Posts Tagged ‘Israel’

Wednesday, April 23, 2014 @ 09:04 AM gHale

When it comes to spam, the United States is the leader in the “countries by volume” category, while Belarus tops the “countries by population” category, a new report said.

In the first category, the U.S. accounts for 16 percent of all spam, according Sophos’ “Dirty Dozen” spam report for the first quarter of 2014. Spain, Russia, Italy, China, Germany, Japan, France, Argentina, South Korea, Ukraine, and India all follow the U.S.

RELATED STORIES
Users Breaching Security Policies
Execs Not Seeing All Security Facts: Report
9 Attacks Cause 92% of incidents: Report
DDoS Techniques Changing

In the countries by population grouping, Belarus heads the list, followed by Uruguay, Israel, Luxembourg, Bulgaria, Taiwan, Spain, Bahamas, Macau, Romania, Macedonia, and Argentina.

Bulgaria, Spain, Macau, Romania, and Argentina are new entries in the “by population” category.

In the “by volume” category, Israel moved up to third from 12th and 7th in previous quarters.
Belarus topping the “Spam-Relaying ‘Dirty Dozen’ Countries by Population” chart is not surprising, researchers said because the country is becoming a hotspot for spammers.

It is important to keep in mind, these are spam-relaying countries, which means it is not necessarily sent out by individuals or organizations located in these countries. Instead, it means that computers in these locations end up abused for spam.

Click here to view the report.

Monday, August 19, 2013 @ 03:08 PM gHale

IBM is going to pay close to $1 billion to pick up security company, Trusteer.

In a sign that IBM is taking security very seriously, this is its second largest acquisition of a security company after its 2006 purchase of Internet Security Systems for $1.3 billion.

RELATED STORIES
Cisco Deals for Security Provider
Security Firm Deals for Services Unit
IBM gets Deeper into Cloud
Blue Coat Deals for Analytics Firm

Trusteer has offices in Boston and Tel Aviv, Israel. IBM said it planned to open a cyber security software lab at Trusteer’s offices in Tel Aviv, which will employ more than 200 researchers and developers. The lab will be in addition to other research and development facilities in Israel.

Trusteer competes with long-established security providers such as Symantec Corp., Intel Corp’s McAfee division and EMC Corp’s RSA security unit. Privately held competitors include FireEye, which has filed to go public, and Bromium.

“In founding Trusteer, I pulled together a team with strong skills in data security and programming,” said Trusteer founder and chief executive Mickey Boodaei.

Among other security fronts, Trusteer examines advanced malware and how it affects large organizations. “The moment we understood the problem and the limitations of existing solutions, we built a unique system to identify attacks,” Boodaei said.

“We concluded that one of the technology’s main applications is in preventing fraud carried out by taking over the end-user’s computer and carrying out online bank transactions – a kind of fraud that was causing hundreds of millions of dollars in losses to banks around the world at the time.”

Thursday, April 18, 2013 @ 03:04 PM gHale

Israeli websites are under attack as part of the Anonymous OpIsrael campaign which launched a series of distributed denial of service (DDoS) assaults April 7.

In its analysis of the hit, Trend Micro said the source of these attacks — over 90 percent of the traffic — came from outside Israel on April 7. A regular day would not have close to that amount of outside traffic.

RELATED STORIES
BackDoor Botnet Taken Over
Zeus Reigns as Supreme Botnet
Grum Botnet Coming Back Slowly
Cookie Attack can Hijack Accounts

Based on information collected by Trend Micro’s Smart Protection Network, a big spike in traffic was very apparent that day.

Another part of the analysis shows hacktivists were not the only ones launching the attacks. Quit a few of the IP addresses associated with the botnets were under the control of cyber criminals.

More precisely, the IP addresses were victims of ransomware, Fake AV and exploit kit attacks.

