How To Stop Flame and Stuxnet (Super-Malware) Dead in Their Tracks
Let me introduce you to Norm.
"Norm!"
No, not George Wendt. Norman is an IT security company based in Norway that's selling a box that just might save the world from the next nuclear disaster.
Perhaps you've heard of a beefy piece of malware dubbed "Flame" that's been getting some attention lately. This week it became the latest dark monarch to reign in the underworld kingdom of scary code. Norm -- sorry, Norman -- says its new box could douse Flame and stop destructive cousins like Stuxnet and Duqu in their tracks, too.
While Flame's reported ability to disable security software, turn on a system's microphone, and take screen captures is scary enough, a more disturbing issue concerns our new friend Norman: Many of the networks and administrators that run our energy facilities, water treatment stations, and other industrial control systems (ICS, also sometimes referred to as SCADA systems) don't employ even basic antivirus software to help mitigate the threat from malware like Flame, Stuxnet, and the multitude of other bits of mean-spirited code hitchhiking around the world on even the nicest-looking packets of data.
At issue is the fact that many industrial control systems are custom-built to perform a specific set of tasks, and they often also require precise timing. This means traditional antivirus tools can't always just be laid on top of a SCADA system with the ease of an iPhone sliding into a new zebra-print case. Moreover, operators can be loathe to give up precious (and sometimes limited and/or outdated) system resources to a virus scan or other security-based processes. The result is that systems that control some of the machinery we depend on each day for basic necessities are often exposed to all sorts of nasty threats.
SCADA security expert and Tofino Security CTO Eric Byres says "99.99 percent of the control devices and protocols used today offer no robust authentication, integrity or confidentiality capabilities. They can be completely controlled by any individual or worm that gets a foothold on the network."
Enter Norman and our mysterious box.
Norm!
Actually, the man I talked to is named Øivind. Good luck shouting that name across a Boston bar.
Øivind Barbo is Norman's product director for a new offering called Norman SCADA Protection (NSP), which Barbo says it will be launched initially with a major multinational client in the energy sector in the coming weeks. Barbo explained to me that the idea behind NSP is to neutralize the two main vehicles that malware likes to hitch rides on -- networks and external storage devices like USB sticks.
Norman's box is essentially a terminal that's set up in line along the network to scan all the data coming in and out of the downstream industrial control system.
"It's an antivirus on a cable," Barbo says.
Think of it like one of those creepy new X-ray vision scanners at airport security. Unlike a firewall -- or a TSA agent -- that simply stops traffic to see where you've been and where you're going, the new and improved solution does a thorough (and sometimes uncomfortable, in the case of airport security) scan of the contents of everything passing through.
NSP plugs in behind the SCADA firewall to scan all data and portable storage destined for industrial controls.
The terminal appears to be about the size of a desktop PC, and Barbo says it's fully plug and play -- simply plug in your network cables and it starts scanning and stopping any threats that might unintentionally wander near, or directly target, an industrial controller. But Norman's cybersecurity bouncer-in-a-box does more than just actively scan network traffic. Just as your friendly TSA agent will kindly ask you to part with your shoes and belt buckle for a few minutes for a brief scan, the NSP in-line terminal also serves as a checkpoint for USB sticks and other external storage destined for any computer connected to a SCADA system.
The external devices are scanned for threats and either stamped with a clean bill of health in the form of a tiny encrypted file or they are rejected, much like your annoying friend who forgot to take the pocket knife off his keychain when you were already running late for your flight to Miami.
A small driver installed on the SCADA system console then looks for that encrypted file whenever a USB storage device is inserted to verify that it isn't infected by Flame, Stuxnet or some lesser digital cooties. Barbo explains that because the only thing running on the SCADA system is a small verification driver, two layers of security are added without giving up any significant system resources.
Last line of defense between Malware and the computer that might be controlling your neighborhood nuke plant.
Similar SCADA security appliances exist, but the simplicity behind NSP is compelling -- if it works. Barbo answers matter of factly with a "yes" when I ask if NSP would have stopped Stuxnet, but like most anti-malware products, it relies on prior identification of all threats. The NSP in-line scanner uses a secure connection for updates to its threat registry, so -- as with would-be underwear bombers -- it's always possible for something malicious to get past security.
Nonetheless, NSP could offer new protection for some pretty critical infrastructure. Norman's Barbo says a big name in the global energy industry will be the first to plug NSP into its operation soon. Norman estimates that typical SCADA installations could cost utilities and other industrial facilities between $40,000 and $50,000.
Not a bad deal for a little box from your new friend Norm. Especially, when you consider a typical airport scanner can cost up to four times as much, and your absent-minded buddy with the pocket knife isn't nearly as scary as Stuxnet.
www.DPL-Surveillance-Equipment.com
INTERNET-BASED NANNY SPY CAMERAS (Buy/Rent/Layaway)
Our New Layaway Plan Adds Convenience For Online Shoppers
Next-Generation Bug / Microwave / ELF / Spy Phone / GSM And Camera Detectors (Buy, Rent, Layaway) tinyurl.com/2eo8mlz Open...
— Spy Store Rentals (@MontyHenry1)
Nanny IP (Internet) Cameras, GPS Trackers, Bug Detectors and Listening Devices, etc, (Buy / Rent / Layaway): tinyurl.com/396jlw6...
