First  Prev  1  2  3  Next  Last
Well This Is Scary.... Russian Malware Found In A Vermont Utility Laptop
Posted 1/2/17 , edited 1/2/17
Oh no the Russians haxxors cyber cracked and back traced our mainframe!
22866 cr points
Send Message: Send PM GB Post
The White House
Offline
Posted 1/2/17 , edited 1/2/17

ninjitsuko wrote:


Rujikin wrote:

I'd bet 1000 CR points that laptop is using windows. They should have installed linux.


I'd raise that bet to 10000 CR points, that it was using a branch of UNIX (if it was an infrastructure or web server).
Most electrical grid systems in the US require a UNIX backbone. If this was an individual workstation, chances are it was due to poor security standards by their network administrator (regardless of the OS).

If it were a workstation, it just meant that they didn't really pay much attention to security policies internally. This tends to be an issue with small towns and the likes; their CTO will usually have a Linux/UNIX background but will have to suffice to use Windows or MacOS for workstations because Linux isn't user-friendly for most offices.
Linux has its fair share of rootkits and malware issues - never assume that just because you're not running in a closed source environment that you're safe from viruses, rootkits, and such.



It was a laptop. It would be stupid to have a mobile device hosting your infrastructure or your web servers.

Linux not user friendly? You obviously have not used Linux Mint. There's a reason I recommend it.

It's actually a little difficult to install viruses on linux so you don't have much of a problem with self-installing viruses.
22866 cr points
Send Message: Send PM GB Post
The White House
Offline
Posted 1/2/17 , edited 1/3/17
Alright everyone can stop talking about this! Its already been revealed that it was more fake news by the Washington post! They already stealthily retracted their statements because authorities said they were full of shit!

The Washington Post has retracted its story about Russian hackers penetrating the nation’s electricity grid with a virus found in a Burlington, Vt., electric company laptop.
5182 cr points
Send Message: Send PM GB Post
54 / M
Offline
Posted 1/2/17 , edited 1/2/17
Outdated Ukrainian malware found on laptop that has nothing to do with actual control of the electric grid in some podunk area of Vermont.

Mainstream Media conclusion:

PUTIN OUT TO GET OUR ELECTRIC GRIDS!!! OH NOES!!!
Posted 1/2/17 , edited 1/2/17

Rujikin wrote:

It was a laptop. It would be stupid to have a mobile device hosting your infrastructure or your web servers.

Linux not user friendly? You obviously have not used Linux Mint. There's a reason I recommend it.

It's actually a little difficult to install viruses on linux so you don't have much of a problem with self-installing viruses.


I use Slackware - you try to get an office full of people who aren't technically savvy to use a Linux distribution. Regardless of Cinnamon or MATE desktop environments, you're forgetting that most people in an office are not technically savvy enough to handle installing their own drivers. Plus, a lot of software in the professional realm requires Windows-based networks (Active Directory) because of overall functionality versus the obstacles that would come with using your entire network on *nix-based operating systems. Mint is pretty much the "newbie friendly" version of Linux; much like Ubuntu was up until they started to pander too far into the "Unity" desktop (too much like Windows causes conflicting emotions for those trying to escape it).

It's actually not that difficult to install a rootkit on a Linux machine. Especially if the person is only switching to a Linux distribution to get away from Windows, as they tend to know the least about technology and these "out of the box" distributions are not centered around security. It's just slightly more difficult because it requires someone who actually knows what they're doing - versus some random site that tries to install software (ActiveX-based, executables through email, etc..). Auto-installing isn't the issue, it's the types where they've targeted an individual and said the individual is using Linux without utilizing some of the additional benefits of Linux (security wise).


Rujikin wrote:

Alright everyone can stop talking about this! It's already been revealed that it was more fake news by the Washington post! They already stealthily retracted their statements because authorities said they were full of shit!

The Washington Post has retracted its story about Russian hackers penetrating the nation’s electricity grid with a virus found in a Burlington, Vt., electric company laptop.



Um... you've clearly not read my last post.
Let me quote myself - I didn't really pay attention to Washington Post, as I don't try to use sources here that would make conservatives or liberals cry foul. Funnily enough, it wasn't the Washington Post who originally started this story - it was Burlington Electric Company themselves. Who would you rather trust: the company that suspects that they were infiltrated or the fact that a mainstream media website took down an article about it?


ninjitsuko wrote:

Scratch that - this was a laptop that was compromised. Seven Days article that outlines some of the details that weren't published by mainstream news organizations. I won't say they were "jumping at shadows" but it appears that traffic was being monitored during the "hysteria" of Russian hacking and the federal agencies monitoring for digital footprints that link to Russian hacking groups. It seems that known spearfishing attempts probably worked on the Burlington Electric Department.

