hacking Archives - Page 57 of 78 - Schneier on Security

Entries Tagged "hacking"

Page 57 of 78

Hacking Critical Infrastructure

A otherwise uninteresting article on Internet threats to public infrastructure contains this paragraph:

At a closed-door briefing, the senators were shown how a power company employee could derail the New York City electrical grid by clicking on an e-mail attachment sent by a hacker, and how an attack during a heat wave could have a cascading impact that would lead to deaths and cost the nation billions of dollars.

Why isn’t the obvious solution to this to take those critical electrical grid computers off the public Internet?

Posted on March 20, 2012 at 8:52 AM • View Comments

Avi Rubin on Computer Security

Avi Rubin has a TEDx talk on hacking various computer devices: medical devices, automobiles, police radios, smart phones, etc.

Posted on March 19, 2012 at 2:33 PM • View Comments

Comic: Movie Hacking vs. Real Hacking

Funny.

Posted on March 6, 2012 at 6:20 AM • View Comments

VeriSign Hacked, Successfully and Repeatedly, in 2010

Reuters discovered the information:

The VeriSign attacks were revealed in a quarterly U.S. Securities and Exchange Commission filing in October that followed new guidelines on reporting security breaches to investors. It was the most striking disclosure to emerge in a review by Reuters of more than 2,000 documents mentioning breach risks since the SEC guidance was published.

The company, unsurprisingly, is saying nothing.

VeriSign declined multiple interview requests, and senior employees said privately that they had not been given any more details than were in the filing. One said it was impossible to tell if the breach was the result of a concerted effort by a national power, though that was a possibility. “It’s an ugly, slim sliver of facts. It’s not enough,” he said.

The problem for all of us, naturally, is if the certificate system was hacked, allowing the bad guys to forge certificates. (This has, of course, happened before.)

Are we finally ready to accept that the certificate system is completely broken?

Posted on February 3, 2012 at 10:49 AM • View Comments

Stealing Source Code

Hackers stole some source code to Symantec’s products. We don’t know what was stolen or how recent the code is—the company is, of course, minimizing the story—but it’s hard to get worked up about this. Yes, maybe the bad guys will comb the code looking for vulnerabilities, and maybe there’s some smoking gun that proves Symantec’s involvement in something sinister, but most likely Symantec’s biggest problem is public embarrassment.

Posted on January 9, 2012 at 12:55 PM • View Comments

Applying Game Theory to Cyberattacks and Defenses

Behzad Zare Moayedi, Mohammad Abdollahi Azgomi, “A Game Theoretic Framework for Evaluation of the Impacts of Hackers Diversity on Security Measures,” Reliability Engineering & System Safety, 99 (2012): 45-54 (full article behind paywall).

Abstract: Game theoretical methods offer new insights into quantitative evaluation of dependability and security. Currently, there is a wide range of useful game theoretic approaches to model the behaviour of intelligent agents. However, it is necessary to revise these approaches if there is a community of hackers with significant diversity in their behaviours. In this paper, we introduce a novel approach to extend the basic ideas of applying game theory in stochastic modelling. The proposed method classifies the community of hackers based on two main criteria used widely in hacker classifications, which are motivation and skill. We use Markov chains to model the system and compute the transition rates between the states based on the preferences and the skill distributions of hacker classes. The resulting Markov chains can be solved to obtain the desired security measures. We also present the results of an illustrative example using the proposed approach, which examines the relation between the attributes of the community of hackers and the security measures.

Posted on January 2, 2012 at 6:15 AM • View Comments

Tying Up Phone Lines as a Cyberattack Tactic

There’s a service that can be hired to tie up target phone lines indefinitely. The article talks about how this can be used as a diversionary tactic to mask a cyberattack, but that seems a bit odd to me. I’d be more concerned about how this sort of thing could be used to disrupt the operations of a political candidate on the eve of an election.

Posted on December 29, 2011 at 1:58 PM • View Comments

Hacking Marconi's Wireless in 1903

A great story:

Yet before the demonstration could begin, the apparatus in the lecture theatre began to tap out a message. At first, it spelled out just one word repeated over and over. Then it changed into a facetious poem accusing Marconi of “diddling the public”. Their demonstration had been hacked—and this was more than 100 years before the mischief playing out on the internet today. Who was the Royal Institution hacker? How did the cheeky messages get there? And why?

Posted on December 29, 2011 at 9:47 AM • View Comments

Santa Hacked

Mildly amusing video.

Posted on December 23, 2011 at 2:50 PM • View Comments

Chinese Hacking of iBahn Internet Services

Citing unexplained “intelligence data,” an unnamed “senior intelligence official,” and an anonymous “privacy security official,” Bloomberg News claims that iBahn—the company that runs Internet services for a bunch of hotel chains—has been hacked by the Chinese. The rest of the story is pretty obvious: all sorts of private e-mails stolen, corporate networks hacked via iBahn, China does lot of hacking, and so on. iBahn has denied the story.

Come on, people. I know that China hacking stories are plausible, but the bar for actual evidence should be higher than this.

Posted on December 21, 2011 at 5:55 AM • View Comments

←Previous 1 … 55 56 57 58 59 … 78 Next→

Sidebar photo of Bruce Schneier by Joe MacInnis.