Poison Ivy and the “Nitro” Attacks
Poison Ivy is the name given to a family of malicious remote administration Trojans first developed in 2005 and still being utilized for cyber attacks today. As a type of remote administration software, once a computer becomes infected the attacker has complete control of the computer. The most recently documented large-scale utilization of the software was during the “Nitro” attacks from July 2011 through September 2011 that targeted both chemical and defense companies for the purpose of industrial espionage (Fisher). The information security firm McAfee stated that five multinational natural gas and oil companies were successfully targeted by the Poison Ivy malware, as well as 29 other companies identified by Symantec (Finkle). These organizations lost proprietary information to the attackers, including confidential bidding plans (for the energy companies) and details on manufacturing processes and formulas (for several chemical companies).
The malware propagated mainly through the use of email attachments. The attackers utilized social engineering by posing as legitimate business partners or touting security updates. Once the employees opened the email’s attachment their computer would be infected. After a computer became infected, the attacker had the ability to perform a wide range of actions. Poison Ivy utilizes a client/server architecture that turns the infected machines into “servers” that the attackers can access from anywhere there is an Internet connection (Prince). Investigations by Symantec and law enforcement identified that the attacker’s actions were different in each case. In addition to having the ability to browse, copy, and upload documents from an infected computer the att...
... middle of paper ...
...users-rash-110311
Finkle http://www.reuters.com/article/2011/10/31/us-cyberattack-chemicals-idUSTRE79U4K920111031
http://www.f-secure.com/v-descs/backdoor_w32_poisonivy.shtml
Prince http://www.securityweek.com/poison-ivy-kit-enables-easy-malware-customization-attackers
Roberts http://threatpost.com/en_us/blogs/report-hacks-china-shuttered-uk-firm-cost-economy-43-billion-102511
Myers http://www.cyberesi.com/2011/10/11/poison-ivy/
http://www.kaspersky.com/about/news/virus/2010/Kaspersky_Lab_provides_its_insights_on_Stuxnet_worm
Maclean
http://www.reuters.com/article/2010/09/24/security-cyber-iran-idUSLDE68N1OI20100924
Aleksandr Matrosov, Senior Virus Researcher
Eugene Rodionov, Rootkit Analyst
David Harley, Senior Research Fellow
Juraj Malcho, Head of Virus Laboratory
http://go.eset.com/us/resources/white-papers/Stuxnet_Under_the_Microscope.pdf
Poisoning was a big problem in the 1920s of America. “The Poisoner's Handbook” tells a fascinating tale about the early men of toxicology, Charles Norris and Alexander Gettler, in criminal investigations and public health. Produced and directed by Rob Rapley, the film, "The Poisoner's Handbook," shows many poisoning stories together which tells a mix of mysterious and heartbreaking deaths. This is evident that humans will use accessible items, including everyday household products, to kill each other. The film integrates the birth of forensic science with the rise of big businesses and local politics. Many murderers roamed free until enough political will was assembled to implement a new medical examiner system in the 1920s.
The 2001 anthrax attacks was one of the worst bio-weapon attacks on the US in history. The attacks where done through the mail. The anthrax was placed in envelopes with a letter and mailed from various locations to different people and organizations. The anthrax filled letters ended up killing 5 people, causing 17 to become sick and exposing anthrax it is believed to as many as 30,000 people. During the mail process spores of anthrax from the letters escaped and got on mailroom equipment exposing postal employees. If a person was exposed to enough anthrax and developed symptoms they typically died in a few days. Postal workers during the attacks where told that anthrax will appear as a white powder t...
All information obtained about an IP address from where authorities suspected the worm had came from led them to obtain a search warrant on a individual on August 19, 2003. On that day, FBI and USSS Special Agents seized seven computers throughout the household. The individual in question, Jeffrey Lee Parson, admitted to agents that he modified the Blaster worm and creating a variety of them including one named, W32/Lovesan.worm.b. Within the worm he placed code that would direct computers to his personal website, www.t33kid.com, so he could maintain a list of compromised computers.
Ricin is a lethal toxic agent that can be found in the seeds of castor bean plant. According to CDC at http://www.bt.cdc.gov/agent/ricin/facts.asp, ricin is created from castor bean waste after it had been processed and castor oil is made. The agent is illegal and is not available in the United States, but is available in the international countries. The agent itself is known to be expensive within the international market, but the castor bean plant can be found anywhere. The agent can be used as a biological or chemical weapon of mass destruction. During the World War II, the agent was identified as W agent by Croddy and Wirzt (2005). Ricin is deadly and can enter into the body in many ways. Croddy and Wirtz (2005) stated that ricin can enter the body through injection, inhalation, or indigestion. Ricin comes in the form of liquid, powder, or pellets. The agent is tasteless, odorless, and can be hardly detected at times depending on the nature of the agent. It can be spread widely and easily through food or water contamination if a large amount got in the hands of the enemies or terrorist. Ricin is not a contagious agent, but can be spread through the population if it’s in the food, drink, or on the clothing and person touches it. Symptoms of the agent when exposed are abdominal pain, vomiting, diarrhea (sometimes bloody, dehydration, decrease in urine, decrease in blood pressure and may cause death within 3-5 days. Currently, there is no treatment for the agent. It can also be produced as bombs or any other explosive device. How it is delivered maybe depending on the enemies. Ricin may be deadly, but according to the http://www.bt.cdc.gov/agent/ricin/facts.asp (2013), has been used as therapy for cancer. T...