So here's what we know about this story so far (objective as possible):

1. The malware was found on the laptop of a Burlington Electric Department employee. (Source)
2. It was not related to the infrastructure for BED nor did it have access to customer information. (Source)
3. This was a result of Homeland Security informing all U.S.-based utility companies of code that was linked back to Grizzly Steppe (a Russian hacking campaign/group). BED scanned all computers and found this malware code executing on one of their laptops (Source).

The legitimacy of the malware can be put into question, to a degree. However, it is also known that Grizzly Steppe is notorious for spearfishing (the act of sending spoofed or fake emails that seem genuine to an employee that doesn't know any better to convince them to install malware) and this would collaborate with the fact that it was an employee computer that was compromised.


Edit:

Actually, rather than my last comment about "who would you rather trust" - I mean more so that it's not about "OH NOHS, THE RUSSIANS HAVE HACKED OUR GRIDZZZZZLZZLOLZOLZOLZ"... more so about the legitmacy of the fact that an employee computer was infiltrated by known code that was passed out to US utility companies that traces back to Grizzly Steppe. That part is true, no matter how the mainstream media tries to spin it. The severity is overstated, but the fact remains that it happened (according to BED themselves).
1235 cr points
Send Message: Send PM GB Post
16 / M
Offline
Posted 1/2/17 , edited 1/2/17

ninjitsuko wrote:
--snip--

Keep using Slackware and I will love you forever.
Posted 1/2/17 , edited 1/2/17

Radraymond01 wrote:


ninjitsuko wrote:
--snip--

Keep using Slackware and I will love you forever.


I've been using Slackware for over 20 years now ...
I still have a Windows environment for gaming (Linux is getting there, but Windows will be more stable for a while longer). I still run enough virtual machines to test newer distributions of Linux; nothing ever hits the spot like Slackware with my own kernel.
36394 cr points
Send Message: Send PM GB Post
38 / F / Seireitei, Soul S...
Offline
Posted 1/2/17

cosmoflanker wrote:

Outdated Ukrainian malware found on laptop that has nothing to do with actual control of the electric grid in some podunk area of Vermont.

Mainstream Media conclusion:

PUTIN OUT TO GET OUR ELECTRIC GRIDS!!! OH NOES!!!


Actually if you'd bothered reading any of the articles linked, either the one in my original post or others that other posters have linked, you'd have seen that the malware that they found is linked to current Russian malware that is being used. And while my area of Vermont may be 'podunk' to some people and compared to bigger cities, the fact remains that it is the largest and most populated area in the state of Vermont and that taking down that electrical grid would cause a lot of issues around here. I was just pointing out the fact that I have no idea why the Russians would bother to mess with our electrical grid here when there are far bigger cities and areas that they could take out and cause bigger problems with and theorized that they might have been testing to see if they could get in on a smaller scale before trying it on a bigger scale. Because face it, if they took out a major power grid in the US, a lot of people would be screwed.
36394 cr points
Send Message: Send PM GB Post
38 / F / Seireitei, Soul S...
Offline
Posted 1/2/17

ninjitsuko wrote:


Rujikin wrote:

It was a laptop. It would be stupid to have a mobile device hosting your infrastructure or your web servers.

Linux not user friendly? You obviously have not used Linux Mint. There's a reason I recommend it.

It's actually a little difficult to install viruses on linux so you don't have much of a problem with self-installing viruses.


I use Slackware - you try to get an office full of people who aren't technically savvy to use a Linux distribution. Regardless of Cinnamon or MATE desktop environments, you're forgetting that most people in an office are not technically savvy enough to handle installing their own drivers. Plus, a lot of software in the professional realm requires Windows-based networks (Active Directory) because of overall functionality versus the obstacles that would come with using your entire network on *nix-based operating systems. Mint is pretty much the "newbie friendly" version of Linux; much like Ubuntu was up until they started to pander too far into the "Unity" desktop (too much like Windows causes conflicting emotions for those trying to escape it).

It's actually not that difficult to install a rootkit on a Linux machine. Especially if the person is only switching to a Linux distribution to get away from Windows, as they tend to know the least about technology and these "out of the box" distributions are not centered around security. It's just slightly more difficult because it requires someone who actually knows what they're doing - versus some random site that tries to install software (ActiveX-based, executables through email, etc..). Auto-installing isn't the issue, it's the types where they've targeted an individual and said the individual is using Linux without utilizing some of the additional benefits of Linux (security wise).


Rujikin wrote:

Alright everyone can stop talking about this! It's already been revealed that it was more fake news by the Washington post! They already stealthily retracted their statements because authorities said they were full of shit!

The Washington Post has retracted its story about Russian hackers penetrating the nation’s electricity grid with a virus found in a Burlington, Vt., electric company laptop.



