Slashdot Mirror
U.S. Warns of Possible Cyber Biz Attack
mikesd81 writes "The AP has an article about a possible attack against the New York Stock Exchange via the internet by a radical muslim group. The notice was issued to the U.S. cybersecurity industry after officials saw a posting on a 'Jihadist Web site' calling for an attack on U.S. Internet-based stock market and banking sites in December, said Homeland Security Department spokesman Russ Knocke. Knocke has said: 'There is no information corroborating the threat and that the alert was issued as a routine matter and out of an abundance of caution.' There is no immediate threat to our homeland at this time. The attacks were to be conducted in December, 'until the infidel new year,' the site said, according to a U.S. government translation. It called for attackers to use viruses that can penetrate Internet sites and destroy data stored there. Spokespeople for the New York Stock Exchange and Nasdaq declined to comment on the cyber-terror threat."
seriously, is this new?
If I wanted fear mongering info, I'd be watching Fox.
Res publica non dominetur
How seriously can you take would be crackers who go around blabbing about an upcoming attack?
Sheesh, and the media just have to take it up. They even contradict themselves in the same paragraph!
I can't wait to watch Dick Clark's Infifel New Year's Rockin' Eve!
-m
They will probably attack through the tubes..like that weird V dude..or something
Infinite time means everything that can happen, will. You being you is absolutely incidental. You do not exist.
So, some joker on some website posts a piece about how people should release viruses to attack the stock exchange ... and our government issues an alert?
What happens when the same joker posts a call for nano-viruses to be released into our water supply to create a generation of flesh eating mutants from our own children?!?
Seriously, you deal with terrorism by NOT being afraid.
You do NOT deal with it by hyping every single fantasy that they can post.
So the banks will have a higher-than-normal amount of crack-attempts this month, and a proportionately-higher number of successful ones.
ok, so if serious breakin attempts go up 10%, and there's a small number of successful breakins every month, that's *punchpunchpunchding* a very small number of additional successful breakins.
The bottom line - your bank's web site may be a little slower to respond, and you may get a little more spam-email "from your bank" this month. Otherwise, business as usual.
Happy shopping everyone.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
The news articles I have seen, read and heard all said there was "No Credible Evidence" that this was a real threat.
Save for the one slashdot finds and posts..
I saw this on the news this morning, why the hell would anyone release a warning that says your under attack and in the same sentence say there is no evidence to support it? uh, maybe you should find out first. I've heard more stupid scare stories that came up completely false than true, by a long margin at that. In fact I would feel safe in saying that if Homeland Security lists another location of impending doom, that that spot would probably be the safest place in america cause at least the homeland security officers might have left and people can actually get about there normal daily business.
The best these groups could do are take down the websites of discount brokerages (E*Trade, Ameritrade, etc.), but that won't have one bit of impact on the financial markets. Even if those websites go down, the brokerages will still have their direct connections to the exchanges, so if you can call your broker, you'll still get your trade through.
I wish them the best of luck, because their attack is an exercise in futility.
Warning, that is. Don't you know we're at war! Americans aren't that good at hate, so we have to be given something to fear. Keeps the govt in business.
"There is no information corroborating the threat and that the alert was issued as a routine matter and out of an abundance of caution" How the hell does this make the news. Oh my the cyber-islamicfacist-terrorists are coming for us. "Radical muslim groups" are constantly making the threats. If they can do, they do, if they can't they make threats to inflate their balls and those stupid enough to follow them.
This is it? No comments from the stock exchange. Just be more careful?
SlowNewsDay?
"No doubt one may quote history to support any cause, as the devil quotes scripture." - Learned Hand
There's an old saying that says pretty much whatever you want it to.
The largest banks, plus the stock exchange, still use a wide array of platforms. The stock exchange web site, for example, is not directly hitting the actual stock exchange servers. Most of your bank transactions still go through mainframes. A typical setup is for central transaction servers to push data files to data warehouse servers for reporting purposes. Most systems then run off of these reporting servers.
