patriot missile battery hacked?

[Mark F]

any thoughts? Report denied by German government.

 

http://europe.newsweek.com/german-missiles-hacked-by-foreign-source-329980

 

"A German missile system stationed on the Turkish-Syrian border was reportedly hacked by a "foreign source" and carried out "unexplained commands".

The Patriot missiles, stationed on the Turkish side of the border under the Nato pact, were briefly taken over by an unidentified hacker, according to German civil service magazine Behörden Spiegel."

[Mark F]

and yesterday New York stock exchange had a "computer glitch" no trading for several hours, and United Airlines had "computer glitch"

[Atomic]

But what does it all mean, Mark?

[Mark F]

don't know. I thought you would.

[Atomic]

don't know. I thought you would.

 

Every time you put a piece of software in something, it introduces a security risk.  The size of the security risk depends on who created the software.  But every piece of software has a vulnerability, even if it hasn't been discovered yet.  This puts our need for security directly at odds with our desire for the automation provided by software.  Couple this with a software industry that is still very young in comparison to other critical professions like engineering and medicine, and you have a recipe for disaster.  The software industry is still searching for the best ways to build software, but the world isn't willing to wait.  

 

So what do we have now?  The so-called "Internet of Things", where everything is connected.  You can get refrigerators that are wi-fi compatible.  Do we really need this?  On the other hand, someone hacking your fridge wouldn't be the worst thing.  But when we talk about cars, planes, machinery.... missile batteries.... you have to wonder if the push for progress is growing beyond our grasp.

[The Unknown Poster]

My concern would be these seemingly unconnected incidents are a foreign government (China, North Korea, Russia) testing their capabilities and the U.S. response.  And that at some point in the future there will be a "real" unleashing of a plan.  That could be to attack the U.S. economy by taking out the computer systems of all the airlines, stock markets etc at the same time.  or an attack on government/military installations and assets.  Or even more nefarious, an effort to take control of missiles, in-flight airlines etc.

 

When something like this happens, it makes me wonder what the response is.  because you dont often hear about China being knocked out for several hours.  There was that attack on NK that people say was the US response to the studio hacking but it seemed to just knock out internet access in NK for a few hours which I cant imagine was a huge deal.  Do we, as in the western world, not have the same sort of capabilities to cyber attack?  Do we just not invest in it?  Does it violate some moral code?  Or do we commit cyber attacks that the other side keeps secret?

[Atomic]

These so-called cyber attacks don't serve much of a purpose... and I say so-called because I don't think they are originating from foreign governments.  You wouldn't openly hack something just to prove you can do it, because then the vulnerability gets patched.  It would be pointless... basically just a giant act of government ****-swinging.  I guess you can't rule that out altogether.

 

As for the U.S., wikileaks has released plenty of documents that shows that the U.S. actively engages in cyber espionage.  I'd be surprised if the U.S. isn't capable (possibly more capable than anyone on Earth) of large-scale cyber-attacks and their hand has just never been forced.

[Mark F]

thanks guys both make a lot of sense. 

 

US attacked Iran with "student"

 

" attack by US "Different variants of Stuxnet targeted five Iranian organizations,^[17] with the probable target widely suspected to be uranium enrichment infrastructure in Iran;^[16][18][19] Symantec noted in August 2010 that 60% of the infected computers worldwide were in Iran.^[20] Siemens stated that the worm has not caused any damage to its customers,^[21] but the Iran nuclear program, which uses embargoed Siemens equipment procured secretly, has been damaged by Stuxnet.^[22][23] Kaspersky Lab concluded that the sophisticated attack could only have been conducted "with nation-state support".^[24]This was further supported by the F-Secure's chief researcher Mikko Hyppönen who commented in a Stuxnet FAQ, "That's what it would look like, yes".^[25]

 

The new cars with much electronic control, are hackable, and someone not in the car, can take control of the car. You wonder about the planes.

 

worst of course is the nuclear missiles. God help us if somebody insane figures out how to control those.

 

Another problem, the outsourcing system has been adopted by US military, who now depend on other nations for parts for some of their equipment.

 

"•    The United States is completely dependent on a single Chinese company for the chemical needed to produce the solid rocket fuel used to propel HELLFIRE missiles. As current U.S. supplies diminish, our military will be reliant on the Chinese supplier to provide this critical chemical—butanetriol—in the quantities needed to maintain this missile system. HELLFIRE missiles are a widely used, reliable, and effective weapon launched from attack helicopters and unmanned drones. They are a critical component in America’s arsenal."

 

Or even more nefarious, an effort to take control of missiles, in-flight airlines etc.