“These findings highlight how major DDoS attacks are, at least in part, not just carried out by hacker groups like Anonymous but by cybercriminals as well. These attacks are not nearly as ‘harmless’ as some would think,” said Trend Micro Big Data Security Analyst Chris Huang.

Thursday, March 7, 2013 @ 06:03 PM gHale

Iran fought off attacks against its offshore oil and gas platforms as they ended up targeted in an effort to cripple the country.

The attacks ended up stymied and the head of IT at the Iranian Offshore Oil Company, Mohammad Reza Golshani said Israel was behind the attacks, according to a Reuters report.

RELATED STORIES
Stuxnet Older than We Think
Cyber War Stakes Rising
U.S., Israel behind New Iran Attack
Flame: ‘20 Times Larger than Stuxnet’
Shamoon Target: Aramco Production
Stuxnet Hit 4 Oil Companies
Iran behind Shamoon Attack

Golshani said the attack happened over the past couple of weeks. The attack routed through China and affected only the communications systems of the network.

It is almost two weeks since the managing director of the National Iranian Offshore Oil Company Mahmoud Zirakchianzadeh announced his company’s negotiations on deals worth $14 billion.

Iran is currently under pressure from the international sanctions, mainly in oil exports, imposed by the UN Security council, the U.S., and the European Union.

On Saturday, the EU threatened to ban Iran’s natural gas export to put pressure on the country’s nuclear program. Iran’s now exporting to Turkey and has swap deals with Armenia and Azerbaijan.

Oil ministry spokesman, Alireza Nikzad-Rahbar, said the possible ban was a “propaganda campaign” because “right now no EU member imports Iranian gas supply.”

The UN Security Council imposed four rounds of sanctions in efforts to pressure Tehran to give up its nuclear program, which the West fears is about creating a nuclear weapon. Iran insists its nuclear ambitions are peaceful. The sanctions targeted Iran’s oil exports and cut off access to international banking networks.

Tehran faces pressure with sanctions, but also various forms of cyber attack, such as Stuxnet, Flame and Gauss, three viruses that gathered information on sensitive Iranian equipment and slowed down its nuclear centrifuges.

Wednesday, February 27, 2013 @ 11:02 AM gHale

A form of the Stuxnet worm used to cripple Iran’s nuclear program was in existence two years longer than first believed.

In addition, there is also evidence the military-grade malware’s origins date back to 2005, and possibly earlier, a new report from Symantec said.

Members of the Symantec Security Response team found an earlier version of the highly sophisticated malcode called “Stuxnet 0.5.” Experts previously thought the earliest version dated back to 2007. Discovered in July 2010, the plan of the virus was to surreptitiously disrupt the Natanz uranium enrichment facility in Iran.

RELATED STORIES
Cyber War Stakes Rising
U.S., Israel behind New Iran Attack
Flame: ‘20 Times Larger than Stuxnet’
Shamoon Target: Aramco Production
Stuxnet Hit 4 Oil Companies
Impact of Shamoon on SCADA Security
Iran behind Shamoon Attack

First reports had Stuxnet getting its attack green light in the waning moments of George W. Bush’s presidency in 2009. At the time, President Bush wanted to sabotage the electrical and computer systems at Natanz, which is a fuel enrichment plant in Iran. After Bush left office, President Barack Obama accelerated the program, said former senior intelligence officials, one of whom worked for the National Intelligence office.

Stuxnet is a sophisticated piece of computer malware designed to sabotage industrial processes controlled by Siemens SIMATIC WinCC and PCS 7 control systems. The worm used known and previously unknown vulnerabilities to install, infect and propagate, and was powerful enough to evade state-of-the-art security technologies and procedures.

Widely considered among the most complicated coding in the malware world, Stuxnet honed in on computers running the Siemens software at 14 known industrial sites. The malware shut off valves that supplied uranium hexafluoride gas into centrifuges, thereby damaging a uranium enrichment system by letting pressure build until the gas solidified.

