Hackers Plundered Israeli Defense Firms That Built 'Iron Dome' Missile Defense 184
An anonymous reader writes: Brian Krebs reports on information from Columbia, Md.-based threat intelligence firm Cyber Engineering Services Inc. that attackers thought to be operating out of China hacked into the corporate networks of three top Israeli defense technology companies. The attackers were seeking technical documents related to Iron Dome, Israel's air defense system. "IAI was initially breached on April 16, 2012 by a series of specially crafted email phishing attacks. ... Once inside the IAI’s network, [the attackers] spent the next four months in 2012 using their access to install various tools and trojan horse programs on systems throughout company’s network and expanding their access to sensitive files, CyberESI said. The actors compromised privileged credentials, dumped password hashes, and gathered system, file, and network information for several systems. The actors also successfully used tools to dump Active Directory data from domain controllers on at least two different domains on the IAI’s network. All told, CyberESI was able to identify and acquire more than 700 files — totaling 762 MB total size — that were exfiltrated from IAI’s network during the compromise. The security firm said most of the data acquired was intellectual property and likely represented only a small portion of the entire data loss by IAI." Most of the stolen material pertained to Arrow III missiles, UAVs, and ballistic rockets.
And it'll keep happening, again and again... (Score:4, Insightful)
I can tell you one thing, if such a system were implemented there'd probably be an uptick in efficiency as now it'd be a lot harder to screw around at work. Sure, a lot of people would be really pissed that they can't do non-work tasks at work without using a system seeing such monitoring too, but given that salaries in the defense sector are generally pretty good, that's a tradeoff that one could probably stomach.
Re: (Score:2, Insightful)
I'd bet most companies in the defense sector don't even have the level of security of a typical gaming company making the AAA titles. By the way, the secure systems can't be allowed to access even to the rest of the internal network of the company for such a separation be effective.
Re: (Score:2)
Re: (Score:3)
I can tell you one thing, if such a system were implemented there'd probably be an uptick in efficiency as now it'd be a lot harder to screw around at work. Sure, a lot of people would be really pissed that they can't do non-work tasks at work without using a system seeing such monitoring too, but given that salaries in the defense sector are generally pretty good, that's a tradeoff that one could probably stomach.
Except that efficiency does not work that way.
People screwing around at work is not the cause of inefficiency but a symptom of a hidden larger problem that is causing inefficiency.
Re: (Score:2)
Re: (Score:2)
I'm well-aware that keeping employees busy with enough work and having enough oversight to help keep them on-task is important, but reducing distraction is also important. There's more than one contributing factor to inefficiency. I can suggest remedies for this one.
You think enough work and enough oversight creates efficiency? No wonder you have a distraction problem.
Re: (Score:2)
... but reducing distraction is also important.
Depends on the distraction, because, e.g., looking at pictures of baby animals actually improves the performance [plosone.org].
Oh yes, baby! Bring out the animal in me! Yes!
Re: (Score:2)
According to the article, that cause is email.
Re: (Score:2)
Hence two separate networks.
If it's that important, then the employees should be able to handle having two separate systems, one for internal use only, one for external use only.
Re: (Score:2)
I can tell you one thing, if such a system were implemented there'd probably be an uptick in efficiency as now [...]
As all the SaaS they'd bought into broke completely, half the onsite software that relies on various web services and "phone-home" systems for licensing etc broke, all the B2B tools for everything from tracking/shipping packages to payroll tax tools to JIT supply chain management from their suppliers broke.
Yeah, there would be a real productivity bump. :)
Re: (Score:2)
I agree that systems of such sensitive nature need to be isolated but the problem is always how do you do this?
You could take away so much functionality that you are impeding productivity.
People bring their own devices, phones are powerful enough to use for many more tasks these days, productivity will not go up. That's a myth.
