News


Botnets, zombies and industrial security

January 2016 News

“A ‘bot’, short for robot, is a type of software application that performs tasks on command, allowing an attacker to take complete control remotely of an affected computer. The compromised machine may also be referred to as a ‘zombie’. A collection of these infected computers is known as a ‘botnet’.”– nacha.org.

Revolution - Eric Knapp, global director cyber security solutions, Honeywell Process Solutions

The ‘Internet of Things’ is exploding. Our IoT world is growing at a breath-taking pace, from two billion objects in 2006 to a projected 200 billion by 2020. That will be around 26 smart objects for every human being on Earth!

The image on this page is neither a virus, nor a cross-section of a zombie brain, it is a map of the Internet representing well over three billion connected users. Each user is represented by several devices e.g. they have a personal PC, business laptop, a smartphone, etc. The number of devices is growing at an exponential rate. The Internet is becoming ubiquitous. It is becoming pervasive. Some might say it’s even becoming invasive.

A guide to industrial cyber espionage

As the Internet surged into our personal and business lives, a threat followed hot on its heels – a threat to our privacy and safety.

In 2010 (http://www.instrumentation.co.za/article.aspx?pklarticleid=6957) Stuxnet struck the industrial cybersecurity gong. At the time, it was ground-breaking ... it was another revolution. Simple viruses gave way to complex, sophisticated, intelligent malware that was able to penetrate an air gapped network, infect logic controllers in a very targeted and precise way and manipulate industrial control processes in such a way that it caused physical damage. It caused a significant setback to the Iranian nuclear programme.

In June 2014 (http://www.instrumentation.co.za/8303a) a cyber espionage group, widely known as ‘Dragonfly’, actively targeted energy suppliers in predominantly Western countries. Dragonfly stole a lot of information. We are still not sure exactly how much information they stole or why they stole it. Unlike a lot of stolen information, this particular intellectual property has not surfaced yet. We don’t know why anyone took it. It could have been an academic exercise or it could be something much more sinister.

Why does the cyber threat exist?

The answer is simple. It’s about money. It is not about Euros or Dollars or Yen. It’s about Bitcoins – virtual currencies that have evolved in the digital age to allow anonymous transactions – transactions of the type where you can do almost anything:

• You can buy information if you need it.

• If you cannot create the malware yourself, you can have somebody else create it for you as a ‘service’.

• If you cannot access the network you need, you can buy your way in.

Personal cyber espionage – Raj Samani, chief technology officer (EMEA), Intel Security and advisor to The Europol Cyber Crime Force

What McAfee decided to do was test the allegations made in the paragraph above. One of the questions asked was, “What happens to the data after it is stolen?”

A research team conducted a study called ‘The Hidden Data Economy’ with the goal of understanding:

1. What happens after a data breach?

2. Does the data actually become available for selling?

3. If so, what data becomes available?

When the team started the research they expected to find credit card details. When they published the research the feedback that they received most often was, “You’re being ripped off. I can buy credit cards much cheaper than you.”

But, how does one know the services being offered are ‘trustworthy’? It is like any modern online business. If one buys a stolen credit card and it does not work, don’t worry, because you’ll get a free replacement.

One particular criminal enterprise investigated was offering a free customer service chat window, just in case you didn’t know how to perform the hack yourself – a criminal syndicate that actually gives you a free help desk!

Industrial espionage – understanding the adversary

Not only are vulnerabilities and direct access into the IT networks of large organisations being sold, but criminals are also selling direct access into operational technology.

First of all, we are up against an adversary who hacks and then provides that information to anybody willing to pay. An example is Cryptowall – a form of ransomware. If a computer is infected, the ransomware will encrypt all of the data on the computer. Not only that, it will also encrypt all of the data that you are connected to. So, if a computer uses shared drives and is connected to a company’s servers, it will encrypt those files as well.

To de-crypt that information, i.e. to get the data back, the user has to pay a ransom, somewhere in the region of about two Bitcoins (approximately US$400-500). A recent study showed that the Cryptowall Version 3 (by itself) netted the criminals US$235 million – a very conservative estimate. Since the research was completed it is estimated that the revenue could have doubled or tripled. That is just the revenue from Cryptowall Version 3.0.

The full article can be viewed at http://instrumentation.co.za/+J462



Credit(s)



Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

New Würth Elektronik location in South Africa
News
A new Würth Elektronik branch has opened in Brackenfell, Western Cape. The location operates under the name Wurth Electronics South Africa and will serve local customers, as well as being responsible for markets in Botswana, Mauritius, Namibia, Tanzania and Zambia.

Read more...
John Thompson and BECS partner to deliver biomass energy solutions
News
John Thompson, a division of ACTOM and South Africa’s leading provider of industrial energy solutions, has announced a strategic partnership with Berkeley Energy Corporate Solutions, a specialist developer and supplier of biomass energy projects. Together, the companies aim to accelerate the deployment of reliable, renewable steam solutions to industrial customers across Africa.

Read more...
Academy pumps out the next generation of experts
News
KSB Pumps and Valves has invested in a specialised training centre designed to equip internal and branch staff and certified partners with in-depth knowledge of KSB products and systems.

Read more...
Celebrating the power of diversity in the engineering sector
News
The engineering sector has historically been a male-dominated field, and to a large extent it still is. However, this is changing, and the shift is gaining significant momentum as more women begin to take up leadership roles, spearheading innovation and driving inclusive growth.

Read more...
Fifteen years of promoting innovation and supporting engineering excellence
RS South Africa News
RS South Africa is celebrating 15 years of promoting innovation and supporting engineering excellence through DesignSpark, its pioneering online engineering platform.

Read more...
From the Editor's desk: What happened to the metaverse?
Technews Publishing (SA Instrumentation & Control) News
One of the most interesting technical crashes in recent years is the metaverse. As recently as 2022, it was white hot, with massive hype led by Meta. Even Bill Gates was saying that in two to three years ...

Read more...
Omniflex celebrates 60th anniversary
Omniflex Remote Monitoring Specialists News
Remote monitoring specialist Omniflex is celebrating its 60th anniversary.

Read more...
Nidec adopts Siemens Teamcenter for electric motor development
Siemens South Africa News
Siemens Digital Industries Software has announced that Nidec Corporation, a Japanese manufacturer and distributor of electric motors, has adopted Teamcenter X software from the Siemens Xcelerator portfolio of industry software to achieve innovative motor development and supply to set new industry standards, including automotive.

Read more...
Yaskawa Southern Africa and Sol-Tech advance industrial robotics training
Yaskawa Southern Africa News
Yaskawa Southern Africa has announced a strategic collaboration with Sol-Tech, a private vocational training institution based in Pretoria, to strengthen technical education in industrial robotics and support the development of future-focused talent for South Africa’s evolving manufacturing sector.

Read more...
Building skills and sharing knowledge for growth in Africa
SEW-EURODRIVE News
As a leading provider of drive and automation solutions across the continent, SEW-EURODRIVE recognises that local insight and on-the-ground capability are critical to delivering effective sustainable results. The company continues to invest in people development and technical training within its network of African subsidiaries and partners, supporting the long-term growth of its customers and the broader industrial ecosystem.

Read more...









While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd | All Rights Reserved