“In addition, the code will take snapshots of the normal running state of the system, and then replay normal operating values during an attack so that the operators are unaware that the system is not operating normally,” the Symantec researchers said. “It will also prevent modification to the valve states in case the operator tries to change any settings during the course of an attack cycle.”

In analyzing the oldest known version of Stuxnet, researchers found the worm was in development as early as November 2005 and released in the wild two years later. Its programming called for it to stop communicating with its command-and-control servers on Jan. 11, 2009 and stop spreading via infected USB keys on July 4 of the same year. But a number of dormant infections ended up detected last year around the world, almost half in Iran and 21 percent in the United States.

Later versions became far more aggressive in propogating and exploiting vulnerabilities. It also appears its developers were people with access to Flamer source code, unlike later versions built on the Tilded platform.

“The existence of unrecovered versions of Stuxnet, both before version 0.5 and especially between versions 0.5 and 1.001, are likely,” according to a Symantec blog post.

As ISSSource reported back in October 2011, Stuxnet was a comprehensive U.S.-Israeli program designed to disrupt Iran’s nuclear technology. This joint program first surfaced in 2009 and worked in concert with an earlier U.S. effort that consistently sabotaged Iran’s purchasing network abroad.

The groundwork for the attack plan began much earlier though. In 2007, Idaho National Laboratory (INL) inked a development contract with Siemens the purpose of which was to help Siemens study its own computer weaknesses, the sources said. Quite a few suppliers have these types of pacts with INL to test platforms to find and resolve weaknesses.

Wednesday, December 19, 2012 @ 06:12 PM gHale

By Richard Sale
The new virus hitting Iran that targets computers and wipes entire disk partitions clean is a joint U.S.-Israel attack, CIA sources said.

In what seems like a very similar attack scenario as the August Shamoon virus that hit Middle East energy companies, the virus implantation in Iran actually occurred before the Shamoon attack, the sources said.

RELATED STORIES
Flame: ‘20 Times Larger than Stuxnet’
Shamoon Target: Aramco Production
Stuxnet Hit 4 Oil Companies
Impact of Shamoon on SCADA Security
Iran behind Shamoon Attack
Shamoon Mitigations Shelter Systems

The story on the Iran attack broke two days ago by Ars Technica and the former senior CIA officials, who requested anonymity because they are close to the investigation, confirmed to ISSSource the U.S. and Isreal were behind the Tehran-focused attack. Right now who or what the new virus is targeting remains unclear.

Dubbed Batchwiper, the malware systematically wipes any drive partitions starting with the letters D through I, along with any files stored on the Windows desktop of the user logged in when the program executes, according to security researchers who independently confirmed the findings.

The reports come seven months after an investigation into a separate wiper program targeting the region led to the discovery of Flame, the highly sophisticated espionage malware reportedly designed by the U.S. and Israel to spy on Iran. The original wiper program, named Wiper, was interesting because it shared a file-naming convention almost identical to those used by the state-sponsored Stuxnet and Duqu operations, an indication it may have been related, security researchers said.

A separate wiping malware known as Shamoon wreaked havoc on some energy sector computers in the Middle East, including destroying hard drives at least 30,000 workstations operated by Saudi Aramco, the world’s largest oil producer. Unlike Wiper, the Shamoon code base is very rudimentary, raising the possibility that hacktivists or other amateur coders developed it. Batchwiper, which gets its name because of its destructive payload is contained in a batch file, also appears to be rudimentary.

“Despite its simplicity in design, the malware is efficient and can wipe disk partitions and user profile directories without being recognized by antivirus,” said the Iranian CERT advisory, which published Sunday.

The virus, however, is not probably widely distributed. This targeted attack is simple in design and there is no similarity to the other sophisticated targeted attacks. One thing this malware does is it is able to remain active even after a machine reboots. It does this by adding a registry entry. The RAR archive dropper name is GrooveMonitor.exe, presumably to disguise it as a legitimate Windows Office 2007 service. GrooveMonitor.exe then drops additional files named juboot.exe, jucheck.exe, SLEEP.EXE, and WmiPrv.exe.