If the system in question was on a separate infrastructure, sophisticated and determined attackers will simply infiltrate the new system. Sure, it's an added layer of complexity
Re: (Score:2)
So, you are going to deter Chinese hackers by outing them in public. Mao is laughing in his grave...and given the millions he caused to die, that's no small feat.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
So nobody screwed around at work before computers? No bullshitting around the eponymous water cooler, coffee machine, long lunches, etc?
Iron Dome? (Score:2)
What they need is a ;\'Chesters Mill Dome"
Re: (Score:2)
And Big Jim! :P
Meh. (Score:5, Insightful)
China is in a state of de facto war with every military R&D project in the world. Any defense contractor not locked down six ways from Sunday should be punished (or they should get a bonus for best practices.)
Re: (Score:3)
Right. I won't trust a defense contractor whose security gets compromised using phishing emails. If the intrusion is more low level than that (the mythical compromised routers), then they might have a good excuse. If the story is true, and the Israelis aren't just making it up as a cover story or honeypot to attract would-be cyber-attackers from other less technically competent nations (Iran, N Korea, etc), then the defense contractors should be banned from future military contracts.
Re: Meh. (Score:2)
Gee, isn't Iron Dome supposed to be worthless? (Score:2, Insightful)
Apparently the Chinese don't think so. Compared to the American liberal arts community of experts on missile defense, they must be sadly misinformed.
Re: (Score:2)
All the target getting hacked proves is that someone thought the target was worth hacking. It doesn't mean that their [primary] goal was even to pilfer technological data, let alone useful technological data.
Even worthless system are worth a lot (Score:2)
Re: (Score:3)
Apparently the Chinese don't think so. Compared to the American liberal arts community of experts on missile defense, they must be sadly misinformed.
It depends on how you look at it. Iron Dome costs something like 20-30.000 dollars per shot. One of those home built Quassam rockets Hamas uses costs 5-800 dollars per shot, the Grad rockets probably a bit more. It's the same economy as dropping PGMs that start at 15-20.000 per unit (the Hellfire missiles used by the RQ-9 drones cost $110.000 per unit) on five man Taleban guerrilla groups carrying a grand total of 3-4000 dollars worth of equipment (tops). It adds up pretty quickly. If Hamas hoses off enough
Re: (Score:2)
The US government put a lot of time and effort into spying on the USSR's paranormal operations research, and even replicating some of it at home; it was still almost entirely worthless.
Re: Gee, isn't Iron Dome supposed to be worthless? (Score:2)
Re: (Score:2)
I don't understand what that has to do with this conversation.
Re: (Score:2)
Don't assume that it is the Chinese that did this hack (if the details are even true). Attribution is very difficult in the world of cyber crime/espionage.
Re: (Score:2)
So, if it's 5% effective, why is it getting 80-90% of all the incoming rockets from Gaza? It appears that the H:M ratio is much higher than that, and it's "smart" enough to figure out which rockets are not going to land in a civilian area.
That liberal arts community is the same group that's happily pushed nuclear research back 30 years, so they can go fuck themselves, while sipping their latte in their ivory towers, while protesting capitalism.
Re: (Score:3)
Nobody, not even the Israeli's are claiming it gets 80-90% of incoming rockets. But I'm pretty sure you're a shill.
You're now welcome to live out your life being less ignorant of the world. [theconversation.com]
Re: (Score:2)
One report from one professor who had nothing to go on but videos and pictures.
Typical of folks like you to take something like that as Gospel and build policy around it.
Re: (Score:2)
You have a point. That money could have gone to feeding the homeless, upgrading some infrastructure, health care, regenerating Detroit, or a countless number of other things. Instead it's going to help a country that's oppressing its own people Saddam style and indirectly going to feed military secrets to the Chinese.
Re: (Score:2)
You mean like the international and American aid Hamas diverted to build tunnels and rockets to attack Israel rather than on schools, hospitals, etc.?
Re: (Score:2)
Re: (Score:2)
The intercepting rockets likely cost far more than the rockets being intercepted. Good job the US is footing the bill. More upstanding action from the country that called Saddam 'Our kind of guy".
