Comments on: Worms are an effective weapon in cyber warfare http://mcwresearch.com/archives/647 Things I think I've thought about Thu, 16 Feb 2012 16:52:27 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: mcwresearch.com » Conficker Hits French MoD http://mcwresearch.com/archives/647/comment-page-1#comment-5049 mcwresearch.com » Conficker Hits French MoD Tue, 10 Feb 2009 12:57:52 +0000 http://mcwresearch.com/?p=647#comment-5049 [...] the recent compromise of the British MoD, the compromise of the French MoD appears to have been isolated to the [...] [...] the recent compromise of the British MoD, the compromise of the French MoD appears to have been isolated to the [...]

]]> By: » An Information Security Place Podcast - Episode 14 http://mcwresearch.com/archives/647/comment-page-1#comment-5047 » An Information Security Place Podcast - Episode 14 Thu, 29 Jan 2009 09:02:16 +0000 http://mcwresearch.com/?p=647#comment-5047 [...] up - Same worm variant is also attacking the UK MOD - Michael at [...] [...] up – Same worm variant is also attacking the UK MOD – Michael at [...]

]]> By: Jim’s Bloggyness » Post Topic » An Information Security Place Podcast - Episode #14 http://mcwresearch.com/archives/647/comment-page-1#comment-5046 Jim’s Bloggyness » Post Topic » An Information Security Place Podcast - Episode #14 Thu, 29 Jan 2009 05:08:29 +0000 http://mcwresearch.com/?p=647#comment-5046 [...] Confiker Worm Takes Down UK Hospitals and the MOD - Link Here / Link Here [...] [...] Confiker Worm Takes Down UK Hospitals and the MOD – Link Here / Link Here [...]

]]> By: Michael http://mcwresearch.com/archives/647/comment-page-1#comment-5041 Michael Wed, 21 Jan 2009 15:33:00 +0000 http://mcwresearch.com/?p=647#comment-5041 In the network security podcast linked twice above, they talk about this incident at 17:49 into the podcast. They don't really go into the worm as a weapon in cyber warfare but instead focus on the intermingling of networks. One of the points they don't mention is that even if the networks don't mingle and operational/navigational networks aren't directly at risk, this threat still saps resources from those networks as IT staff scramble to regain control of the administration networks. There is also the sneakernet to be considered. USB drives (which conficker leverages) can travel from one network to the other and deliver worms through that vector. Usually in classified networks USB drives are forbidden but if you miss restricting them on even one machine, the users will find it and exploit it, not necessarily intending to be malicious but for convenience. Granted, this worm attack wouldn't be a tactical win if it were a part of cyber warfare but it would certainly serve a purpose in propaganda, by demonstrating that even an aircraft carrier's network and more importantly the Ministry of Defense network has weaknesses to be easily exploited. In the network security podcast linked twice above, they talk about this incident at 17:49 into the podcast.

They don’t really go into the worm as a weapon in cyber warfare but instead focus on the intermingling of networks. One of the points they don’t mention is that even if the networks don’t mingle and operational/navigational networks aren’t directly at risk, this threat still saps resources from those networks as IT staff scramble to regain control of the administration networks.

There is also the sneakernet to be considered. USB drives (which conficker leverages) can travel from one network to the other and deliver worms through that vector. Usually in classified networks USB drives are forbidden but if you miss restricting them on even one machine, the users will find it and exploit it, not necessarily intending to be malicious but for convenience.

Granted, this worm attack wouldn’t be a tactical win if it were a part of cyber warfare but it would certainly serve a purpose in propaganda, by demonstrating that even an aircraft carrier’s network and more importantly the Ministry of Defense network has weaknesses to be easily exploited.

]]> By: Network Security Blog » Network Security Podcast, Episode 135 http://mcwresearch.com/archives/647/comment-page-1#comment-5040 Network Security Blog » Network Security Podcast, Episode 135 Wed, 21 Jan 2009 00:50:00 +0000 http://mcwresearch.com/?p=647#comment-5040 [...] Worms run rampant through UK Ministry of Defense systems. [...] [...] Worms run rampant through UK Ministry of Defense systems. [...]

]]> By: Network Security Podcast » Blog Archive » Network Security Podcast, Episode 135 http://mcwresearch.com/archives/647/comment-page-1#comment-5039 Network Security Podcast » Blog Archive » Network Security Podcast, Episode 135 Wed, 21 Jan 2009 00:47:56 +0000 http://mcwresearch.com/?p=647#comment-5039 [...] Worms run rampant through UK Ministry of Defense systems. [...] [...] Worms run rampant through UK Ministry of Defense systems. [...]

]]> By: LonerVamp http://mcwresearch.com/archives/647/comment-page-1#comment-5038 LonerVamp Tue, 20 Jan 2009 21:50:38 +0000 http://mcwresearch.com/?p=647#comment-5038 More than likely, someone just doesn't know what they're saying and are mixing rumors or separate incidents, in regards to the sending of email to Russia. Either way, obviously there is a level of incompetence somewhere in there. More than likely, someone just doesn’t know what they’re saying and are mixing rumors or separate incidents, in regards to the sending of email to Russia.

Either way, obviously there is a level of incompetence somewhere in there.

]]>