The batch file programming allows it to wipe drives only on certain dates, with the next one being January 21. Previous dates listed in the file include December 11, 12, and 13, suggesting the malware campaign may have been active for the past week and may already have inflicted damage.

It remains unclear how Batchwiper is spreading. Possibilities, researchers said, include the use of USB drives, malicious insiders, spear phishing campaigns or “probably as the second stage of a targeted intrusion.”
Richard Sale was United Press International’s Intelligence Correspondent for 10 years and the Middle East Times, a publication of UPI. He is the author of Clinton’s Secret Wars and Traitors.

Thursday, November 29, 2012 @ 04:11 PM gHale

Information stolen from one of a U.N. nuclear watchdog’s former servers is up and viewable on a hacker website.

The stolen information was in a statement by a group calling for an inquiry into Israel’s nuclear activities. The International Atomic Energy Agency (IAEA) is investigating Iran’s nuclear program.

RELATED STORIES
Ford Website Hacked
Impact of Shamoon on SCADA Security
Iran behind Shamoon Attack
Shamoon Mitigations Shelter Systems

The IAEA said the theft concerned “some contact details related to experts working” with the Vienna-based agency but it did not say who might have been behind the action.

The stolen data did not include information related to confidential work carried out by the IAEA, one official said. One of the agency’s tasks is preventing the spread of nuclear weapons.

The statement posted in the name of Parastoo (which in Farsi means swallow, the bird, and can also be a woman’s name) included a large number of email addresses and called for the people to whom they belonged to sign a petition for an “open” IAEA investigation into Israel’s Dimona reactor.

The statement dated November 25 and headlined “Parastoo Hacks IAEA” said: “Israel owns a practical nuclear arsenal, tied to a growing military body.”

Middle East experts said Israel has the only atomic arsenal but the country neither confirms nor denies this under a “strategic ambiguity” policy to deter Arab and Iranian foes.

Israel and the United States accuse Iran of seeking to develop a nuclear weapons capability, a charge Tehran denies, and said the Islamic state is the main proliferation threat. That was one of the thoughts behind the Stuxnet virus: To delay or end Iran’s nuclear capability.

IAEA spokeswoman Gill Tudor said the agency “deeply regrets this publication of information stolen from an old server that was shut down some time ago”.

Measures are underway to address concern over possible vulnerability in the server, she said.

“The IAEA’s technical and security teams are continuing to analyze the situation and do everything possible to help ensure that no further information is vulnerable,” Tudor said.

Thursday, November 15, 2012 @ 12:11 PM gHale

By Richard Sale
Major U.S. oil companies already facing increasingly sophisticated cyber attacks by China have also been infected by the Stuxnet virus that has attacked computers in countries from Germany, Indonesia to Kazakhstan, U.S. intelligence sources said.

Victims of the Stuxnet virus, intelligence sources said, include Baker Hughes, ConocoPhillips, Marathon, and Chevron, which last week was the first of the group to declare it had been attacked by the virus.

RELATED STORIES
India on Stuxnet Alert
Talk to Me: Stuxnet, Flame a Global Alert
Stuxnet Warfare: The Gloves are Off
Flame: ‘20 Times Larger than Stuxnet’
New Stuxnet Waiting for Green Light
Stuxnet Loaded by Iran Double Agents

In a Wall Street Journal story late last week, Chevron, the billion dollar oil company based in California, confirmed its computer systems were infected with Stuxnet, a virus developed by the U.S. and Israel to strike Iranian nuclear facilities at Natanz.

Chevron spokesman Morgan Crinklaw was quoted by The Wall Street Journal as saying the company was protected from major damage to its network, adding the company made “every effort to protect our data systems from those types of threats.”