Re: (Score:3)
So if a Rocket was heading for your ass, how much would you be willing to pay to have it intercepted?
Pr0n (Score:2)
Why? (Score:3)
Two computers is too expensive and cumbersome (Score:2)
Most managers wouldn't want people to have two computers on their desk, since hey, they can save 50% on desk top systems by merging them. As long as system admins do their work, nothing could go wrong, right? I'm a penetration tester by trade and no matter where I go, even thin clients and virtual machine setups aren't properly separated.
People trust way too much in technical capabilities of devices and underestimate the ingenuity and perseverance of intruders to circumvent or penetrate those devices. Sne
Re: (Score:2)
The "air gapped" approach may well involve even more system admin work. Since both "secure" and "insecure" networks need to go to the same desks. Even if they have completly different cabling runs and cabinets. Then there's the issue of things like "sneaker net". Even someone plugging cables into the
Re: (Score:2)
If you are having an issue like that, then you should have the knowledge and technical know how to change the connectors with something non standard. Say for example, take the ethernet port and replace it with an 8 pin DIN connector. No chance of that being plugged into the wrong network accidentally.
(Yes, I used a DIN as it comes to mind, but it could have issues, as other things use it, you could make a completely different connector for it if you wanted.)
All you have to do is to wire the Ethernet cables differently from standards (and color code them lest hours of amusement and consternation ensue).
Re: (Score:2)
Air gapping the sensitive information is one of those things that looks easy on paper but runs afoul of the fact that people don't like to work that way. It's inefficient. It's not like people have *two* jobs, one sensitive the other not. They have one job in which sensitive bits are intertwined with regular bits, so in practiced people tend to cheat and do *some* sensitive work on the non-sensitive network.
Even if the users are unrealistically conscientious about never doing anything sensitive on their
This is a good thing. (Score:2)
If those attacks continue, and if they cause damage, people will start paying attention and will change the way their OS is secured. I think that the Android OS has it right - no user-generated files should be executable in any way, including scripts. You have 2 partitions - one that is executable, but only admins can write to it, and one that the user can write in, but nothing is executable there.
Technology transfer (Score:2)
So Chinese hackers stole American technology from Israel? You mean Israel didn't just sell it to the Chinese this time?
Re: (Score:2)
Alternativly it was a US (or Israeli) competitor covering their tracks by pretending to be from China.
Re: (Score:2)
However blaming "Israel" for that one is like blaming the USA for Charles Manson - criminals exist and the thing was apparently stolen.
Re: (Score:2)
That time around 2000 with the tank targeting system was a true moment of black comedy when after that US technology was supplied from Israel to China it was mass produced and on-sold to Iran.
However blaming "Israel" for that one is like blaming the USA for Charles Manson - criminals exist and the thing was apparently stolen.
It's a bit more than that, Israel helped China with air to air missiles (as in license production of the Python-3 which was a quantum leap for the PLAAF) and other guided weapons and is also alleged to have helped the Chinese develop sophisticated fighter and AWACS radars, had a hand in the design of some of the latest generation of Chinese fighters and sold them a whole bunch of other technology to do with miniaturized cooling units, Electro-optics, UAVs, and sophisticate sighting systems. A lot of this te
Re: (Score:2)
Re: (Score:2)
Truly, Israel is our greatest ally. Well... the US might be Israel's ally but have they ever been ours?
Same Old Vulnerability (Score:2)
So these were "carefully crafted" phishing attacks, eh? Wow, go figure. This is just another high-profile example of a basic security truism: as long as people with insufficient security awareness (and common sense) have access to data, said data is vulnerable. Once again, the weak link is between the chair and the keyboard. It always will be.
exfiltrated? (Score:2)
Re: (Score:2)
> withdraw (troops, DATA or spies) surreptitiously, especially from a dangerous position
The term is commonly used in info sec.
Re: (Score:2)
> withdraw (troops, DATA or spies) surreptitiously, especially from a dangerous position
The term is commonly used in info sec.
OK, but it's an odd neologism.
