investigating the campaign because cybercriminal operations that rely on Linux malware are not something we get to see every day, particularly when it comes to an operation as complex as Windigo.
Bureau said this is the biggest botnet of servers they have ever seen. What they do know is the bot masters are very good in programming and the administration of Linux systems. Additionally, they probably have good connections in the underground, considering their capabilities to send spam and install malware.
The complete paper of the Windigo operation is available on ESET’s website.
Friday, March 7, 2014 @ 05:03 PM gHale
Manufacturing data determine the production process for a product, and are just as valuable today as the design.
They contain distinctive information about the product and how it ends up manufactured. Whoever possesses this information just needs the right equipment and a pirated or counterfeit product is ready to go.
While design data end up well-protected from unauthorized outside access today, production data often lie exposed and unsecured in the computer-assisted machinery.
An infected computer on the network, or a well-placed USB stick, are all a thief would need to steal data. Or hackers could directly attack the IT network – for instance, through unsecured network components, like routers or switches.
In the growing manufacturing automation industry, an increasing number of unsecured, computer-guided production machinery and networks in production facilities are gradually evolving into gateways for data theft. New security technologies may directly shield the sensitive data kept there.
There is a software application that immediately encrypts manufacturing data as soon as they emerge.
Integrated into computer and equipment, they ensure that both communicate with each other through a protected transportation channel and that only licensed actions end up executed.
“To the best of our knowledge, no comparable safeguard has previously existed for manufacturing data that reside directly in the machine tool,” said Thomas Dexheimer from the Fraunhofer Institute for Secure Information Technology SIT in Darmstadt Security Testlab.
Digital Rights Management (DRM) controls all important parameters of the assignment, such as designated use and quantity, among others. This way, brand manufacturers are able to guarantee that even external producers can only produce an authorized quantity, as instructed in advance – and no additional pirated units.
Dexheimer’s SIT colleague, Dr. Carsten Rudolph, is more involved with secured networks.
At the upcoming CeBIT show March 10-14 in Hannover, Germany, Rudolph will showcase his “Trusted Core Network.”
“Hackers can also gain access to sensitive production data via unsecured network components,” Rudolph said. “These are small computers themselves, and can be easily manipulated.”
In order to prevent this, he called upon one piece of technology that, for the most part, lies dormant (in deep slumber) and, for all intents and purposes, unused on our PCs: the Trusted Platform Module. This relates to a small computer chip that can encrypt, decrypt, and digitally sign the data. Installed into a network component, it indicates which software is running on the component, and assigns a distinct identity to it.
“As soon as the software changes in a component, the adjacent component registers this occurrence and notifies the administrator. Hacker attacks can be exposed quickly and easily this way,” Rudolph said.
“Both security technologies are important building blocks for the targeted Industry 4.0 scenario,” Dexheimer said. The term “Industry 4.0” stands for the fourth industrial revolution. After water and steam power, followed by electrical energy, electronics and information technology, now, the cyber-physical systems (IT systems embedded in machinery that communicate with each other via wireless or cabled networks) and the Internet of Things should move into the factory halls.
“This revolution can only work if the intellectual property is sufficiently protected. And that’s a tall order, because the targets of production IT will increase exponentially, due to ever growing digitization and networking,” Dexheimer said.
At CeBIT, Dexheimer and Rudolph will present a computer-assisted machine tool using a CAD computer and a 3D printer. SIT’s security software is on the computer and the printer; the data encrypted on the computer, and decrypted by the printer. The printer also validates the licensed authorization to conduct the print job. To ensure the data are also secure in the network, the scientists built a Trusted Platform Module into multiple routers.
Wednesday, February 26, 2014 @ 03:02 PM gHale
Using the Pony botnet, bad guys have been able to garner a nice cache of information from websites, email accounts, FTP servers and virtual currency, new research found.
Between September 2013 and mid-January 2014, these cyber bad guys stole over 700,000 credentials, 600,000 of which are for websites, 100,000 for email accounts, 16,000 for FTP servers, 900 for SSH, and 800 for Remote Desktop, according to a report from Trustwave’s SpiderLabs.
Based on data from the control panel of the attack, researchers found after four months of stealing information, the cybercriminals decided to stop the operation.
Most stolen credentials were in Germany (41,177), then Poland (17,214), Italy (15,672), the Czech Republic (14,835), Bulgaria (7,063), France (5,513), Croatia (4,725), Peru (4,616), India (2,761) and Vietnam (2,234).