Between the variety of systems and the layers of security between each it's very unlikely that a virus could bring down the stock exchanges. Or your bank. It's far more likely that their web sites and corporate desktops would go down. The "money" in the wires is far safer.
Developers: We can use your help.
And it just so happens the weak dollar is already crashing relative to other currencies and the housing market is poised to make a significant drop.
Man oh man, those terrorists are so convenient!
those guys in oklahoma city, sure looked moslem, not to mention the ira, basque, KKK, skinheads, red brigades, shining path.......
talk about stereotype racism
I'm posting as AC because I have this CERT alert in my inbox, denoted as FOUO (like it wouldn't get leaked anyway)
1
Google can translate it for you: http://www.alfirdaws.org/vb/showthread.php?t=2109
It's almost impossible that a bunch of radicalists with relatively sophomoric computer skills could infiltrate the NYSE or the Nasdaq in any substantial way. This is akin to high schoolers joking on forums and IRC that they are going to hack into the school's computers and change grades. Sure it happens, but not typically by a bunch of attention-seeking kids, but usually by some kid that is smart enough he didn't need to do it, just wanted to see "if he can".
If these "hackers" really had a chance to impact the exchanges, it means they've found a vulnerability that the exchanges don't know about. Any smart (but malicious) hacker wouldn't tip their hand to such a find, they'd wait until D-day to launch their attack. Obviously the security folks at the exchanges should take the threat seriously and evaluate their systems for holes, but it would be bordering on the ridiculous for the rest of us to be worried.
Crack - Free with every butt and set of boobs
I wish them the best of luck, because their attack is an exercise in futility.
Let's stop underestimating the Enemy and thinking the DHS is just a bunch of foolish baboons, OK? Maybe they know something we don't, eh?
This group would definitely need somebody working on the inside to do any real damage.
This seems neither unlikely nor improbable given Al Qu'e'da's facination with Wall Street and the amount of time since the attack on the World Trade Center.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
this attack will be done from American by Americas very own joe and jane's zombie machines. Dad shoul'd have stayed away from those free pron sites when mom is in bed, now he's a terrorist helper.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
Attention tube terrorists.. could you please target the specific stock and mortgage people who keep spamming me?
Slashdot Burying Stories About Slashdot Media Owned
Is target zombie networks and insure that Americans are deprived of Viagra ads, weight loss programs, stock tips and penis enlargements.
;)
The cost to the US could be crippling! Think what would happen if these emails ceased!
Like I said, this is the *worst* thing they could do.
putting the 'B' in LGBTQ+
Comment removed based on user account deletion
It's amazing how much you can do with a single post on a single website when people are afraid of the dark.
Coming up next - Homeland Security issues alert after cousin's roommate's girlfriend heard from friend that man with turban was spotted in New York.
We must defended ourselves from these cyber bizs.
Does The Department of Homeland Security have a plan.
I sure am glad airports randomly force us to have nude pictures of ourselves taken for inspection/storage in federal anti-terrorist databases. Such precautions really do a lot to keep us safe from terrorist attacks like this one.
Oh, wait...
The worst response to a passive terrorist threat is to publicize it - by putting it on Slashdot.
I don't EVER remember living in the "homeland" until the Bushista regime seized power. I still like to call this America myself. Former land of the free and brave. Now home of the politically blind and cowardly.
-"...bad old ideas look confusingly fresh when they are packaged as technology" - Jaron Lanier (Digital Maoism on Edge.o
I like that term. It's like living in Soviet Russia.
It makes me feel all warm and paranoid inside.
Knew I should not have opened that " jihad.exe" attachment ..
Two wrongs don't make a right - but two do's make a dodo
(a href="http://en.wikipedia.org/wiki/Debt_of_Honor"
- White Knight of the Order of Mihoshi Enthusiasts
.... Given that every 12 year old wannbe 1337 h4x0r has been using "off the shelf" tools to break into places like these fore years, not to mention the armies of botnets, wouldn't these companies have already taken steps to protect themselves against this sort of thing?