I guess you could "exfiltrate" files that you put on there ... though given the nature of files you'd probably just delete them. But you wouldn't "exfiltrate" someone else's files.
If infiltrating is putting your own stuff in, then exfiltrating would be taking your own stuff out, logically. But la
Mmmm (Score:3)
Looks like they could use an irone dome for their network too.
Akin to Fukishma (Score:2)
If the Japanese can't manage nuclear power, who can? If the Israelis can't defend against Chinese hackers, who can?
(Definitely blew away my misconception. I had no idea anyone in Israel was dumb enough to use a Microsoft product on their network.)
Re: (Score:3)
Because hacking doesn't work that way (Score:4, Informative)
Why dont these places have malware files spread out in their data files, hide them in a zip file or something.
All malware is data until you tell your computer to run it. If you get hacked by careless people, then I suppose having malware that reports them might work, but they'd have to run it or open it with a compromised program, and on a computer connected to the internet.
Re: (Score:2)
Re:Tag, you're it! (Score:5, Insightful)
Why, did China start to settle on their land, too?
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
nice trolling, its a prison, not a concentration camp!
Re: (Score:3)
nice trolling, its a prison, not a concentration camp!
When you have close to millions in such an enclosure based on religion/ethnic exclusion controlling all borders around it, the difference those two terms begin to blur.
And no, I'm not supporting Hamas. I think the group is bone-headed idiot and unnecessarily violent. But that doesn't mean I'm giving a pass to Israel on this either.
Re: (Score:2)
nice trolling, its a prison, not a concentration camp!
The concept of the concentration camp was invented by the British in South Africa as a way to 'concentrate the population' of Boers into managed camps.
Gaza really isn't that much different.
Re: (Score:2)
Except the SA farmers weren't sending thousands of rockets into Britain and aiming them at civilian population centers instead of military or government targets.
http://en.wikipedia.org/wiki/L... [wikipedia.org]
That's just so far this year. I am in no way absolving Israel for their part in this mess but they didn't just one day decide to lock everything down in Palestine on a whim. Until Palestinians want to live more than they want to hate they will continue to allow their neighbors to fire rockets blindly into Israel.
Re: (Score:2)
Yeah I'm sure the schoolkids and babies are also terrorists.
Just look at the kill ratio to see who is more dangerous to whom.
Re: (Score:2)
Wait, so just because Israel has modern guided missiles they should just stand by while Palestinians get their killstreak up? So its ok that the Jews have had their schoolkids and babies killed by hundreds of suicide bombs because they have better weaponry? Palestine's mission statement was officially, and still is unofficially, that every single man, woman and child Jew must die. Their suicide bombs, that were officially sanctioned by their government, were not targeting military installations. They target
Re: (Score:2)
No, Gaza is more like a Ghetto.
Israel Uses Palestinians as Human Shields (Score:2)
Survivors of massacre in Khuza’a say Israeli forces used Palestinians as human shields
Khuza’a is a village in the very eastern part of Khan Younis adjacent to the border fencein the southern Gaza strip. Its farmers have faced death almost on a daily basis in the past 7 years as Israeli gunfire has become the norm along the buffer zone between Gaza and Israel.
Following the Shuja’iyehmassacre, Israeli forces invaded Khuza’a withaerial strikes targeting any moving object. Survivors rec
Re: (Score:2)
"Velvet Glove?" - Israel Murders Babies (Score:2)
Zionism == Fascist Genocide
"Children killed in their sleep by Israel" [mondoweiss.net]
Israeli military fire hit a United Nations-run school in Gaza today, killing at least 20 people and injuring an estimated 90 people. The school under attack, called the Abu Hussein girls’ elementary school, is located in the densely-populated Jabaliya refugee camp.
The United Nations Relief Works and Agency (UNRWA), the group that serves Palestinian refugees, issued a stern statement placing the blame for the attack on the Israeli a
Re: (Score:3)
Why, did China start to settle on their land, too?