Um... you've clearly not read my last post.
Let me quote myself - I didn't really pay attention to Washington Post, as I don't try to use sources here that would make conservatives or liberals cry foul. Funnily enough, it wasn't the Washington Post who originally started this story - it was Burlington Electric Company themselves. Who would you rather trust: the company that suspects that they were infiltrated or the fact that a mainstream media website took down an article about it?


ninjitsuko wrote:

Scratch that - this was a laptop that was compromised. Seven Days article that outlines some of the details that weren't published by mainstream news organizations. I won't say they were "jumping at shadows" but it appears that traffic was being monitored during the "hysteria" of Russian hacking and the federal agencies monitoring for digital footprints that link to Russian hacking groups. It seems that known spearfishing attempts probably worked on the Burlington Electric Department.

So here's what we know about this story so far (objective as possible):

1. The malware was found on the laptop of a Burlington Electric Department employee. (Source)
2. It was not related to the infrastructure for BED nor did it have access to customer information. (Source)
3. This was a result of Homeland Security informing all U.S.-based utility companies of code that was linked back to Grizzly Steppe (a Russian hacking campaign/group). BED scanned all computers and found this malware code executing on one of their laptops (Source).

The legitimacy of the malware can be put into question, to a degree. However, it is also known that Grizzly Steppe is notorious for spearfishing (the act of sending spoofed or fake emails that seem genuine to an employee that doesn't know any better to convince them to install malware) and this would collaborate with the fact that it was an employee computer that was compromised.


Edit:

Actually, rather than my last comment about "who would you rather trust" - I mean more so that it's not about "OH NOHS, THE RUSSIANS HAVE HACKED OUR GRIDZZZZZLZZLOLZOLZOLZ"... more so about the legitmacy of the fact that an employee computer was infiltrated by known code that was passed out to US utility companies that traces back to Grizzly Steppe. That part is true, no matter how the mainstream media tries to spin it. The severity is overstated, but the fact remains that it happened (according to BED themselves).



I think that Rujikin was joking with that last post of his because what he linked is actually the homepage for Crunchyroll, so it was probably all just in good fun. He probably did it because of the other threads around here where there have been stories like this that weren't fully fact checked first and had sensationalized reporting and assumptions. I got a smile out of it.
And thank you for finding the other articles about this incident and posting them here and the facts. I didn't even know that Seven Days had run an article about it since that's just a local independent paper around here. I actually found the article off of something else I was reading through Yahoo! or something and thought that it was interesting and a bit scary to find out.
47839 cr points
Send Message: Send PM GB Post
28 / F / SC
Offline
Posted 1/2/17 , edited 1/3/17
darn russians and their cold weather
Posted 1/2/17 , edited 1/3/17
22866 cr points
Send Message: Send PM GB Post
The White House
Offline
Posted 1/2/17 , edited 1/3/17

BlackRose0607 wrote:


ninjitsuko wrote:


Rujikin wrote:

It was a laptop. It would be stupid to have a mobile device hosting your infrastructure or your web servers.

Linux not user friendly? You obviously have not used Linux Mint. There's a reason I recommend it.

It's actually a little difficult to install viruses on linux so you don't have much of a problem with self-installing viruses.


I use Slackware - you try to get an office full of people who aren't technically savvy to use a Linux distribution. Regardless of Cinnamon or MATE desktop environments, you're forgetting that most people in an office are not technically savvy enough to handle installing their own drivers. Plus, a lot of software in the professional realm requires Windows-based networks (Active Directory) because of overall functionality versus the obstacles that would come with using your entire network on *nix-based operating systems. Mint is pretty much the "newbie friendly" version of Linux; much like Ubuntu was up until they started to pander too far into the "Unity" desktop (too much like Windows causes conflicting emotions for those trying to escape it).

It's actually not that difficult to install a rootkit on a Linux machine. Especially if the person is only switching to a Linux distribution to get away from Windows, as they tend to know the least about technology and these "out of the box" distributions are not centered around security. It's just slightly more difficult because it requires someone who actually knows what they're doing - versus some random site that tries to install software (ActiveX-based, executables through email, etc..). Auto-installing isn't the issue, it's the types where they've targeted an individual and said the individual is using Linux without utilizing some of the additional benefits of Linux (security wise).


Rujikin wrote:

Alright everyone can stop talking about this! It's already been revealed that it was more fake news by the Washington post! They already stealthily retracted their statements because authorities said they were full of shit!

The Washington Post has retracted its story about Russian hackers penetrating the nation’s electricity grid with a virus found in a Burlington, Vt., electric company laptop.



