Assisted NC businesses in winning 3,272 contracts minimum value of $12.8 billion

Really, how “real” is all this cyber stuff?

Really, how “real” is all this cyber stuff?

We have heard so much in the last several months about “cyber security” and “cyber attacks,” but does it really matter?  Absolutely!  Don’t be the next victim.  The following information is presented to increase your basic knowledge of cyber and perk your interest.   Want to learn more?   Sign up for the SE Region Cyber Security and Technology Seminar, 24 Aug 2017, in Chapel Hill.   http://www.ncmbc.us/17cyber/ 

Cyber threats refer to persons who attempt unauthorized access to a control system device and/or network using a data communications pathway. This access can be directed from within an organization by trusted users or from remote locations by unknown persons using the Internet. Threats to control systems can come from numerous sources, including hostile governments, terrorist groups, disgruntled employees, and malicious intruders. (Categories of persons involved in various attempted cyber intrusions are listed at the end of this article.)

In addition to well-known cyber threats such as phishing, malware, virus, ransomware, follows are some documented attacks that have taken place and their impacts that you may find interesting. (Information taken from “Lights Out” by Andy Greenberg in the July 17, 2017 Magazine “Wired.”)

  • 2000.   Using only a laptop and a radio transmitter, a disgruntled employee shut off all of the facility controls of a wastewater plant in Australia and disrupted 150 pump stations unleashing over 200,000 gallons of raw sewage into parks, canals and the grounds of a major resort.
  • 2003.   In Ohio, the Slammer worm infected a nuclear power plant’s network from a contractor’s computer blocking controls for a reactor.
  • 2009.   Stuxnet malware penetrated Iranian uranium enrichment facilities destroying about 100,000 centrifuges by causing them to spin too fast.
  • Late 2014.    Hackers take control of several automated systems in a German Steel Mill, causing massive damage to one of the last furnaces that could not be shut down.
  • 22 May 2014.   CyberBerkut, a pro-Russian group, hacks the Ukraine’s presidential election.   The intrusion is caught and stopped just in time.
  • 21 Dec 2014.   Another Russian group, Gancy Bear, released malicious software that is used to track Ukrainian artillery locations.
  • 24 Oct 2015.   Cyber attack destroys videos and documents and takes down Ukraine’s largest broadcasting company, StarLightMedia and the other Ukraine media company, TRK.
  • 3 Dec 2015. For six hours, power is cut to 225,000 Ukrainians by hackers.
  • 15 Jan 2016.   Screens in Kiev’s Metro is hijacked by hackers who display images of a villan named Moriarty from the movie, Sherlock.
  • 6 Dec 2016.   Hackers delete terabytes of financial data on the Ukraine Ministry of Finance and State Treasury, and interrupt payments to state employees.
  • 13 Dec 2016. Ukraine’s Ministry of Defense Website is prevented from posting updates on the Russian Separatist conflict.
  • 14 Dec 2016. Cyberattack cripples Ukraine’s national railway system during the holiday season.
  • 17 Dec 2016. Hackers take out a fifth of Kiev’s electrical capacity.

Follows is a listing and description of various cyber security threats. Source: Government Accountability Office (GAO), Department of Homeland Security’s (DHS’s) Role in Critical Infrastructure Protection (CIP) Cybersecurity, GAO-05-434 (Washington, D.C.: May, 2005).

Bot-network operators: Bot-network operators are hackers; however, instead of breaking into systems for the challenge or bragging rights, they take over multiple systems in order to coordinate attacks and to distribute phishing schemes, spam, and malware attacks. The services of these networks are sometimes made available in underground markets (e.g., purchasing a denial-of-service attack, servers to relay spam, or phishing attacks, etc.).

Criminal groups:  Criminal groups seek to attack systems for monetary gain. Specifically, organized crime groups are using spam, phishing, and spyware/malware to commit identity theft and online fraud. International corporate spies and organized crime organizations also pose a threat to the United States through their ability to conduct industrial espionage and large-scale monetary theft and to hire or develop hacker talent.

Foreign intelligence services:  Foreign intelligence services use cyber tools as part of their information-gathering and espionage activities. In addition, several nations are aggressively working to develop information warfare doctrine, programs, and capabilities. Such capabilities enable a single entity to have a significant and serious impact by disrupting the supply, communications, and economic infrastructures that support military power – impacts that could affect the daily lives of U.S. citizens across the country.

Hackers:   Hackers break into networks for the thrill of the challenge or for bragging rights in the hacker community. While remote cracking once required a fair amount of skill or computer knowledge, hackers can now download attack scripts and protocols from the Internet and launch them against victim sites. Thus while attack tools have become more sophisticated, they have also become easier to use. According to the Central Intelligence Agency, the large majority of hackers do not have the requisite expertise to threaten difficult targets such as critical U.S. networks. Nevertheless, the worldwide population of hackers poses a relatively high threat of an isolated or brief disruption causing serious damage.

Insiders: The disgruntled organization insider is a principal source of computer crime. Insiders may not need a great deal of knowledge about computer intrusions because their knowledge of a target system often allows them to gain unrestricted access to cause damage to the system or to





The NC Military Business Center, the NC Community College System, and the State of North Carolina do not officially endorse events. These items are posted strictly for the information and convenience of NCMBC customers.

website by Biz Tools One