Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The Latest Wave of Cyberattacks On the West Is Coming From the Middle East

Unknown Lamer posted about 2 months ago | from the no-more-bits-for-oil dept.

Security 56

Daniel_Stuckey (2647775) writes "A hacker group from the Middle East known as Molerats attacked a wide range of major public sector organizations over April and May, including the BBC and a smattering of European governments, researchers revealed today. The latest attacks, which sought to establish espionage operations on targets' digital infrastructure, took place between 29 April and 27 May, according to security technology vendor FireEye. The Molerats' actions have added weight to concerns around growing cyber capability stemming from the Middle East. Yet researchers are somewhat perplexed as to the motivation of the perpetrators, whose targets included both Israel and Palestine, as well as Turkey, Slovenia, Macedonia, New Zealand and Latvia. The hackers also went after government bodies in the U.S. and the UK."

cancel ×

56 comments

Sorry! There are no comments related to the filter you selected.

Let me be the first to say... (3, Insightful)

Irate Engineer (2814313) | about 2 months ago | (#47152355)

...Duh?

The non-American world is happily sitting at keyboards and attempting to hack the evil U.S. to pieces. Is this really a surprise to anyone?

It must be the damn fucking chinks again ! (1, Funny)

Anonymous Coward | about 2 months ago | (#47152667)

" A hacker group from the Middle East known as Molerats attacked a wide range of major public sector organizations over April and May, including the BBC and a smattering of European governments>/tt> "

Yep, it must be them fucking middle eastern chinks again !

I hope the Pentagon will show us the photos of them fucking bearded chinks with fucking beach towers on their heads !!!

Re:Let me be the first to say... (1, Flamebait)

wonkey_monkey (2592601) | about 2 months ago | (#47152825)

The non-American world

What, Canada is in on this too? What about Iceland?

attempting to hack the evil U.S. to pieces

It sounds like most of the targets in this case are European. Persecution complex?

Re:Let me be the first to say... (0, Offtopic)

Anonymous Coward | about 2 months ago | (#47153107)

What, Canada is in on this too? What about Iceland?

Last time I checked, Canada was in America. Right above the US, you can check it too.

Re:Let me be the first to say... (1)

DNS-and-BIND (461968) | about 2 months ago | (#47153197)

"the evil U.S." WTF you got a racism problem buddy? Tolerance is the solution, not more violence.

Re:Let me be the first to say... (0)

Anonymous Coward | about 2 months ago | (#47154125)

Regionalist is not racist, dickhead. Tolerance is the solution, not more ignorance.

Re:Let me be the first to say... (2)

gstoddart (321705) | about 2 months ago | (#47154579)

"the evil U.S." WTF you got a racism problem buddy?

You do understand that "American" is not a race, but a nationality, right?

Re:Let me be the first to say... (1)

DNS-and-BIND (461968) | about 2 months ago | (#47160017)

America contains a large number of blacks. Frequently, anti-Americanism is just dog-whistle racism. The same people (usually white - are you white?) freely criticize America while ignoring that criticizing Obama is racist. [theblaze.com]

Re:Let me be the first to say... (0)

Anonymous Coward | about 2 months ago | (#47154695)

You do realize tolerance goes both ways, right?

Re:Let me be the first to say... (2)

Livius (318358) | about 2 months ago | (#47153543)

Is this really a surprise to anyone?

A surprising number of Americans believe their own propaganda.

Re:Let me be the first to say... (0)

Anonymous Coward | about 2 months ago | (#47154463)

A suprising number of people are fucking naive.

Re:Let me be the first to say... (0)

Anonymous Coward | about 2 months ago | (#47153991)

Duh? Are the Americans finally wising up and going after the Saudis to steal their all or is some other poor sod's country being set for the next 'bringing democracy one invasion at a time campaign' , In preparation for when the current corporate welfare wars wind down?

Let me be the first to say... (0)

Anonymous Coward | about 2 months ago | (#47154541)

Apparently Israel and Palestine are also evil and need to be hack to pieces. Surprising? No. Confusing? Hell YEAH! There can be only one .. truth!

Re:Let me be the first to say... (1)

cyberchondriac (456626) | about 2 months ago | (#47156923)

Duh, did anyone say it was a surprise?
US hacking attempts get reported when they're discovered, likewise goes for everyone else too; or is there some reason they shouldn't be?