Um... you've clearly not read my last post.
Let me quote myself - I didn't really pay attention to Washington Post, as I don't try to use sources here that would make conservatives or liberals cry foul. Funnily enough, it wasn't the Washington Post who originally started this story - it was Burlington Electric Company themselves. Who would you rather trust: the company that suspects that they were infiltrated or the fact that a mainstream media website took down an article about it?


ninjitsuko wrote:

Scratch that - this was a laptop that was compromised. Seven Days article that outlines some of the details that weren't published by mainstream news organizations. I won't say they were "jumping at shadows" but it appears that traffic was being monitored during the "hysteria" of Russian hacking and the federal agencies monitoring for digital footprints that link to Russian hacking groups. It seems that known spearfishing attempts probably worked on the Burlington Electric Department.

So here's what we know about this story so far (objective as possible):

1. The malware was found on the laptop of a Burlington Electric Department employee. (Source)
2. It was not related to the infrastructure for BED nor did it have access to customer information. (Source)
3. This was a result of Homeland Security informing all U.S.-based utility companies of code that was linked back to Grizzly Steppe (a Russian hacking campaign/group). BED scanned all computers and found this malware code executing on one of their laptops (Source).

The legitimacy of the malware can be put into question, to a degree. However, it is also known that Grizzly Steppe is notorious for spearfishing (the act of sending spoofed or fake emails that seem genuine to an employee that doesn't know any better to convince them to install malware) and this would collaborate with the fact that it was an employee computer that was compromised.


Edit:

Actually, rather than my last comment about "who would you rather trust" - I mean more so that it's not about "OH NOHS, THE RUSSIANS HAVE HACKED OUR GRIDZZZZZLZZLOLZOLZOLZ"... more so about the legitmacy of the fact that an employee computer was infiltrated by known code that was passed out to US utility companies that traces back to Grizzly Steppe. That part is true, no matter how the mainstream media tries to spin it. The severity is overstated, but the fact remains that it happened (according to BED themselves).



I think that Rujikin was joking with that last post of his because what he linked is actually the homepage for Crunchyroll, so it was probably all just in good fun. He probably did it because of the other threads around here where there have been stories like this that weren't fully fact checked first and had sensationalized reporting and assumptions. I got a smile out of it.
And thank you for finding the other articles about this incident and posting them here and the facts. I didn't even know that Seven Days had run an article about it since that's just a local independent paper around here. I actually found the article off of something else I was reading through Yahoo! or something and thought that it was interesting and a bit scary to find out.


Actually it was suppose to have a link. I did it on mobile so that may have messed it up =/.... Wait a second. You were the only one to notice this and I had a couple people responding to me about the link. Meaning they NEVER looked at the link yet refuted it. FFS we have people refuting evidence they never even looked at!

This should work and its from forbes too: http://www.forbes.com/sites/kalevleetaru/2017/01/01/fake-news-and-how-the-washington-post-rewrote-its-story-on-russian-hacking-of-the-power-grid/#1b37941d291e

Important part: company detected a malware code used in the Grizzly Steppe operation in a laptop that was not connected to the organization’s grid systems

Really it doesn't even sound like it was infected but that a malware scan detected some malware. It could have been inactive from what the article is saying.
33414 cr points
Send Message: Send PM GB Post
39 / Inside your compu...
Offline
Posted 1/2/17 , edited 1/3/17

DeadlyOats wrote:

You know what is REALLY SCARY? China has been doing a whole lot more, and a whole lot worse, and there has been no U.S. response....


...because they haven't been hacking the election, DUH!

Edit: http://www.theverge.com/2015/2/16/8048243/nsa-hard-drive-firmware-virus-stuxnet
39169 cr points
Send Message: Send PM GB Post
M
Offline
Posted 1/2/17 , edited 1/3/17

nanikore2 wrote:


DeadlyOats wrote:

You know what is REALLY SCARY? China has been doing a whole lot more, and a whole lot worse, and there has been no U.S. response....


...because they haven't been hacking the election, DUH!

Edit: http://www.theverge.com/2015/2/16/8048243/nsa-hard-drive-firmware-virus-stuxnet


China has hacked the State Department, the Pentagon, the nuclear energy electrical grid infrastructure, defense contractors (the companies that make our weapons and munitions for the military, etc, etc, etc.) - for years! Not a peep from Obama. I'm certain that if Trump had lost, Obama would NOT be doing this.

Obama's actions are bullshit. I would give it more weight, if he had sanctioned China for their, very aggressive and damaging cyber attacks on U.S. interests over the last eight years...
39169 cr points
Send Message: Send PM GB Post
M
Offline
Posted 1/2/17 , edited 1/3/17

Rujikin wrote:

Alright everyone can stop talking about this! Its already been revealed that it was more fake news by the Washington post! They already stealthily retracted their statements because authorities said they were full of shit!

The Washington Post has retracted its story about Russian hackers penetrating the nation’s electricity grid with a virus found in a Burlington, Vt., electric company laptop.


Your link does not lead to a news article, but to CR's main page. Fix your link.
First  Prev  1  2  3  Next  Last
You must be logged in to post.