Close to 80,000 Facebook accounts have felt the impact, followed by ones on accounts.google.com (13,740), nk.pl (13,169), seznam.cz (11,712), profil.wp.pl (8,036), abv.bg (6,589), yahoo.com (6,554), szn.cz (6,175), google.com (5,842) and pl-pl.facebook.com (3,974).
The Pony botnet has also targeted Bitcoin and other virtual currency wallets. Experts found the cybercriminals have stolen $220,000 worth of virtual currencies.
In addition to Bitcoin, the list also includes Litecoin, Feathercoin, Fastcoin, Bytecoin, Namecoin, Mincoin, Zetacoin and many others. In total, around 30 virtual currencies ended up targeted.
Because of the high value of Bitcoin, the attackers didn’t even have to compromise a large number of wallets. They only hijacked 85, out of which they transferred 355 Bitcoins, 280 Litecoins, 33 Primecoins and 46 Feathercoins.
While stealing money from bank accounts is becoming increasingly difficult for cybercriminals, when it comes to Bitcoin heists, there are a number of advantages. First of all, while all transactions are public, they’re also irreversible.
This means if someone empties your wallet, there’s nothing you can do about it. There’s no one who can put the “money” back into the wallet and the accounts cannot end up frozen to prevent theft.
Cybercriminals simply need to transfer the funds into their account on a trading website, convert the virtual coins to a real currency and move the money into their bank account.
Click here for more information from SpiderLabs.
Wednesday, October 23, 2013 @ 02:10 PM gHale
Anyone can interpret numbers however they want, and when it comes to sending out spam there are volume leaders and then there are per capita leaders.
Needless to say, the United States continues to be the top spam-relaying country in the by volume category, according to the Sophos spam report for the third quarter.
The U.S. (14.6 percent) leads the pack, followed by Belarus (5.1 percent), India (4.7 percent), Italy (4.7 percent), and China (4.6 percent). Rest assured Taiwan, Argentina, Spain, Iran, Peru, Germany and Russia are also on the list.
However, the chart is a bit different for the “per capita” category. Here, the spam contribution of each country ends up calculated based on its population.
In this class , Belarus tops the chart. The country sends 11.1 times more spam than the U.S., Uruguay sends 4.7 times more spam than the U.S., and Taiwan sends 3.8 times more.
The countries included in this category are Luxembourg, Macedonia, Peru, Kuwait, Bahamas, Kazakhstan, Bulgaria, Argentina and Israel. Countries with a population below 300,000 were not a part of the survey.
Wednesday, October 9, 2013 @ 06:10 PM gHale
Graphene has extreme conductivity and is completely transparent while being inexpensive and nontoxic, which makes it perfect for transparent contact layers for use in solar cells to conduct electricity without reducing the amount of incoming light.
That is theory, but the real world remains questionable because there is no such thing as “ideal” grapheme, which is a free floating, flat honeycomb structure consisting of a single layer of carbon atoms: Interactions with adjacent layers can change graphene’s properties dramatically.
“We examined how graphene’s conductive properties change if it is incorporated into a stack of layers similar to a silicon based thin film solar cell and were surprised to find that these properties actually change very little,” said Dr. Marc Gluba of the HZB Institute for Silicon Photovoltaics in Berlin, Germany.
To this end, researchers grew graphene on a thin copper sheet, next transferred it to a glass substrate, and finally coated it with a thin film of silicon.
They examined two different versions commonly used in conventional silicon thin-film technologies: One sample contained an amorphous silicon layer, in which the silicon atoms are in a disordered state similar to a hardened molten glass; the other sample contained poly-crystalline silicon to help them observe the effects of a standard crystallization process on graphene’s properties.
Even though the morphology of the top layer changed completely as a result of heating it to a temperature of several hundred degrees centigrade, the graphene is still detectable.
“That’s something we didn’t expect to find, but our results demonstrate that graphene remains graphene even if it is coated with silicon,” said Prof. Dr. Norbert Nickel of the HZB Institute for Silicon Photovoltaics.
Their measurements of carrier mobility using the Hall-effect showed the mobility of charge carriers within the embedded graphene layer is roughly 30 times greater than that of conventional zinc oxide based contact layers.
“Admittedly, it’s been a real challenge connecting this thin contact layer, which is but one atomic layer thick, to external contacts,” Gluba said. “We’re still having to work on that.”
“Our thin film technology colleagues are already pricking up their ears and wanting to incorporate it,” Nickel said. The researchers obtained their measurements on one square centimeter samples, although in practice it is feasible to coat much larger areas than that with graphene.