Whatever (3, Insightful)

cowwoc2001 (976892) | about 2 months ago | (#47152387)

Let me be the first one to congratulate them. So long as those idiots stick to keyboard attacks instead of suicide bombings I think we are moving in the right direction.

If anyone is dumb enough to connect nuclear power plants to the internet ... well, let's just say we'll learn that lesson and never make that mistake again.

Re:Whatever (3, Funny)

Travis Mansbridge (830557) | about 2 months ago | (#47152445)

Especially when we use passwords like "00000000" for our nuclear weapons stockpile for decades..

Re:Whatever (1)

cheesybagel (670288) | about 2 months ago | (#47153585)

You still needed two people to physically turn a key on site. The password was just something they added to fulfill some political mandate that wanted the weapon release control in the hands of politicians rather than the military.

Re:Whatever (1)

Vitriol+Angst (458300) | about 2 months ago | (#47158811)

Yeah, because having another check to launching a weapon is a bad thing?

Put all the control in the hands of the military and LIE about the password, what could go wrong?

I'm still upset about the whole "standing armies" thing, so I don't think I can handle a debate of why we want civilian control of the military.

Re:Whatever (1)

Frosty Piss (770223) | about 2 months ago | (#47152451)

If anyone is dumb enough to connect nuclear power plants to the internet ... well, let's just say we'll learn that lesson and never make that mistake again.

You're talking about Stuxnet [wikipedia.org] , right? You must be from Iran?

Re:Whatever (1)

Vitriol+Angst (458300) | about 2 months ago | (#47158817)

Stuxnet is kind of proving the wisdom in not connecting vital systems to a network with open access to the internet.

Re:Whatever (1)

Vitriol+Angst (458300) | about 2 months ago | (#47158791)

Let me be the first one to congratulate them. So long as those idiots stick to keyboard attacks instead of suicide bombings I think we are moving in the right direction.

If anyone is dumb enough to connect nuclear power plants to the internet ... well, let's just say we'll learn that lesson and never make that mistake again.

I think any agency dumb enough to connect a nuclear power plant control to the internet is dumb enough NOT to learn from their mistakes.
i.e., We are likely already doomed, DOOMED I say!

New Zealand? (0)

Anonymous Coward | about 2 months ago | (#47152455)

Maybe they are attacking 5 eye countries. other than that, NZ is pretty harmless.

Re:New Zealand? (1)

AHuxley (892839) | about 2 months ago | (#47152651)

It really depends on who is doing the networking: eg. a suburban pay tv cable network with older code may not able to fully encrypt and reconcile every MAC, device with billing and their network beyond a node to every home and device.
If your nation, firm, cult or organization can find some skilled locals you have an interesting network to hop along in a distant country with a physical endpoint in a city.
Nations can list all the 'other' nations all they like. The selection of nations may just be dependant some telco saving the cash on signed crypto like upgrades over many years. The costs of vans, staff, finding the old hardware, replacing it, upgrading is not worth the cost in new crypto and extra bandwidth - so you have a lot of interesting, sort of fast, open older networks world wide.

and it comes to this (1, Offtopic)

ruir (2709173) | about 2 months ago | (#47152461)

slashadvertisment and now political propaganda...give us a break.

Re:and it comes to this (4, Insightful)

fustakrakich (1673220) | about 2 months ago | (#47152475)

Hey, c'mon man. Hackers... cyberattacks! Isn't that relevant?

Re:and it comes to this (0)

ruir (2709173) | about 2 months ago | (#47152731)

Yeah, totally relevant, almost like making a hard porn flick where the stars are using lightsabers and communicators and calling it sci-fi. It is a pity people are more educated nowadays, I guess saying chinese and middle-east people eat children does not fly anymore.

Don't mention Microsoft Windows .. (0)

Anonymous Coward | about 2 months ago | (#47152491)

"slashadvertisment and now political propaganda...give us a break", ruir

And absolutly no mention of Microsoft Windows in that entire article .. there is one of Google :)

Re:and it comes to this (1, Troll)

wonkey_monkey (2592601) | about 2 months ago | (#47152869)

What's propagandist about this story?

