Full Disclosure mailing list archives
Re: Zone-H.org: 10 reasons websites get hacked
From: "worried security" <worriedsecurity () googlemail com>
Date: Thu, 18 Oct 2007 20:16:08 +0100
On 10/18/07, full-disclosure () mac hush com <full-disclosure () mac hush com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I thought the main reasons for intrusion were fun and/or profit. I don't see them on your list anywhere. I think your list sucks.
the no.1 threat to corporate and national security is infact the inside job. yep folks, terrorists are actively seeking to trick the job vetting processes for power plants,government etc etc. because the terrorists know the key systems aren't connected to the internet. but after reading media reports, it seems the department of homeland security are thinking if we're not connected to the internet then we're safe. no, even permanently offline systems, still need to be patched from internet threats, because terrorists are actively seeking to get into key infrastructure jobs with portable disks to infect computers with the latest 0-day posted to places such as Full-Disclosure. yep folks, all security pros on here will have seen the dhs propaganda video by now about the turbine getting shutdown with a cyber attack, and the dhs are focusing on internet facing systems, but the real threat to corporate and national security is the inside job of permanently offline systems that the power plants, government etc etc think are safe and don't need patched. what i'm saying is, for example, i'm not saying they use microsoft for key infrastructure systems, but a permanently offline system still needs to be fully patched after every patch tuesday, even though that system is permanently offline and will never ever be connected to the internet. that is my key problem i'm seeing right now by the government in respect of cyber security, they are assuming an internet conenction needs to be there, but that isn't entirely true. if mr joe jobs wanna be terrorist manages to trick your job vetting processes and gets a job with access to the key systems, yes folks, terrorists haven't got time to fiddle around with computers, they will download exploit code from Full-Disclosure type sources and throw it on a portable disk, then go for an inside job social engineering trick and get into a power plant, government etc etc job. so having your permanently offline key infrastructure not patched every patch tuesday for example, is pretty bad, because if your permanently offline systems had been patched, then mr joe jobs wanna be terrorist wouldn't of been able to plug in a portable disk into your systems based on a 0-day exploit originally posted on Full-Disclosure and shut the place down. while the internet is one way to get exploit code into your network, its not the only way. joe jobs wanna be terrorist would rather do an inside job, than fiddle around with computers all day. in short your permanently offline systems still need to be patched every patch tuesday. do the power plants, government etc etc have their patches upto date for permanently offline systems? ;) they assume only internet facing systems need to be patched from internet threats, but that is their delusion not mine. like in this link, http://www.news.com/8301-10784_3-9799403-7.html they keep saying "cyber" as in internet... but the truth is a terrorist attack to take out key power plants, government etc etc would come from the inside job... the government are wasting their time with the whole "cyber" security thing, while the exploit code carried on portable disks would originate from internet sources and that that exploit code may of originally needed an internet connection, that is not entirely true if portable disks are used and the joe jobs wanna be terrorists target permanently unpatched, permanently offline systems. did you sit smuggly in your control rooms smiling at that permanently offline system and think, hey, nothing posted on Full-Disclosure can touch this? think again. thanks, n3td3v
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Zone-H.org: 10 reasons websites get hacked Juha-Matti Laurio (Oct 17)
- Re: Zone-H.org: 10 reasons websites get hacked Dude VanVinkle (Oct 17)
- Re: Zone-H.org: 10 reasons websites get hacked worried security (Oct 17)
- Re: Zone-H.org: 10 reasons websites get hacked Peter Dawson (Oct 17)
- Re: Zone-H.org: 10 reasons websites get hacked worried security (Oct 17)
- <Possible follow-ups>
- Re: Zone-H.org: 10 reasons websites get hacked full-disclosure (Oct 17)
- Re: Zone-H.org: 10 reasons websites get hacked worried security (Oct 18)
- Re: Zone-H.org: 10 reasons websites get hacked full-disclosure (Oct 18)
- Re: Zone-H.org: 10 reasons websites get hacked Dude VanVinkle (Oct 17)