Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Security roundup for week ending Dec. 2: Carrier IQ stink, SCADA troubles

If a cyberattack from a hostile foreign source ever hit a public electric or water utility, affecting its industrial control systems, causing America's critical infrastructures to fail, would we understand that had even happened? We have more doubts than ever, after every twist and turn in the saga that began with the Nov. 10 "Public Water District Cyber Intrusion" report from the Illinois Statewide Terrorism & Intelligence Center (STIC) that set off a media firestorm after the report was leaked to the media. 

The Illinois STIC report said a cyberattack from Russia had hit an Illinois water facility, causing a water pump to fail. The Department of Homeland Security (DHS) and the FBI, in tandem with the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), has since concluded that the Illinois STIC report was in error. It may have been -- it would not be surprising if reasonable doubts remain -- but this episode of intelligence failures and slow response times has laid bare how poorly prepared America is, as Network World Editor in Chief John Dix summarizes in his editorial "The water pump alarm." 

This fiasco related to the Curran-Gardner Townships Public Water District in Springfield, Ill., which offers a rare glimpse into how the secretive intelligence-gathering "fusion centers" promoted by DHS really operate, raises the question of whether America's critical-infrastructure response system even works at all -- or is need of critical rethinking.

MORE ON SECURITY PROBLEMS: 2011's biggest security snafus

A mobile privacy firestorm

Beleaguered software vendor Carrier IQ was still on Friday denying its embedded smartphone application records, stores or transmits personal user information. A number of programmers have been trying to figure out how Carrier IQ's software actually works and what information it accesses following a series of blog posts by a systems administrator named Trevor Eckhart that purportedly show the CIQ application was logging keystrokes and SMS messages contents. Eckhart sparked a firestorm of denunciation and outrage, despite the fact his analysis has received almost no peer review. 

AT&T and Sprint confirmed that their mobile phones integrate Carrier IQ, but insist the software is used solely to improve wireless network performance. Phone makers HTC and Samsung said they were integrating the software into their handsets only because their carrier customers were asking for it. Apple said it included the Carrier IQ software in earlier version of its iOS firmware for devices such as iPhones and iPads, but dropped the code from iOS 5, the most recent version. Verizon, Research In Motion and Nokia have distanced themselves from the software and insist that reports about their devices integrating the tool are false. 

Sen. Al Franken (D-Minn.) is demanding that Carrier IQ explain whether its smartphone application is spying on users.

More Duqu for you

One thing of which there is no doubt is that the era of sophisticated malware used in cyberattacks is well underway. The recently-discovered Duqu, a Trojan-based botnet that shares some characteristics with the notorious Stuxnet that hit Iranian industrial facilities last year, is being watched by several security firms. Last week, Kaspersky Lab said hackers behind the Duqu botnet shut down 12 known command-and-control servers that had been hosted in a number of countries. However, there is a sense that a "modified operation," as one Kaspersky researcher put it, may well be underway.

In other news

- The FBI and the police in the Philippines have jointly busted a ring of four alleged hackers in Manila with connections to a terrorist group in Saudi Arabia, according to the criminal investigation and detection group of the Philippines. The terrorists were apparently targeting AT&T services, though AT&T last week was disputing that, saying it was the phone systems of a number of businesses, including some of its customers, that were targeted.

- TheInfoPro's biannual report on what investments, changes and budgets are anticipated in enterprise security, based on in-depth interviews with 182 IT security professionals at companies representative of the Fortune 1000, offers a popularity snapshot of security vendors.

- Startup Agari made its debut this week with email security services aimed at letting businesses operating online protect their email domain names from exploit and abuse by scammers and fraudsters. The Agari technology is being backed by AOL, Google, Microsoft and Yahoo Mail. Facebook is said to be among the first big customers of the service.

Security notes

- There are some special considerations around attacks on networks based on IPv6, and our article on that topic explains that here.

- Also, if cloud security is your main concern, here's a checklist that could help.

- Wondering how truly horrendous the security situation has been throughout 2011? Well, our annual "security snafus" story recounts for you the biggest incidents, meltdowns, lapses and service collapses we noticed during the past year. And of course, we still have a few weeks left to go ...

Read more about wide area network in Network World's Wide Area Network section.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: AOL, Apple, Carrier, CERT, Check Point, Cisco, Facebook, FBI, Google, HTC, Intrusion, John Dix, Juniper, Juniper Networks, Kaspersky, Kaspersky Lab, LAN, Microsoft, Motion, Nokia, Research In Motion, Samsung, Sprint, TIC, Verizon, Verizon, Yahoo
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: applications, Google, ICS, Intel, iOS, mobile, Mobile OSes, security, Telecommunication
Latest Blog Posts
Whitepapers
  • BPM Basics for Dummies
    This book helps you understand what BPM is really all about. We wrote it because BPM is so useful and so powerful — and because it is also very accessible. We wrote this book for you — the individual. You may be a business manager, or an Information Technology practitioner, or maybe an ambitious career individual who wants to know what BPM is all about and how to apply it.
    Learn more »
  • Focus & Invest in Business & Customers
    In an ever-changing economy, organisations are challenged to develop and maintain technology investment strategies that maximise process improvements and cost savings without compromising future growth. These organisations will emerge leaner and more competitive through economic cycles. And they will more likely have a firm technology foundation capable of adapting over time. Read more.
    Learn more »
  • So Long, Silos: Why Multi-Domain MDM Is Better For Your Business
    Say “so long” to silos. This white paper explains why a multi-domain MDM solution is far better than single-domain, single-focused point solutions. You’ll learn what to look for in a multi-domain solution so you don’t outgrow it or are forced to purchase multiple products down the road. You’ll also get tips on how to select a multi-domain solution that can lead to multiple benefits over many years. The age of multi-domain MDM is here. See why you should say “hello” to it!
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.