Slashdot Mirror
Hackers Plundered Israeli Defense Firms That Built 'Iron Dome' Missile Defense
An anonymous reader writes: Brian Krebs reports on information from Columbia, Md.-based threat intelligence firm Cyber Engineering Services Inc. that attackers thought to be operating out of China hacked into the corporate networks of three top Israeli defense technology companies. The attackers were seeking technical documents related to Iron Dome, Israel's air defense system. "IAI was initially breached on April 16, 2012 by a series of specially crafted email phishing attacks. ... Once inside the IAI’s network, [the attackers] spent the next four months in 2012 using their access to install various tools and trojan horse programs on systems throughout company’s network and expanding their access to sensitive files, CyberESI said. The actors compromised privileged credentials, dumped password hashes, and gathered system, file, and network information for several systems. The actors also successfully used tools to dump Active Directory data from domain controllers on at least two different domains on the IAI’s network. All told, CyberESI was able to identify and acquire more than 700 files — totaling 762 MB total size — that were exfiltrated from IAI’s network during the compromise. The security firm said most of the data acquired was intellectual property and likely represented only a small portion of the entire data loss by IAI." Most of the stolen material pertained to Arrow III missiles, UAVs, and ballistic rockets.
...until software and systems security is finally taken seriously. That may mean corporate LANs interconnected between sites by leased private fiber, where ther entire computer system for the company is not able to even reach the public Internet. That may mean that users have separate systems, one for internal communication within the company, and one for external communication to outsiders. That may also mean that companies stop allowing anything sensitive on public-reachable computers, and it might even mean that corporate IT departments have to look at hardware that doesn't allow for secure computers to even plug into regular, public networks, and for those 'regular' networks to be highly monitored and partially locked-down as to what IP ranges (and countries) can even be communicated with.
I can tell you one thing, if such a system were implemented there'd probably be an uptick in efficiency as now it'd be a lot harder to screw around at work. Sure, a lot of people would be really pissed that they can't do non-work tasks at work without using a system seeing such monitoring too, but given that salaries in the defense sector are generally pretty good, that's a tradeoff that one could probably stomach.
Do not look into laser with remaining eye.
Why dont these places have malware files spread out in their data files, hide them in a zip file or something.
All malware is data until you tell your computer to run it. If you get hacked by careless people, then I suppose having malware that reports them might work, but they'd have to run it or open it with a compromised program, and on a computer connected to the internet.
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
China is in a state of de facto war with every military R&D project in the world. Any defense contractor not locked down six ways from Sunday should be punished (or they should get a bonus for best practices.)
Why, did China start to settle on their land, too?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
There is another side to this that isn't being reported. Hamas are using schools hospitals etc to fire rockets from and telling the public it is their duty to stay and act as human shields. Israel warn I attacks and say to evacuate but Hamas make them stay, to create propaganda which makes you angry and want to support them. Don't be so easily brainwashed.
There is an EU report on this which I now can't find but these facts exist outside of pro Israel web sites
nice trolling, its a prison, not a concentration camp!
That's what Israel tells the world after they bomb schools ....
Don't let israel brainwash you!
That's what Israel tells the world after they bomb schools ....
Don't let israel brainwash you!
Hello, Mr. Hamas Troll,
The other day when BBC was interviewing a doctor who was inside a hospital in Gaza, in the middle of the interview two Hamas rockets were fired from the 3rd floor of the same hospital
The sounds of the rocket firing was heard clearly, and the doctor himself admitted in that live broadcast that two rockets were fired from the hospital
That broadcast was not sponsored in any way by Israel. It was a BBC broadcast !
No, just Tibet.
It still doesn't excuse Israel ignoring the targeting said hospital though.
When a group fires from the grounds of a hospital, religious building, or homes, under the geneva convention those buildings automatically become military targets. There is no ignoring the geneva convention, what you've just posted is that hamas is committing war crimes in order to try and sway opinion.
Om, nomnomnom...
What does 'specially crafted email phishing' attacks have to do with Windows?
Convincing someone to alter settings on their machine, download a file, or process some request has little to do with the OS in question.