Home Blog Page 76

‘Digital ants’ check networks for viruses

Wake Forest University professor Errin Fulp is training an army of ‘digital ants’ designed to patrol the power grid and protect it from viruses.

If it works, it could be a lifesaver for Supervisory Control and Data Acquisition (SCADA) networks, which nowadays control everything from water and sewer management systems to transport and manufacturing systems.

The power grid is probably more vulnerable to cyber attacks than security experts would like to admit, says Fulp. The problem is such systems’ high level of interconnectedness, which gives hackers more points to enter the system – in a home’s smart grid, for example.

"When that network connects to a power source, which connects to the smart grid, you have a jumping off point," he says. "A cyber attack can have a real physical result of shutting off power to a city or a nuclear power plant."

Fulp’s digital ants wander through computer networks looking for threats such as computer worms. When it finds one, it summons an army of ants to converge at that location, drawing the attention of human operators to investigate.

"The idea is to deploy thousands of different types of digital ants, each looking for evidence of a threat," says Fulp.

"As they move about the network, they leave digital trails modeled after the scent trails ants in nature use to guide other ants. Each time a digital ant identifies some evidence, it is programmed to leave behind a stronger scent. Stronger scent trails attract more ants, producing the swarm that marks a potential computer infection."

The team’s found the system to be successful on a small scale, but now plans to scale it up to test whether it can work with something as large and complex as the nation’s power grid.

Hackers target Lockheed Martin

Lockheed Martin confirmed on Saturday that it’s been the target of a ‘significant and tenacious’ hacking attack.

The company – the US’ biggest military contractor – says it fought the attack off successfully.

"The company’s information security team detected the attack almost immediately, and took aggressive actions to protect all systems and data," it says in a statement.

"As a result of the swift and deliberate actions taken to protect the network and increase IT security, our systems remain secure; no customer, program or employee personal data has been compromised."

The company blocked all remote access to the internal network, and is requiring all its 100,000 users to change their passwords. It’s also replacing all RSA SecureID tokens – interesting, as it indicates that the attack may be linked to the security breach suffered by RSA itself in March.

At the time, RSA gave little information about exactly what data had been stolen, but there were fears that it included the seed codes for clients that would allow attackers to generate the time-based code allowing access to client systems.

"Is it possible that whatever information was stolen from RSA helped the hackers break into Lockheed Martin? If that’s the case, that’s worrying news for businesses around the world," says Graham Cluley of security firm Sophos.

"An unnamed source with direct knowledge of the attacks is said to have confirmed to Reuters that other military contractors have also been compromised."

It’s not known who’s behind the Lockheed Martin attack. Some observers are suggesting that it could be a foreign government – China or Russia perhaps.