Mandiant is an information security company which deals with the advanced threat detections and response solutions. It has investigated various computer security breaches, the major security breaches are attributed to advanced threat actors referred to as the “Advanced Persistent Threat” (APT). APT1 is one of the most prolific cyber espionage groups in China, it has stolen the large amount of confidential data from 141 organizations all over the world. This report was released on 18 February 2013, provided evidences of APT1 group identity, time line and details of attack infrastructure, economic espionage, commands, and its modus operandi.
Radium, once thought of as an elixir of health, masks unknown and deadly dangers. In “The Poisoner's Handbook: Killer Chemistry”, it discusses the case of the Radium Girls, specifically Amelia Magia. Amelia was one of the workers employed by the United States Radium Corporation in the 1920s. She and her co-workers were tasked with painting watch dials with radium-based paint. Unfortunately, they did not know about the dangers of radium and were encouraged to lick their paint brushes to keep them pointed.
In 1843, lantana, a noxious weed from Central America, made its way to Australia as an ornamental shrub. Lantana rapidly infested approximately 4 million hectares. Recently new bio control ideas have come to light, such as using Eriophyoidea, which is a mite. Many mite species are virulent parasites. Seven species of Eriophyoidea are known to associate with the lantana, such as Calacarus lantanae Boczek and Chandrapatya, Diptilomiopus camarae Mohanasundaram, Eriophyes lantanae, Paraphytoptus magdalenae Craemer, Phyllocoptes lantanae Abou-Awad and El-Banhawy, Rhynacus kraussi Keifer, and Shevtchenkella stefneseri Craemer. There are many other types of mites that have been known to attack different linages of lantana. If mites were released into
Having first appeared in Russia in 2005, referred as Winlock, that successfully scammed over £10m from unsuspecting victims before the Russian authorities arrested 10 individuals for involvement in such hackings in 2010, however it hasn’t stop the growing number of the problem. With such profitable money to obtain, perpetrators have discovered new ways to spread the malware and to cash-in at the expense of victims.
Used by hackers for espionage purposes, it infected other systems over a local network (LAN) or USB stick including over 1,000 machines from private individuals, educational institutions, and government organizations. It also recorded audio, including Skype conversation, keyboard activity, screenshots, and network traffic. It was discovered on May 28, 2012 by the MAHER Center of Iranian National Computer Emergency Response Team (CERT), the CrySys Lab and Kaspersky Lab.
A public utility company employed SecureState to repair their internal and external network security. Consequently, SecureState was able to access the network due to a variety of exploits. Many threats would not be present if systems were updated with the latest operating software and patches and were properly configured. This engagement revealed several critical problems within the client’s system, allowing SecureState to gain access to more resources than intended. The improperly segmented networks combined with easily exploitable vulnerabilities can allow attackers to gain access to entire networks potentially causing untold levels of damage.
When it comes to herbicides the most conversational topic is the effects of the herbicide on human health. The American Cancer Society has glyphosate as a member of their Probable Carcinogen (meaning it could be cancerous) list, where the statement was last medical review in 2014, and was last revisited in 2016 but not medically tested (American Cancer Society, 2016). This is the proof that backs up the statement the Ecology Action Centre (2016), an organization located in Halifax, Nova Scotia, whose goals are to build a sustainable future, used as a main point to advocate against the use of glyphosate in Nova Scotia’s Forests. A study done in Changwon, South Korea by Dr. Young Kim (2014), shows that glyphosate is nothing to fear, as his patients
Impact: An official with the security company Postini claimed that the firm detected more than 200 million e-mails carrying links to the Storm Worm during an attack that spanned several days
Malware can survive in a number of ways say different sizes, shapes and also the purpose ranging from viruses to spyware and to bots. Malware in general is classified into two types. They are the concealing malware and infectious malware. In case of infectious malware, the malware code is said to spread all over which means that the software code shall replicate from one user to another and this goes on. In infectious malware, we need to consider two cases, which are called the viruses and the worms. Viruses are termed as the software that has executables within itself and causes the executables to spread when it is run. The second case called worms is a software which infects a computer and then spreads to others.
Preservatives like nitrite (KNO2/E249 and NaNO2/E250) and indirectly nitrate (NaNO3/E251 and KNO3/E252) are added in meat products such as bacon, cured meat, salami, sausages and canned meat products to avoid the growth of putrefactive and pathogenic bacteria such as Clostridium botulinum. Besides, nitrite acts as a processing adjuvant that promotes the colour formation, delay lipid oxidation and provide a typical cured meat flavor (Skibsted, 2011). Many cured meat products contain added spices containing nitrite for curing has given rise to the formation of N-nitrosopiperidine (NPIP) and other nitrosamines in the premixes. Nitrite reacts with various components present in muscle and converted to nitrosating agent, NO+ which reacts with biogenic amines to form carcinogenic N-nitrosamines. Biogenic amines are a basic nitrogenous compounds that formed by decarboxylation of free amino acids. They can found in high concentration and accumulation occurs in dry fermented products where related to the action of decarboxylase-positive bacteria and meat enzymes during fermentation and ripening (Mey et al., 2014).
In this globalized arena, with the proliferating computer users as well as computer networks, risks associated like Malware attacks are also multiplying. As the proverb