 

 

 

how bout satellites?  MIlitary satellites. Also I understand that the electrical grid is highly computerized. Atomic's right, it's everything.

[Mark F]

fontosy.

[Atomic]

 

The new cars with much electronic control, are hackable, and someone not in the car, can take control of the car. You wonder about the planes.

 

That's a good point.  I wonder about some of these cars that can park themselves or brake when you're getting to close to the person in front of you.  This is giving a little too much control to the computer systems and therefore anyone who gains control of the computer systems.  TUP posted an interesting theory in the missing Malaysian flight thread that involved a hacker gaining control of the plane through a certain panel that could be exposed in the cabin.

 

Of course, this is the trade-off we all consider.  Having computer systems in planes allows us to do a lot of good stuff.  It's a security risk but do the benefits outweigh the risk?  That's the question we have to keep asking.

[The Unknown Poster]

 

 

The new cars with much electronic control, are hackable, and someone not in the car, can take control of the car. You wonder about the planes.

 

That's a good point.  I wonder about some of these cars that can park themselves or brake when you're getting to close to the person in front of you.  This is giving a little too much control to the computer systems and therefore anyone who gains control of the computer systems.  TUP posted an interesting theory in the missing Malaysian flight thread that involved a hacker gaining control of the plane through a certain panel that could be exposed in the cabin.

 

Of course, this is the trade-off we all consider.  Having computer systems in planes allows us to do a lot of good stuff.  It's a security risk but do the benefits outweigh the risk?  That's the question we have to keep asking.

 

This theory has surfaced more since they havent found the plane.  And I've read it said its certainly feasible to take control of a plane in that way.  It's all computers now.  Fly-by-wire.  Although I think its sitting at the bottom of the ocean, there are certainly many unanswered questions.

 

The NK hack on Sony though...a case of revenge.  I could see a despot nation like NK just hacking for sh!ts & Giggles.

[Mark F]

"Miller, a 40-year-old security engineer at Twitter, and Valasek, the 31-year-old director of security intelligence at the Seattle consultancy IOActive, received an $80,000-plus grant last fall from the mad-scientist research arm of the Pentagon known as the Defense Advanced Research Projects Agency to root out security vulnerabilities in automobiles.

 

As I drove their vehicles for more than an hour, Miller and Valasek showed that they’ve reverse-engineered enough of the software of the Escape and the Toyota Prius (both the 2010 model) to demonstrate a range of nasty surprises: everything from annoyances like uncontrollably blasting the horn to serious hazards like slamming on the Prius’ brakes at high speeds.

They sent commands from their laptops that killed power steering, spoofed the GPS and made pathological liars out of speedometers and odometers. Finally they directed me out to a country road, where Valasek showed that he could violently jerk the Prius’ steering at any speed"

 

One of the UCSD professors involved in those earlier tests, Stefan Savage, claims that wireless hacks remain possible and affect the entire industry: Given that attacks on driving systems have yet to be spotted outside of a lab, manufacturers simply haven’t fully secured their software, he says. “The vulnerabilities that we found were the kind that existed on PCs in the early to mid-1990s, when computers were first getting on the Internet,” says Savage."

 

 

Forbes

[Mark F]

Of course DARPA is involved.

[The Unknown Poster]

"Miller, a 40-year-old security engineer at Twitter, and Valasek, the 31-year-old director of security intelligence at the Seattle consultancy IOActive, received an $80,000-plus grant last fall from the mad-scientist research arm of the Pentagon known as the Defense Advanced Research Projects Agency to root out security vulnerabilities in automobiles.

 

As I drove their vehicles for more than an hour, Miller and Valasek showed that they’ve reverse-engineered enough of the software of the Escape and the Toyota Prius (both the 2010 model) to demonstrate a range of nasty surprises: everything from annoyances like uncontrollably blasting the horn to serious hazards like slamming on the Prius’ brakes at high speeds.

They sent commands from their laptops that killed power steering, spoofed the GPS and made pathological liars out of speedometers and odometers. Finally they directed me out to a country road, where Valasek showed that he could violently jerk the Prius’ steering at any speed"

 

One of the UCSD professors involved in those earlier tests, Stefan Savage, claims that wireless hacks remain possible and affect the entire industry: Given that attacks on driving systems have yet to be spotted outside of a lab, manufacturers simply haven’t fully secured their software, he says. “The vulnerabilities that we found were the kind that existed on PCs in the early to mid-1990s, when computers were first getting on the Internet,” says Savage."

 

 

Forbes

Dont let City of Winnipeg know this is possible.  That will be their next great scam.

[Atomic]

See that's some scary ****.