If you're asking about the Philippines, Japan and S.Korea they'd all answer with yes.
Re:Tag, you're it! (Score:4, Insightful)
No, just Tibet.
Re: (Score:2)
Why should Hamas care?
Re: Tag, you're it! (Score:4, Informative)
There is another side to this that isn't being reported. Hamas are using schools hospitals etc to fire rockets from and telling the public it is their duty to stay and act as human shields. Israel warn I attacks and say to evacuate but Hamas make them stay, to create propaganda which makes you angry and want to support them. Don't be so easily brainwashed.
There is an EU report on this which I now can't find but these facts exist outside of pro Israel web sites
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
1. Israel can prevent civilian deaths.
During the course of the past twelve days, Israeli air strikeshave killed [foxnews.com]over 1000Palestinians—mostly civilians [independent.co.uk].
Israelsays [aljazeera.com]the deaths are a result of Hamas using ordinary Palestinians as human shields, and the gruesome toll has been met with a shrug.
It’s an issue thathas come up [aljazeera.com]during past operations in Gaza.
Back in 2009, during Operation Cast Lead, the president of the United Nations General Assembly Miguel d’Escoto Brockmann,condemned [aljazeera.com]Israel for viola
Re: (Score:2)
I?
I work in his factory.
Re: Tag, you're it! (Score:5, Informative)
That's what Israel tells the world after they bomb schools ....
Don't let israel brainwash you!
That's what Israel tells the world after they bomb schools ....
Don't let israel brainwash you!
Hello, Mr. Hamas Troll,
The other day when BBC was interviewing a doctor who was inside a hospital in Gaza, in the middle of the interview two Hamas rockets were fired from the 3rd floor of the same hospital
The sounds of the rocket firing was heard clearly, and the doctor himself admitted in that live broadcast that two rockets were fired from the hospital
That broadcast was not sponsored in any way by Israel. It was a BBC broadcast !
Re: (Score:2)
That's what Israel tells the world after they bomb schools ....
Don't let israel brainwash you!
That's what Israel tells the world after they bomb schools ....
Don't let israel brainwash you!
Hello, Mr. Hamas Troll,
The other day when BBC was interviewing a doctor who was inside a hospital in Gaza, in the middle of the interview two Hamas rockets were fired from the 3rd floor of the same hospital
The sounds of the rocket firing was heard clearly, and the doctor himself admitted in that live broadcast that two rockets were fired from the hospital
That broadcast was not sponsored in any way by Israel. It was a BBC broadcast !
That's what Israel tells the world after they bomb schools ....
Don't let israel brainwash you!
That's what Israel tells the world after they bomb schools ....
Don't let israel brainwash you!
If it was the USA in Israel's situation, would they send knocker bombs or pamphlets or make phone calls. I bet you that the USA would have dropped napalm, and would have just eliminated Gaza.
Want to live with terrorists in your midst, here is a link Here is the funeral of one such terrorist stopped by Israel. The funeral was taking place in Gaza, They failed to remove the suicide belt before the burial.
https://www.youtube.com/watch?... [youtube.com]
Re: (Score:3)
I saw the segment the GP was talking about. I don't remember it being the third floor, but the doctor certainly admitted it was on the hospital grounds.
It still doesn't excuse Israel ignoring the targeting said hospital though. At the end of the day, the damage Hamas is doing with those rockets is minimal, and doesn't warrant ignoring the Geneva convention to deliberately target hospitals and schools where they know the civilian casualties will be disproportionate. Yes, Hamas is deliberately using human
Re: Tag, you're it! (Score:5, Informative)
It still doesn't excuse Israel ignoring the targeting said hospital though.
When a group fires from the grounds of a hospital, religious building, or homes, under the geneva convention those buildings automatically become military targets. There is no ignoring the geneva convention, what you've just posted is that hamas is committing war crimes in order to try and sway opinion.