I'm just asking...
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
There's enough source code available for enough viruses/trojans/worms that anyone who is interested could write a variation with their own payload.
And instead of creating a zombie army to spew spam, they'd just change a few random numbers in any spreadsheet that was accessible.
There, instant financial problems for most of corporate America. And the damage could take years to uncover.
With a little bit of thought, the virus/trojan/worm would spread quietly. It shouldn't be that difficult if your aim is NOT to draw attention to yourself or control the machine. Altering data would be simple and almost undetectable.
Since they cannot accomplish even that minor task, they don't have the skills to accomplish a major attack.
I really think the icing on the cake recently was Gingrich telling a group of Free Speech Advocates that free speech needs to be less free because ass-hat terrorists are getting on the net and collaborating. I mean, really, restricting internet access will certainly solve the problem.......sheesh...What an ignorant ass...
I suggest a new acronym, along the lines of YHBT. YLTTW: You Let The Terrorists Win. As in YHLTTW, YHL, HAND.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
Maybe we will get lucky and they will "erase" the servers that contain the loans and debt we all carry...
cyber-extremists plan to make all sorts of movies and music available on teh intarweb for free, wreaking financial havoc in california and causing extremely wealthy media moguls to extort money from blind grandmothers as compensation. film@11...
Serenity now, insanity later.
It's at its lowest value in 20 months against the Euro, and the lowest in 14 YEARS against Sterling. http://www.bloomberg.com/apps/news?pid=20601101&si d=a1VgRGm8R6Hc&refer=japan
The only reason it's not yet too bad is that the Yen has also been falling.
Bush
I work for a relatively small banking software company and our datacenter is down. It may just be a coincidence, who knows.
There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
Comment removed based on user account deletion
I shall destroy the Earthlings' puny world in three of their Earth days, on midnight of their pathetic planet's Greenwich Mean Time, on the day they snivelingly refer to as... what was it again? Oh, yes... New Year's Day.
Does "Infidel New Year" strike anyone else as a possible bad translation? It doesn't seem like something a person from a non-Western culture would be likely to say among themselves.
Step into a huge movement. Don't Tread In Me.
I thought this was an appropriate quote from V for Vendetta, "I want this country to realize that we stand on the edge of oblivion. I want everyone to remember *why* they need us!"
Has it occured to anyone that whoever made this threat is a terrorist equivalent of a pointy-headed-boss/marketing exec who is exhorting unknown terrorist hacker-types to unleash one of those virus thingies that he's heard about? Like, they sat in a meeting in some coffee house and said "Yeah! We could release one of those virus thingies! We'd rule the world! Get one of those computer infidels on the internets!"
Isn't this the equivalent of a pathetic "release the hounds," only there are no hounds, and the "leadership" doesn't know that?
Oh, and to religious extremists, isn't technology part of the global, modernistic infidelity?
I mean, really. After 50 years of being immersed in computing, STILL NO NON-TECHNICAL PEOPLE UNDERSTAND HOW COMPUTERS WORK and yet they STILL TELL geeks to do the IMPOSSIBLE.
What's next? A Koran that can fly and spits dates?
I, for one, am sick and tired of our moron overlords.
Actually, I'd think either the terrorists or intelligence agencies are picking random Tom Clancy plots for their planes. Debt of Honor had the crashing of stock markets by the japanese using a backdoor, the plane crashing at the pentagon killing almost all of the chain of command, and also a focused laser disguised into a camera that was aimed at cockpit of airplanes when they were landing to make them crash, which, IIRC, was also warned as a possible terrorist act sometime ago.. :)
Of course over there "planes" should have been "plans".. :)
The greatest revenge in life is massive success.
