Reports from various sources indicate Pyeongchang Olympics organizers were looking into a disruption of non-critical systems on the day of the opening ceremony but could not yet confirm if it was a cyberattack. more
A water utility in Europe was compromised by cryptocurrency malware mining attack; the attack is the first public discovery of an unauthorized cryptocurrency miner impacting industrial controls systems. more
A report recently released by McAfee Advanced Threat Research (ATR) revealed a fileless attack targeting organizations involved with the Pyeongchang Olympics. more
A recent malware attack on the control systems of an industrial plant has renewed concerns about the threat hacking poses to critical infrastructure. more
In simple terms, Meltdown and Spectre are simple vulnerabilities to understand. Imagine a gang of thieves waiting for a stage coach carrying a month's worth of payroll. There are two roads the coach could take, and a fork, or a branch, where the driver decides which one to take. The driver could take either one. What is the solution? Station robbers along both sides of the branch, and wait to see which one the driver chooses. more
How was the state of the Internet's routing system in 2017? Let's take a look back using data from BGPStream. Some highlights: 13,935 total incidents (either outages or attacks like route leaks and hijacks); Over 10% of all Autonomous Systems on the Internet were affected; 3,106 Autonomous Systems were a victim of at least one routing incident; 1,546 networks caused at least one incident. more
It is once again time for our annual review of posts that received the most attention on CircleID during the past year. Congratulations to all the 2017 participants for sharing their thoughts and making a difference in the industry. 2017 marked CircleID's 15th year of operation as a medium dedicated to all critical matters related to the Internet infrastructure and services. We are in the midst of historic times, facing rapid technological developments and there is a lot to look forward to in 2018. more
I don't (and probably won't) have anything substantive to say about the technical details of the just-announced Meltdown and Spectre attacks. What I do want to stress is that these show, yet again, that security is a systems property: being secure requires that every component, including ones you've never heard of, be secure. These attacks depend on hardware features... and no, many computer programmers don't know what those are, either. more
US prosecutors have charged two Romanians with hacking Washington DC police computers linked to surveillance cameras just days before President Donald Trump's inauguration. more
A new malware designed to manipulate industrial safety systems was deployed against a critical infrastructure organization that provides emergency shutdown capability for industrial processes, according to a report released today. more
A New Jersey man was one of the three who pled guilty to hacking charges and creating the massive Mirai botnet attacks which spread via vulnerabilities in IoT devices causing massive DDoS attacks. more
According to report today, Russian-speaking hackers called MoneyTaker, are suspected of stealing nearly $10m by removing overdraft limits on debit cards and taking money from cash machines. more
A look into the past reveals that continuous developments in weaponry technology have been the reason for arms control conventions and bans. The banning of the crossbow by Pope Urban II in 1096, because it threatened to change warfare in favour of poorer peasants, the banning of poisoned bullets in 1675 by the Strasbourg Agreement, and the Geneva protocol banning the use of biological and chemical weapons in 1925 after world war 1, all prove that significant technological developments have caused the world to agree not to use certain weapons. more
The Russian Security Council has proposed development of an independent DNS which would continue to work in the event of global internet malfunctions, according to a report from RT. more
The Mirai DDOS attack happened just over a year ago, on the 21st October 2016. The attack was certainly a major landmark regarding the sorry history of "landmark" DDOS attacks on the Internet. It's up there with the Morris Worm of 1988, Slammer of 2002, Sapphine/Slammer of 2009 and of course Conficker in 2008. What made the Mirai attack so special? more