Feeds

Minister warns of national grid hack threat

And theft of commercial secrets

Beginner's guide to SSL certificates

A UK government minister has warned that cyber-terrorists were attempting to take out the national grid.

Security Minister Lord West of Spithead also said that state-sponsored hackers are attempting to infiltrate corporate networks to steal commercial secrets. Much of this could have been said at any time over the last four or five years, if not longer. But a number of more recent factors spice up the stew, including targeted Trojan attacks, vulnerabilities in the (now) internet-connected SCADA control systems that control power plants and recent high-profile cyber-attacks against Georgia and Estonia.

Threats to the UK's critical infrastructure are regularly assessed as part of the National Risk Register. The UK government reckons it's on top of the problem but that doesn't mean that there isn't any risk - especially to less cyber-savvy organisations - especially given the volume and sophistication of some attacks, the minister warned.

"If you take the whole gamut of threats, from state-sponsored organisations to industrial espionage, private individuals and malcontents, you're talking about a remarkable number of attempted attacks on our system - I'd say in the thousands," said Lord West, The Telegraph reports. "Some are spotted instantly. Others are much, much cleverer."

The warning comes in the aftermath of skirmishes in cyberspace that accompanied the recent conflict on the ground between Russia and Georgia. Defacements and denial of service attacks against Georgia government websites have been linked to Russian state-run businesses and networks controlled by cyber-criminals who are usually busy sending out spam. The website of the South Ossetian government and Russian news agency RIA Novosti were also hit by attacks during the short-lived but fierce war over the disputed region of South Ossetia earlier this month.

Security watchers such as Arbor Networks report that the attacks were more intense but shorter than the assaults that floored the banking and government systems of Estonia last year. The Kremlin has denied state involvement while admitting some Russian nationals may have become involved in the attack.

Interest in dissecting the attacks and chatter on underground forums that preceeded them have sparked the creation of a group of sleuths by IntelFusion. The open-source efforts will look at the cold case of online conflict in Estonia as well as the more recent troubles in Georgia and attacks thought to have been run out of China. More details on the project can be found here. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.