According to U.S. officials, any industrial component is liable to be targeted by such sophisticated attacks. James Lewis, cyber expert at the Center for International and Strategic Studies (CSIS), said “thousands of places around the world were infected but only one was damaged,” the Iranian facility at Natanz.

Lewis said “Stuxnet is an interesting weapons design. You need to introduce the virus and then you need to trigger it. It only works against a specific configuration.” The first stage of the virus uses a “beacon” that performs surveillance of the target, mapping an electrical blueprint of Iran’s centrifuges, with the data sent back to the National Security Agency in Maryland. The second stage, a trigger, added a number of “zero-day exploits” that can cause physical damage. The virus was only configured for Iranian nuclear facilities. It wasn’t designed to spread, U.S. officials said.

But it did.

U.S. sources confirmed the account of researchers at Symantec and Kaspersky Labs that stated Stuxnet had two versions. The first, launched in 2010, had a 21-day period after which the virus would be null and void. Shortly thereafter, the U.S. and Israel launched a second version, believing the first was ineffective. The second version had a different trigger, and U.S. sources said they believed Israel introduced some error in the code trigger. They didn’t elaborate.

Naming the Victims
Chevron was one of the first oil companies to be a victim of the Stuxnet virus. Others, including Baker Hughes, Marathon, ExxonMobil, Shell, and BP, have yet to make any public admission of the attacks of the virus because reporting incidents could trigger liability.

Blair Nicholas, of the law firm Bernstein Litowitz Berger and Grossman based in San Diego, said in a recent news report, “To the extent that there aren’t adequate procedures in place to protect the companies’ crown jewels and somebody gets the key to the jewelry box, there is certainly potential for shareholder derivative liability.”

Besides Chevron, none of Stuxnet’s corporate victims, including Marathon Oil, ConocoPhillips and Baker Hughes, has disclosed the attacks in filings with regulators.

These same companies have already been victims of Chinese-backed industrial espionage assaults that have cost them billions of dollars in plans and intellectual property, sources said, and some of the Chinese attacks remained undetected for years.

In attacks on Baker Hughes and Shell Oil, the Chinese targeted bid data as well as project plans and financial information.

Conoco and Exxon experienced similar breaches, but they went unreported because of client confidentiality. Studies have already been done of malware aimed at seizing data in the computers of a drilling rig working on a ConocoPhillips project, sources said.

None of these companies have commented on this matter to the U.S. press.

New Threats to Platforms
New computer-controlled oil platforms are already a reality. But offshore-onshore contact and the processes out on the platform are often controlled by onshore personnel via networked PCs. When onshore and offshore networks are linked the chances of attacks by viruses and hackers increase dramatically.

Experts say that while oil companies have improved offshore safety, they have lagged in the field of information security. For example, several experts said virus attacks have led to electronic equipment becoming unstable, and while personnel undergo scenario training to reduce risks, such training is seldom employed in the field of information security.

This is especially dangerous when the current trend is going toward the direction of unmanned robot-controlled platforms, which leave electronic equipment more exposed to attack. Ludolf Luehmann, manager of IT at Shell, Europe’s largest oil company, said in a recent news report, “We see an increasing number of attacks on our IT systems and information, and there are various motivations behind it: Criminal and commercial,” all focusing on research and development to gain a competitive advantage.

Cyber war experts like Lewis are aware most industries operate on computers vulnerable to attack, and hackers are increasing in numbers, becoming more knowledgeable and skilled, and making more daring attacks on systems. “The Chinese have been very successful,” Lewis said.

Oil companies are warning the worst case scenario would be one in which valves were accessed, which could set offshore rigs on fire, kill personnel and halt production. The cost of down time on an offshore rig is $6.3 million a day, experts said. The financial loss could be huge.

Stuxnet, which crippled Iran’s nuclear centrifuges, shows the potential devastation of a worm created to cause damage. Experts believe this kind of attack could be replicated on oil producing offshore rigs.