Re:and it comes to this (2, Insightful)

ruir (2709173) | about 2 months ago | (#47153545)

I was considering not answer, but then some idiot moded down my answers because he does not agree with it. What is propagandistic? For starters, it is a company in interesting in spreading FUD for their own benefit - take it with a pinch of salt on both hands if you may. Than it is the political fearing-mongering of the partner that is always licking the arse of USA. We are already very fed up with that shit - oh my chinese and middle-easterners are so bad, bad guys, they manufactured Windows and Cisco routers, and they have backdoors on it, and sold printers with damaged firmware to Iraq, and wrote stuxnet, and are always invading countries...oh wait... That is utter bullshit. Most cyber attacks come either from USA or Chinese domestic machines that have not properly secured their machines. Add to that a mentality of the Chinese if it works, dont fix it, and you have a lot of old XP machines laying around without any kind of maintenance and full of virus. Oddly enough, the UK also has the same mentality, however they are much smaller in numbers. Id worry more about Russian bots or Nigeria 419 scammers...

If you are concerned by this at all... (5, Interesting)

jd (1658) | about 2 months ago | (#47152477)

...why?

Your outermost gateway should be a simple NAT/port-forwarder/load balancer and a honeypot server. Web traffic goes to the front-end servers, all else goes to the honeypot server. There should be no live DNS. Computers don't need readable names, strings are often where mistakes are made and replying to an IP doesn't require name resolution. The NAT/load balancing would be per-inbound-packet at this level, not per-session or per-time-interval. That means attacks on server resources (if they get through at all) are divided across your cluster evenly. Buys the machines time to detect and counter the problem.

Your front-end servers should be not much more than static content delivery systems, proxying the rest through your outer defences. OpenBSD is ideal for this - fast, simple, bullet-proof. Middle level defences should be a very basic firewall (maximum stability and maximum throughput) and an Active NIDS running in parallel (so as not to slow down traffic).

Inside that, you have at least two load-balancers, one on hot standby, farming dynamic requests to mainline servers. Mainline servers have no static content, only dynamic content. If dynamic content changes slowly (eg: BBC), have a cache server sitting in front of the actual content server. No point regenerating unchanged content.

Content servers send through another firewall (it can also be simple) to your database servers. Unrelated data should be on distinct servers for security and seek time. Since the content servers are read-only, they need hit only database cache servers with actual databases behind those. If you absolutely have to have FQDNs, zone transfer the critical stuff. Bounce all other DNS requests via the internal network to the regular DNS source. That way, your at-risk gateway doesn't contain stupid holes in the wall.

The internal corporate network would have a firewall and switch linking up to the content servers and cache servers, then a different firewall to the database servers. These would be heavier-duty firewalls as the traffic is more complex. Logins of any kind should be permitted only over an IPSec tunnel. All unused ports should be closed.

For the outermost systems, logins should be by IPSec only from a cache server. (Content servers have three Ethernet connections, none going to the firewall.)

This arrangement will take punishment. The arrangements where everything (database included) is in the DMZ with no shielding against coding errors, THOSE are the ones that fall over when people sneeze.

Ok, so my topology would cost a few thousand more. To Amazon, the BBC, any of the online banks, any of the online nuclear power stations - a few thousand might be spent on an executive lunch, but considerably more than a few thousand would certainly be spent and/or lost in a disaster. My layout gives security and performance, though the better corporate giants might be able to do better in both departments.

Doesn't matter if they can. What matters is that nobody at that level should be less secure than this. This is your minimal standard.

Re:If you are concerned by this at all... (1)

AHuxley (892839) | about 2 months ago | (#47152567)

"Ok, so my topology would cost a few thousand more."
Think of the people with contracts selling security in place. Do they really want a robust, healing, balancing, working solution with the min of support calls?
If the bad people are in the network, you have to clean the new extra code out, reset and then the magic can start.
You have the contract to look after the brand and have just seen all your tech been fully understood by diverse people from around the world.
Clean, patch and wait will not work. The people from around the world now know too much about the inner working....
With a new contract for next gen software and hardware the brand can out class and out pace many known issues.
Issues like this can keep entire sectors of the cybersecurity-industrial complex very happy.

Re:If you are concerned by this at all... (0)

Anonymous Coward | about 2 months ago | (#47152621)

...why?

Your outermost gateway should be a simple NAT/port-forwarder/load balancer and a honeypot server. Web traffic goes to the front-end servers, all else goes to the honeypot server. There should be no live DNS. Computers don't need readable names, strings are often where mistakes are made and replying to an IP doesn't require name resolution. The NAT/load balancing would be per-inbound-packet at this level, not per-session or per-time-interval. That means attacks on server resources (if they get through at all) are divided across your cluster evenly. Buys the machines time to detect and counter the problem.

[SNIP]

Does someone in your circle need to worry about you? Can they be counted on to contact the authorities before you do what you think you're destined to do?