That said, though, I agree with LocoMan that the resemblance between real-life and fiction in this regard is amusing (when the business with lasers and airplane cockpits came up here a ways back, I pointed out the paralell there). The sole difference being that Clark and Chavez didn't use a true laser, but rather a custom high-collimation halogen lamp, which was (very plausibly) disguised as, not a camera, but its associated lighting equipment.
What all this does point out is this: if this sort of thing is surprising to security agencies, it shows quite the lack of imagination on their part, doesn't it?
- White Knight of the Order of Mihoshi Enthusiasts
At risk of violating some sort of Godwin's-Law like rule for making 9/11 analogies, doesn't what you're saying sound a bit like someone sitting around on Sept. 10, 2001 saying "With a little bit of thought, the terrorists could set off car bombs in front of a bunch of major airports and totally screw up air travel? Since they cannot accomplish even that minor task, they don't have the skills to accomplish a major attack."
I think you're leaving out a major psychological motivator: the terrorists in large part aren't satisfied by and don't want just small, anonymous, disruptive attacks; they want large, public, anything-but-anonymous disruptive attacks.
Messing around with spreadsheet numbers would probably seem like a computer glitch. While its effects might actually be more crippling to the United States economy than taking out the NYSE for an afternoon (just like there are a lot of other physical-terrorism scenarios that would have been even more disruptive to the U.S. than destroying the WTC), that doesn't mean that they're as attractive to a potential terrorist.
I'm not sure if a lack of small-scale attacks really indicates that the enemy is incapable of larger ones; I think that's a terribly dangerous assumption to make. All the lack of smaller attacks means is that we have no idea what their capabilities are, and need to protect ourselves on all fronts.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
Comment removed based on user account deletion
In fact, it is far more likely to be a right wing group trying to push some terrorism angle or some MS backer trying to get these companies off of *nix (which is what the banking and most exchanges including NYSE run).
I prefer the "u" in honour as it seems to be missing these days.
...it is what I was thinking but I don't have any knowledge of the physical layout. Can anyone else elaborate on it better? Perhaps a cyber attack in conjunction with some physical attacks?
With the ongoing and spreading polonium problem, there's another apparently easy vector, how much would it take to shut down huge areas of NYC if it looked like a radiological attack had happened? Even with all the heightened security all over, apparently a lot of places got contaminated, and no one knew until some bigshot ex spy got nailed. I am wondering why this is.
blame the muslims for their own issues.. i believe this is just a get up so they (the US. government) can further invade peoples privacy and put more laws down on Americans..
I agree. I don't think terrorists can take out the market, but I certainly think the bankers and big brokers can. The bottom line is that the US GDP is around 13 trillion, but the amount of outstanding derivative contracts total over 350 trillion, and 24 trillion of those are interest rate sensitive. I'm sorry, but not even the fed can bail out that kind of a derivatives wash (and get away with it).
Something really stinks about this warning. They are going out of their way to publish it everywhere, but also going out of their way to say there is nothing to it. Huh? Something really stinks about the markets - in dollars they're going up, but in most every other currency they're going down. Something really stinks about the fact that gold and silver are blowing away every other investment class even after a recent huge dip. Hell, they don't even pay interest. Something really stinks about the housing market, it is crashing 5 times faster than they said it would a year ago and no one is even concerned? B-of-A has over 4 trillion in housing derivatives alone - why are they not in a panic right now? And the account deficit at over 6%, I'm sorry, but that's bannana republic territory. And how come short term bonds are paying more interest than the long term ones?
If the market has a panic, does that mean that people are going to be stuck with "bad" stocks when they freeze trading?
If a terrorist attacks, does that mean that a "terrorist" will log in and sell their "good" stocks?
All I'm saying, don't be supprised if you wake up one morning in a market crash and find all your good stocks sold, but sell orders on all your bad ones didn't get executed. I smell a big pile of shit and don't like it one bit.