Riemer Brower, head of IT security at Abu Dhabi Company for Onshore Oil Operations, said the oil industry has avoided any damaging incidents so far, but he warned that “the oil companies in charge are no longer really in control.”
Richard Sale was United Press International’s Intelligence Correspondent for 10 years and the Middle East Times, a publication of UPI. He is the author of Clinton’s Secret Wars and Traitors.

Monday, October 15, 2012 @ 11:10 AM gHale

By Richard Sale
Iran intensified its attempt to push forward its cyber war capabilities with a six-month rash of virus attacks that culminated with its hackers disabling 30,000 computers at Saudi Aramco, the world’s largest oil corporation, two months ago, computer and intelligence experts said.

The attack took place August 15, when a malware weapon took down 30,000 of the company’s computers, said Jim Lewis, a computer expert at the Center for Strategic and International Studies (CSIS) in Washington. While Aramco officials said production did not suffer from the attack, sources have said it is hard to believe they did not have production issues.

RELATED STORIES
Shamoon Mitigations Shelter Systems
Shamoon Malware and SCADA Security
Saudi Attack has ‘Inside’ Suspects
Shamoon Malware Variant Running
New Virus Hits Oil Giant, LNG Producer
Qatar’s RasGas Suffers Virus Hit
Saudi Aramco Back Up after Attack
Saudi Aramco Hacked

Two former senior CIA officials first alerted ISSSource the culprit in the attack was Iran working with personnel inside the Aramco’s computer center. They said the Saudi regime is investigating the attack and is arresting suspects like operating staff, janitors, office people, and cargo handlers.

CIA sources said attack was the work of a disgruntled Shiite insider (or insiders) that had full access to the system.

Richard Stiennon at IT-Harvest, a firm that tracks and reports on evolving cyber threats, told ISSSource 30,000 computers ended up scrambled and Iran was the perpetrator. He said Iranian-trained hackers launched the attack “in deep wrath” because of the mistreatment of the Shiites at the facility, and in Syria and Bahrain — two countries where the Saudi government has reportedly aided Sunni factions in their struggle with the Alawite-dominated regime and the Shiite majority, respectively.

The Aramco attack and the attack on RasGas, a major Qatar gas works, and other energy companies over the summer were in retaliation for the U.S.-Israeli developed Stuxnet virus that infected thousands of Iran’s nuclear program centrifuges, and as payback for the severe U.S.-imposed sanctions that have sent the Iranian economy into a tailspin, the CIA sources said.

“It’s basically a kind of low-grade cyber war,” said former CIA chief of Counterterrorism, Vince Cannistrao.

“It has had a big effect. 30,000 is a relatively big number,” Lewis said. “The computers were out for as much as a week and had to be replaced.”

“Thirty thousand is a big number,” said Andrew Ruef, a U.S. computer expert who is co-author of a forthcoming book on cyber war. Explaining that a “botnet” like Shamoon is collection of comprised computers under the control of a single individual or group, he added, “The Zeus botnet compromised an estimated 13 million computers,” and noted “botnets can be commanded to attack websites or search the data on computers.”

The Zeus botnet is a Trojan horse that steals banking information and spreads through drive-by downloads and phishing schemes, security experts said.

First identified in July 2007 when it was used to steal information from the U.S. Transportation Department it became more widespread in March 2009. In June 2009, security company Prevx discovered Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster.com, ABC, Oracle, Play.com, Amazon, and Business Week Magazine.

“Iran did not break into any of the industrial control systems as Stuxnet did,” Ruef said. Quoting a late 2010 analysis by Seculert, a cyber security firm, he said the Iranians instituted a series of simple attacks to build a “botnet” of zombies numbering as much as 20 million. Earlier this year, they defaced a series of sites to garner a stronger botnet network and then launched its assault on Saudi Aramco and the other organizations.