Re:If you are concerned by this at all... (2)

Wonko the Sane (25252) | about 2 months ago | (#47153471)

Is that what's come to now? Anybody who promotes (actual) security best practices is going to be accused of being a terrorist?

Re:If you are concerned by this at all... (0)

Anonymous Coward | about 2 months ago | (#47154745)

No, it's just come to random nutjobs posting random paranoid crap on internet forums, same as the last 20 years.

This is why Bayesian systems are so great, they give almost zero weight to white noise.

Re:If you are concerned by this at all... (1)

Vitriol+Angst (458300) | about 2 months ago | (#47158881)

Only if someone gives this person security clearance as a "like-minded" individual.

Re:If you are concerned by this at all... (1)

Ghaoth (1196241) | about 2 months ago | (#47152639)

Why don't you put a condom over your fibre optic link to the Internet? No more problems.

Re:If you are concerned by this at all... (0)

Anonymous Coward | about 2 months ago | (#47155203)

First thing I'd be told if I wanted to drop this in place at a lot of businesses is, "why bother, security has no ROI... and if we get hacked, Geek Squad or Infosys can fix the problem ASAP."

Or, the business would have someone say that that configuration isn't Sarbanes-Oxley compliant because FreeBSD isn't FIPS/Common Criteria certified, and demand a vendor's product in place (a nice red herring.)

Re:If you are concerned by this at all... (1)

Vitriol+Angst (458300) | about 2 months ago | (#47158857)

I wish more companies followed your advice here -- it would mean an end to all the DNS configurations and headaches for the machines in the network to just have a direct connection. You can track the ethernet sig of the machine if you want to catch bad behavior or configurations internally.

Of course, as I become more concerned about the status quo, I'm also heartened that most security at companies is done wrong -- damn wage cutters! ;-)

The solution to the Middle East Issue (1, Funny)

Anonymous Coward | about 2 months ago | (#47152597)

1) Bomb it (a few gigatons worth of nuclear munitions should do it).
2) Wait for the glass to cool
3) Polish the surface
4) Park our tanks on the self-illuminating trinitite surface.
5) Bring in companies to drill for what's left of the oil
6) Once the oil's gone, there's no real reason for ANYONE to be there anymore.
7) If anyone so much as MENTIONS God/Allah/etc again, point them to the large glass patch and tell them to shut the fuck up or they can go camping there for the rest of their lives.

Re:The solution to the Middle East Issue (-1)

Anonymous Coward | about 2 months ago | (#47152943)

knob jockey

Re:The solution to the Middle East Issue (1)

gstoddart (321705) | about 2 months ago | (#47154703)

7) If anyone so much as MENTIONS God/Allah/etc again, point them to the large glass patch and tell them to shut the fuck up or they can go camping there for the rest of their lives.

So, by this ridiculous logic, if anybody in the US (or the entire world) ever mentions god again, that location should be nuked? You sure that's what you want?

Or are you just saying that your version of god is OK but all others need to be eradicated? Do you even know it's the same god but a different manual?

Maybe this is why the west is still referred to as "Crusaders" by some extremists -- because that kind of attitude can lead to some pretty long grudges.

Re:The solution to the Middle East Issue (0)

Anonymous Coward | about 2 months ago | (#47154999)

7) If anyone so much as MENTIONS God/Allah/etc again, point them to the large glass patch and tell them to shut the fuck up or they can go camping there for the rest of their lives.

So, by this ridiculous logic, if anybody in the US (or the entire world) ever mentions god again, that location should be nuked?.

You don't read none too good do you?

No. Merely if they want to shout about "God/Allah/etc", they should be SENT to live out in "God's country". PERMANENTLY. Let God/Allah/etc send them some mana or grow them some food through a few feet of fused desert-sand-glass.

What say we nuke em all and take the oil? (0, Redundant)

Anonymous Coward | about 2 months ago | (#47152635)

And that'll be the end of that problem.

An ad for some crappy company called FireEye (1, Troll)

X.25 (255792) | about 2 months ago | (#47152715)

Oh look, a completely retarded "article" on a vendor site which just happens to sell 'solutions' to fight these "Middle Eastern attacks".

Get fucked Slashdot "editors", how could you even allow a piece of shit like that gets posted?

Sigh.

Election Time (4, Interesting)

Nyder (754090) | about 2 months ago | (#47152961)

I'm guessing it's election time and people need to justify their budgets and keep other things out of the lime light.

