Feeds

Minister warns of national grid hack threat

And theft of commercial secrets

Top three mobile application threats

A UK government minister has warned that cyber-terrorists were attempting to take out the national grid.

Security Minister Lord West of Spithead also said that state-sponsored hackers are attempting to infiltrate corporate networks to steal commercial secrets. Much of this could have been said at any time over the last four or five years, if not longer. But a number of more recent factors spice up the stew, including targeted Trojan attacks, vulnerabilities in the (now) internet-connected SCADA control systems that control power plants and recent high-profile cyber-attacks against Georgia and Estonia.

Threats to the UK's critical infrastructure are regularly assessed as part of the National Risk Register. The UK government reckons it's on top of the problem but that doesn't mean that there isn't any risk - especially to less cyber-savvy organisations - especially given the volume and sophistication of some attacks, the minister warned.

"If you take the whole gamut of threats, from state-sponsored organisations to industrial espionage, private individuals and malcontents, you're talking about a remarkable number of attempted attacks on our system - I'd say in the thousands," said Lord West, The Telegraph reports. "Some are spotted instantly. Others are much, much cleverer."

The warning comes in the aftermath of skirmishes in cyberspace that accompanied the recent conflict on the ground between Russia and Georgia. Defacements and denial of service attacks against Georgia government websites have been linked to Russian state-run businesses and networks controlled by cyber-criminals who are usually busy sending out spam. The website of the South Ossetian government and Russian news agency RIA Novosti were also hit by attacks during the short-lived but fierce war over the disputed region of South Ossetia earlier this month.

Security watchers such as Arbor Networks report that the attacks were more intense but shorter than the assaults that floored the banking and government systems of Estonia last year. The Kremlin has denied state involvement while admitting some Russian nationals may have become involved in the attack.

Interest in dissecting the attacks and chatter on underground forums that preceeded them have sparked the creation of a group of sleuths by IntelFusion. The open-source efforts will look at the cold case of online conflict in Estonia as well as the more recent troubles in Georgia and attacks thought to have been run out of China. More details on the project can be found here. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
Burnt out on patches this month? Oracle's got 104 MORE fixes for you
Mass patch for issues across its software catalog
Reddit users discover iOS malware threat
'Unflod Baby Panda' looks to snatch Apple IDs
Oracle working on at least 13 Heartbleed fixes
Big Red's cloud is safe and Oracle Linux 6 has been patched, but Java has some issues
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.