Lewis said the Aramco virus read the data from 30,000 computers and in all cases, erased the data, leaving the computers unusable. The attackers did not understand or read the data they compromised, he said.

“The dollar cost of an intrusion to a company can’t be underestimated,” Ruef said. He also agreed Iran headed up the attack.

“There is a really significant dollar cost to this attack,” Lewis said.

Iran’s Cyber Army
Iran’s Cyber Army (ICA) began as a group within the Iranian military, said Paulo Shahkarian, Ph.D, a computer expert at the West Point Military Academy and Ruef’s co- author. The ICA began to surface in 2009, using equipment and tactics considerably inferior to that of the world’s most powerful nations.

According to Stiennon and confirmed by U.S. intelligence officials who asked not to be named, Iran’s initial cyber forays, driven by an intensifying rivalry with Saudi Arabia, did little damage: No money was stolen, no technology damaged, or classified information taken. U.S. intelligence officials said the early hacks on prominent international websites were short-lived and more of a nuisance than anything else.

But to jeer at Iran’s early capability is to miss the point.

The attacks of government and business sector websites made clear Iran had recognized the potential of the cyber attacks as the newest form of international espionage and warfare, and realized they needed to become a real player in the game.

Iran a Quick Learner
In January, the Tel Aviv Stock Exchange and the Israeli airline, EL Al were also hit by the hackers, along with U.S. banks, these intelligence sources said, and NBC News and others reported Iran’s cyber warriors recently defaced and disrupted the websites of U.S. banks including JPMorgan Chase and Bank of America. The attacks apparently sought to disrupt websites and other computer systems at the targets by overwhelming their networks with computer traffic. Many reports claimed the anti-Islam video that belittled and insulted the Muslim Prophet Muhammad had prompted the Denial-of-Service (DoS) assaults, while others suggested the action was taken in response to U.S. sanctions on Iranian banks. The websites have been out of commission for over a week, according to news reports.

Many experts said the Aramco attacks mark a new era in collaborative cyber warfare, the goal of which is to rule virtual space, with Iran moving away from the defacement attacks against Twitter and Baidu toward the deployment of the malicious botnet.

While many U.S. analysts agree that, as a hacking group, ICA still has to mature a bit. They are still far off from pulling off the caliber of attacks we have seen from Russia and China, but ICA is still in the process of creating its own botnet. If Iran’s latest attack is as large as the above analysis suggests, it would mark a significant advance in Iran’s cyber warfare capabilities and could pay some large dividends in the arena of cyber war.

Iran is currently jamming the Persian Service of the Voice of America (VOA), and Radio Farda, another Persian language program, U.S. officials said. The Broadcast Board of Governors that oversees Voice of America and other U.S.-sponsored broadcasts has accused Iran of jamming radio and television programming into the Middle East and eastern Europe during the ongoing Iranian currency crisis. U.S. intelligence officials told IPS Iran has targeted the three broadcast services before, adding that jamming violates international communications regulations.

But the real lesson of the Aramco incident is sinister and chilling.

“So if you and your friends wanted to hack into Aramco and shut down a bunch of computers, you’re about six months and $10,000 from being able to do it,” Ruef said. “The capability has been very thoroughly democratized.”

“I don’t think it would take six months,” Lewis said.

On Thursday, Defense Secretary, Leon E. Panetta, issued a blunt warning the U.S. was facing the possibility of a “cyber-Pearl Harbor” and was increasingly vulnerable to foreign computer hackers who could dismantle the nation’s power grid, transportation system, financial networks and government,” according to several news reports. In an address to business executive last Thursday he said the Shamoon attacks, represented a “significant escalation of the cyber threat.”

Richard Sale was United Press International’s Intelligence Correspondent for 10 years and the Middle East Times, a publication of UPI. He is the author of Clinton’s Secret Wars and Traitors.

 
 
Archived Entries