Banking outage gives tiny glimpse of cybergeddon

Britons have been spitting blood this past weekend after a botched banking software upgrade at the UK government-owned Royal Bank of Scotland denied hundreds of thousands of people access to banking services. Customers of RBS and its NatWest and Ulster Bank subsidiaries have not been able to check their account balances or make major payments – such as deposits on houses – leaving some homeless.

While it is not yet clear why the software upgrade failed – or whether it was the fault of an off-shored computer facility in India – what is certain is that the episode has given us just a tiny taste of a nightmare scenario long feared by cyber security experts who advise western governments: What happens if there is an extended, simultaneous attack on all of the banks?

I was recently talked through this scenario by a source familiar with international deliberations on cyber defense. Imagine, the source said, that an attacker manages to disable the communications lines, or routers, linking a nation’s banks, ATMs and the point-of-sale debit/credit card terminals in supermarkets and garages. Suddenly, as few of us carry much cash these days, people cannot buy day-to-day essentials like food and fuel. “The big concern is that Hurricane Katrina style riots could break out on a mass scale as people take to looting,” the source said.

Particularly susceptible communications networks have already been identified by some governments and fixes put in place, the source said, patching, for example, vulnerabilities that came to light in the UK national telecommunications network during Tony Blair’s time in office.

However, the arrival of the reprogrammable computer worms Stuxnet, Duqu and Flame now pose a fresh cyber risk. These can attack industrial or financial infrastructure in a step-by-step fashion, overcoming multiple layers of security as they go by wielding different software “payloads” at the right time. Devised initially by US and Israeli intelligence to slow Iran’s nuclear program, these threats got into the wild and now provide attackers with handy cyber attack “construction kits”.

Continued forensic examination of these worms by antivirus firms should find ways to disable attacks based on them. But for how long can an American firm like Symantec, say, continue to reveal threat confounding measures when it is clear that a US intelligence organization is partly behind the threat? Last week, at the Adaptive and Resilient Complex Systems conference at the Royal Society in London, I asked Patricia Titus, Chief Information Security Officer at Symantec that very question.

“It’s our job – and we will continue to do it until we are told to cease and desist,”  she said.

Blowfish12@2012 Author: Sudharsun. P. R.

US and Israel developed Flame, says official


Mega-malware Flame was indeed created by US and Israeli spies to sabotage Iran‘s nuclear efforts, according to a report in the The Washington Post. Flame’s nation-state origins were suspected ever since its discovery last month, and now an unnamed US intelligence official has confirmed that the virus, along with its partner Stuxnet, is part of a continuing cyber-assault on Iran.

It is now all but certain that the design of Stuxnet – fully sanctioned by President Barack Obama, according to a New York Times report earlier this month, and used to damage the centrifuges in Iran’s nuclear plants – was informed by intelligence gathered via Flame, which experts have also confirmed could have been developed only by world-class cryptographers. The Post‘s source also says that the US National Security Agency, the CIA and Israeli military continue the development of new cyber weapons to this day:


The US and Israel don’t always act together though, it seems. Flame was unearthed only after a unilateral Israeli attack on Iranian oil facilities in April, leading Iran to investigate and discover the malware. The Post reports that US officials were “dismayed” at its partner’s actions.

Blowfish12@2012 Author: Sudharsun. P. R.

10 most costly viruses[survey]


No: 1 MyDoom The most devastating computer virus to date is MyDoom, which caused over $38 billion in damages. In addition to being the most expensive virus to date, its effects were far-reaching and fast-moving. When a user was infected with the virus it creates network openings which allowed others to have access to your computer. In addition, the virus also had the ability to open random programs


No: 2 SoBig Another harmful and expensive computer virus is SoBig. In 2003, the SoBig virus caused over $37.1 billion in devastation. This fast-spreading virus circulated through email as viral spam, and if exposed, the virus had the capability to copy files, emailing itself to others and causing serious damage to computer software and hardware.

No: 3 ILOVEYOU ILOVEYOU is another particularly malicious virus that spread quickly through email, websites and file sharing. The ILOVEYOU virus, or the “Love Letter” worm, affected more than 500,000 systems in 2000 and produced over $15 billion in damages, including $5.5 billion in the first week alone. The virus replicated itself and exposed itself to everyone in the owner’s contact list. This virus was a pioneer for other viruses, as it was one of the first to attach to an email.

No: 4 Conficker The Conficker virus caused over $9.1 billion in damages in 2007 and infected millions of computers around the world. The virus scanned computers for weaknesses and vulnerabilities, logged keystrokes and downloaded code from hacker-selected websites and more.

No: 5 Code Red One of the most well-known viruses to date is the Code Red virus. It caused over $2 billion in damages in 2001, and had the ability to break into computer networks and exploit weaknesses in Microsoft software. Once the virus infected the machine, it actively looked for other machines on the networks to attack.

No: 6 Melissa The Melissa virus was a particularly slimy virus that sent out infected Microsoft Word documents through Microsoft Outlook, delivering viral messages to everyone listed in the Outlook address book. The messages appeared to be coming from the Outlook owner, but was really the Melissa virus at work. A tell-tale indicator that Melissa had infiltrated your Outlook is if your contacts had received an email from you with the message: “Here is that document you asked for … don’t show anyone else.” There would

No: 7 SirCam SirCam was a worm that caused over $1 billion in damages in 2001. This virus had the ability to compromise confidential information, delete items or use up space on your hard drive until there was not enough memory to store anything else.

No: 8 SQL Slammer SQL Slammer is a virus that greatly affected banks and caused Internet speed to lag significantly across the globe. SQL Slammer caused an estimated $750 million in damages in 2003, and affected 200,000 computers worldwide.

No: 9 Nimda Nimda is one of the Internet’s most widespread viruses and among the costliest as well. The virus caused $635 million worth of damages in 2001 and caused Internet browsing time to slow significantly. Additionally, it could affect a user’s email account and send out a read-me file to all contacts listed in the email address book. The virus caused traffic and Internet speeds to slowdown.

No: 10 Sasser Sasser created quite a bit of trouble in 2004 when it piled up $500 million in damages, devastated the British Coast Guard mapping system and caused numerous canceled flights. The creator of Sasser was identified as a teenager from Germany, and was quickly apprehended when one of his “friends” turned him in for a $250,000 bounty posted by Microsoft. The Bottom Line While the Internet can be a wonderful resource for doing everything from communicating with friends and colleagues to

Blowfish12@2012 Author: Sudharsun. P. R.