This error made me think of this article ;)
a lliancebankna\template_top.cfm:1) at cfindex2ecfm329922809.runPage(C:\websites\alliance bankna\index.cfm:1)
java.sql.SQLException: [Macromedia][SQLServer JDBC Driver]Error establishing socket. Connection refused: connect
at macromedia.jdbc.base.BaseExceptions.createExceptio n(Ljava.lang.String;Ljava.lang.String;)Ljava.sql.S QLException;(Unknown Source)
at macromedia.jdbc.base.BaseExceptions.getException(I [Ljava.lang.String;Ljava.lang.String;)Ljava.sql.SQ LException;(Unknown Source)
at macromedia.jdbc.sqlserver.tds.TDSConnection.(Ljava .lang.String;Ljava.lang.String;IILjava.lang.String ;Ljava.lang.String;Lmacromedia.jdbc.base.BaseWarni ngs;Lmacromedia.jdbc.base.BaseExceptions;)V(Unknow n Source)
at macromedia.jdbc.sqlserver.SQLServerImplConnection. open()V(Unknown Source)
at macromedia.jdbc.base.BaseConnection.getNewImplConn ection(ZI)Lmacromedia.jdbc.base.BaseImplConnection ;(Unknown Source)
at macromedia.jdbc.base.BaseConnection.open(Lmacromed ia.jdbc.base.BaseConnectionProperties;Lmacromedia. jdbc.base.BaseExceptions;Lmacromedia.util.UtilDebu g;)V(Unknown Source)
at macromedia.jdbc.base.BaseDriver.connect(Ljava.lang .String;Ljava.util.Properties;)Ljava.sql.Connectio n;(Unknown Source)
at macromedia.jdbc.MacromediaDriver.connect(Ljava.lan g.String;Ljava.util.Properties;)Ljava.sql.Connecti on;(Unknown Source)
at coldfusion.server.j2ee.sql.pool.JDBCPool.createPhy sicalConnection(JDBCPool.java:562)
at coldfusion.server.j2ee.sql.pool.ConnectionRunner$R unnableConnection.run(ConnectionRunner.java:67)
at java.lang.Thread.run()V(Unknown Source)
"
" The web site you are accessing has experienced an unexpected error. Please contact the website administrator. The following information is meant for the website developer for debugging purposes. Error Occurred While Processing Request Error Executing Database Query. [Macromedia][SQLServer JDBC Driver]Error establishing socket. Connection refused: connect The error occurred in C:\websites\alliancebankna\template_top.cfm: line 1 1 : 2 : Select * 3 : FROM Alliance_Link SQL Select * FROM Alliance_Link DATASOURCE alliancebankna SQLSTATE 08001 Resources: * Check the ColdFusion documentation to verify that you are using the correct syntax. * Search the Knowledge Base to find a solution to your problem. Browser Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0 Remote Address xxx.xx.xx.xx Referrer Date/Time xx-Dec-06 08:17 AM Stack Trace at cftemplate_top2ecfm650079821.runPage(C:\websites\
Kill your TV
I completely agree with you.,, In this case, there are the FISA courts available to quickly allow the eavesdropping in such a situation. Unfortunately, the current administration not only got caught red-handed doing datamining on millions of domestic americans, and admitted it with great pride as if they were doing anyone a favor.
I guess I wouldn't have so much of a problem with warranted eavesdropping (as a "necessary evil") if they didn't constantly use the most bullshit reasons that no one can argue against without looking like a fool (i.e. Child Porn and Terrorism) wrapped up in terrible amounts of double-speak. "Patriot Act", for instance, is perhaps one of the worst of all... Fighting for civil liberties is every American's duty, and yet to oppose the attacks on our freedoms posed by the Patriot Act, one must be an "Anti-Patriot"? Wow. The terrorists have won, but not the one's you are thinking. These terrorists operate out of a "white building". When one must constantly look over one's shoulder in fear of being devoured by one's own protector, that is terror. Quo custodiet ipsos custodiet? ("Who shall watch the watchers"?)
I guess my point is, How trustworthy is a administration that must continually lie to its own people and use doublespeak to remain in power and get its way?