High Profile System Attacks Attract Attention
Attacks against high profile targets are nothing new, especially if the target is a government agency or the military. Due to the frequency of attack and the porosity of many networks, a compromise is rarely news. When three hospitals in London were recently affected by malware, it rapidly gained attention. With the hospitals having to shut down their networks and begin diverting incoming emergency patients, it is another setback for the troubled NHS IT projects that have been synonymous with failure and poor planning.
Concerns over privacy and reliance upon automated systems mean that any forced shutdown or compromise to medical related systems is bound to gain attention. While patient data storage systems are increasingly being networked with each other (for the goal of being able to walk into any hospital or doctor's surgery and having the medics / doctors being able to pull up your actual records) the security of these systems has often been secondary to making the records available
There have also been claims that the International Monetary Fund has been the victim of system compromise, possibly by China-based hackers. There are various theories as to why this might be the case, with corporate espionage being most likely if internal IMF systems had been targeted. If IMF decisions could be discerned ahead of public announcement, it could allow motivated financiers or investors to offer funding that the IMF will not. Alternatively it could allow investment into countries that are soon to receive a massive capital injection from the IMF.
Elsewhere, recent malware activity has prompted the US military to ban external media following the appearance of a quick-spreading worm on several military networks. It is surprising that it has taken so long for such a step to be introduced as part of system and network lockdown procedures.
For systems air-gapped from the Internet, portable media is the most likely source of system infection, as well as the most likely means for sensitive information to be removed. From the reporting on the infection, it seems that the virus is an autorun-style infector that was initially introduced via portable media.
22 November 2008
Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.
Comments will soon be available for registered users.