Re: (Score:2)
There is no such provision in the Geneva convention. If a party finds that the conditions for a hospital, safety or neutral zone are not being complied with, they are required to give five days notice to the party administering the zone of their intention to cease recognizing it as a hospital, safety or neutral zone if its use is not brought int
Re: (Score:3)
Since you seem the first person who actually might know what these conventions say, can you explain something to me?
There is all this talk about Hamas using "human shields" and I want to know how that works. Let me make it easy by being extreme: Suppose country A duct tapes babies onto tanks then attacks country B. What response is permitted by country B? Is country A violating the geneva conventions? Would country B violate the geneva conventions if they returned fire?
I know that example is silly, but
Re: (Score:2)
... who is the war criminal?
I think that the answer, in your hypothetical example, as well as the current Gaza conflict (and the previous three, actually), is both.
The tragedy is nothing will come of it. A UN report will determine that both sides committed war crimes. Israel will condemn this as anti-semitic, and Hamas will condemn it as depriving them of the only way they have left to resist Israeli military and economic warfare.
Even looking at root causes is futile, for a conflict this old. So an apparently simple question such as
Re: (Score:2)
Re: (Score:2)
5 days so they can fire more rockets & move to another hospital? so they can just repeat this over & over and you can never shoot back?
That's what the Geneva convention says. A nation obeys it or does not, that is up to the nation to decide (and live with.)
Re: Tag, you're it! (Score:2)
Consider the matter settled.
(slap!) Your mom told you that you're a smart little boy? She lied; you really ought to shut the fuck up because you're quite clearly an idiot - no offense meant, by the way; it's strictly an observation... :)
Re: (Score:2)
Well, I guess that makes it right; Israel clearly has zero moral obligation to avoid targeting hospitals if the Geneva Convention says it's okay.
Consider the matter settled.
One of these days you'll figure out the rest. Remember that in Israel's case, they could level Shifia hospital. It's illegally being used as a hamas c&c structure, but they don't do it.
I'm sure you'll also have aged in a few years, and realize why your second sentence proves that you're the a-typical liberal who when faced with something they don't like, they revert to ad-homs.
Re: (Score:2)
Re: (Score:2)
and if that means 100 civvies dead on the other side for each Israeli, so be it. It's the same shit we've done here in the US with Iraq and Afghanistan when we call in airstrikes, and it is justifiable.
So be it, huh? Serves those civvies right for having been born in the wrong country? That is an argument which betrays complete moral bankruptcy. And completely overlooks that the war in Iraq was not justifiable to begin with. Certainly it had nothing to do with protecting US citizens.
The Nuremberg Tribunal ...
... called the waging of aggressive war "essentially an evil thing...to initiate a war of aggression...is not only an international crime; it is the supreme international crime, differing only from other war crimes in that it contains within itself the accumulated evil of the whole."
Re: (Score:2)
It's easy to stay hidden once you're in. You'd be absolutely amazed how many companies have very strict rules at the entrance but if you manage to get past, there's little more than token security inside.
Re: (Score:2)
The old design was always strong firewalls between the network and the Internet and nothing else. A lot of companies really believe that a stateful firewall will somehow prevent windows users running god knows what malware on their web connected desktop machines. Plus there are all the laptops and other devices staff plug straight into the core network. Plus VPN connection bridging the firewalls.
Computer security in most companies is a joke. That, apparently, includes defense contractors.
Re: (Score:2)
Re: (Score:2)
But you can't have an air gap in the 21st Century... employees would be cut off from Facebook and Twitter, and that would deny them their human rights.
Re: (Score:2)
Re: (Score:2)
In the old days such machines were considered potentially hostile and not allowed on the same network as the production/process line machines. Sometimes you'd have something on both networks to carefully feed apropriate information to the potentially virus ridden machines that were used to type up reports.
Now we've got malware far beyond the dreams of those "paranoid" days yet things
Re: (Score:3, Insightful)
What does 'specially crafted email phishing' attacks have to do with Windows?
Convincing someone to alter settings on their machine, download a file, or process some request has little to do with the OS in question.
Know your meme (Score:2)