"See, them lousy middle east terrorist types are hacking our computers, you need me to run for office and give the NSA power to do anything." - Any Politician in the USA/UK today.

The Latest Wave of Cyberattacks ... (1)

hackus (159037) | about 2 months ago | (#47152997)

Yeah, whatever.

I totally believe you.

Admirable restraint (1)

rebelwarlock (1319465) | about 2 months ago | (#47153051)

Neither of the linked articles use the term "cyberterrorism". Bravo.

Danger! Technological Danger! (3, Insightful)

MRe_nl (306212) | about 2 months ago | (#47153725)

According to security technology vendor FireEye.
According to security technology vendor FireEye.
According to security technology vendor FireEye.
According to security technology vendor FireEye.

Brainwashing through repetition really works.

"Yet researchers are somewhat perplexed as to the motivation of the perpetrators": So the entire team is composed of sociopaths?

I wasn't aware... (0)

Anonymous Coward | about 2 months ago | (#47153761)

that the post-apocalyptic shooter, Fallout 3, was very popular out in the Middle-East. Molerats?

news at 11 (0)

Anonymous Coward | about 2 months ago | (#47153815)

FireEye found out Snowden is from the Middle East.

Sadly, the US is pretty much fair game. (3, Insightful)

Anonymous Coward | about 2 months ago | (#47154533)

The US has more or less made themselves fair game for this. And quite frankly, so have all of the "5 eyes".

You can't say "it is our sovereign right to hack into anything we want because we say so", and then turn around and expect that others won't more or less do the same to you.

If you start global surveillance and spying, you can't suddenly act like it's not fair for someone else to do it.

So all you people who keep saying "well, we don't care if the NSA is doing that, that's what they're supposed to do". Well, bad-guy hackers are doing what they're supposed to do in their eyes.

At the end of the day, the 'legitimacy' of it is one group saying they're entitled to do something, and another disagreeing. If your NSA has decided it is their right to hack into anything they see fit because that's their mandate, you have zero right to assume it won't happen to you. In fact, you should expect it.

And, expanding that logic a little ... if you decide it's your right to bomb civilians in order to get to who you want, then you have no right to assume that someone else won't decide that your civilians are also fair targets. Because once you decide civilians are expendable in pursuing your goals, that's the standard you've set. Just because you believe your civilians are more valuable doesn't make it so.

As much as Americans like to think "of course we can, because we're the US of Fucking A", it's no more legitimate than anybody else saying "well, we can too".

By their own logic, the US pretty much deserves what they get. If you act like the wishes of other countries and people is totally irrelevant, well, you more or less deserve for them to decide that what you want is equally irrelevant.

And then it just devolves into a vicious cycle of nobody remembering who shot first.

So if you want to take some form of moral high ground, make sure you're actually staying there. Otherwise, you're just being hypocritical assholes. And, that seems to be a strong suit of Americans.

As long as Americans have the attitude that whatever they do is OK simply because they're Americans, they're always going to have to understand that anybody else can decide the same damned thing.

Re:Sadly, the US is pretty much fair game. (1)

Triklyn (2455072) | about 2 months ago | (#47157869)

just to chime in, not necessarily about the "middle eastern" espionage, but in regards to chinese. There is something fundamentally different between state sanctioned espionage for national defense. and state sanctioned industrial espionage. I'm Ok with the chinese or any other nation really, spying on me to make sure I don't bomb them to hell. That's pretty much how the game is played, but hacking for the industrial edge is another matter altogether.

very concerned matter for world (0)

Anonymous Coward | about 2 months ago | (#47155881)

http://worldnewsbrief.blogspot.com

There is no "West." (1)

barcarolle (581253) | about 2 months ago | (#47156807)

Please stop mentioning it.

Let's see, who created stuxnet? (1)

NReitzel (77941) | about 2 months ago | (#47157391)

Gosh, the West went and hacked industrial infrastructure, where? The Middle East? Omigawsh.

Turnabout is fair play, guys. You started the fight, now don't weep that it's come home.

lulz? (1)

lagomorpha2 (1376475) | about 2 months ago | (#47158541)

"Yet researchers are somewhat perplexed as to the motivation of the perpetrators, whose targets included both Israel and Palestine, as well as Turkey, Slovenia, Macedonia, New Zealand and Latvia. The hackers also went after government bodies in the U.S. and the UK.""

Have they considered it was for "lulz"?

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>