— Spy Store Rentals (@MontyHenry1)
NOW, look in on your home, second home, lake house or office anytime, anywhere from any internet connected PC/Lap-top or Internet active cell phone, including iphone or PDA.
Watch your child's caregiver while sitting at a traffic light or lunch meeting, or check on your business security from the other side of the world. Our built-in hidden video features all digital transmissions providing a crystal clear image with zero interference. 
With the IP receiver stream your video over the internet through your router, and view on either a PC or smart phone. Designed exclusively for DPL-Surveillance-Equipment, these IP hidden wireless cameras come with multiple 
features to make the user's experience hassle-free.
With the IP receiver stream your video over the internet through your router, and view on either a PC or smart phone. Designed exclusively for DPL-Surveillance-Equipment, these IP hidden wireless cameras come with multiple 
features to make the user's experience hassle-free.
NOW, look in on your home, second home, lake house or office anytime, anywhere from any internet connected PC/Lap-top or Internet active cell phone, including iphone or PDA: http://www.dpl-surveillance-equipment.com/wireless_hidden_cameras.html
Watch your child's caregiver while sitting at a traffic light or lunch meeting, or check on your business security from the other side of the world. Our built-in hidden video features all digital transmissions providing a crystal clear image with zero interference. With the IP receiver stream your video over the internet through your router, and view on either a PC or smart phone. Designed exclusively for DPL-Surveillance-Equipment, these IP hidden wireless cameras come with multiple features to make the user's experience hassle-free.
• Remote Video Access
• Video is Recorded Locally To An Installed SD Card (2GB SD Card included)
• Email Notifications (Motion Alerts, Camera Failure, IP Address Change, SD Card Full)
• Live Monitoring, Recording And Event Playback Via Internet
• Back-up SD Storage Up To 32GB (SD Not Included)
• SD Card Lock Box With Key So SD Card Can't Be Removed
• Digital Wireless Transmission (No Camera Interference)
• View LIVE On Your SmartPhone!
Includes:
* Nanny Cameras w/ Remote View
* Wireless IP Receiver
* Remote Control
* A/C Adaptor
* Key ( For SD Card Lock Box)
* 2GB SD Card
* Ethernet Network Cable
FACT SHEET: HIDDEN NANNY-SPY (VIEW VIA THE INTERNET) CAMERAS
Specifications:
Receiver Specs:
* Transmission Range of 500 ft Line Of Sight
* Uses 53 Channels Resulting In No Interference
* 12V Power Consumption
* RCA Output
* RJ45/Ethernet Port
* Supports up to 32gig SD
* Key Lock Mechanism To Protect Video Data
Camera Specs:
* 640x480 / 320x240 up to 30fps
* Image Sensor: 1/4" Micron Sensor
* Resolution: 720x480 Pixels
* S/N Ratio: 45 db
* Sensitivity: 11.5V/lux-s @ 550nm
* Video System: NTSC
* White Balance: Auto Tracking
• Video is Recorded Locally To An Installed SD Card (2GB SD Card included)
• Email Notifications (Motion Alerts, Camera Failure, IP Address Change, SD Card Full)
• Live Monitoring, Recording And Event Playback Via Internet
• Back-up SD Storage Up To 32GB (SD Not Included)
• SD Card Lock Box With Key So SD Card Can't Be Removed
• Digital Wireless Transmission (No Camera Interference)
• View LIVE On Your SmartPhone!
Includes:
* Nanny Cameras w/ Remote View
* Wireless IP Receiver
* Remote Control
* A/C Adaptor
* Key ( For SD Card Lock Box)
* 2GB SD Card
* Ethernet Network Cable
FACT SHEET: HIDDEN NANNY-SPY (VIEW VIA THE INTERNET) CAMERAS
Specifications:
Receiver Specs:
* Transmission Range of 500 ft Line Of Sight
* Uses 53 Channels Resulting In No Interference
* 12V Power Consumption
* RCA Output
* RJ45/Ethernet Port
* Supports up to 32gig SD
* Key Lock Mechanism To Protect Video Data
Camera Specs:
* 640x480 / 320x240 up to 30fps
* Image Sensor: 1/4" Micron Sensor
* Resolution: 720x480 Pixels
* S/N Ratio: 45 db
* Sensitivity: 11.5V/lux-s @ 550nm
* Video System: NTSC
* White Balance: Auto Tracking
Our New Layaway Plan Adds Convenience For Online Shoppers
DPL-Surveillance-Equipment's
layaway plan makes it easy for you to buy the products and services
that you want by paying for them through manageable monthly payments
that you set. Our intuitive calculator allows you to break down your
order's purchase price into smaller payment amounts. Payments can be
automatically deducted from your bank account or made in cash using
MoneyGram® ExpressPayment® Services and you will receive your order once
it's paid in full. Use it to plan and budget for holiday purchases,
anniversaries, birthdays, vacations and more!
DPL-Surveillance-Equipment's
Customers can now use the convenience of layaway online to help them
get through these tough economic times.
We all shop now
and then just to face a hard reality -- big credit card bills. However,
our latest financing innovation can help you avoid that. Find out why
more and more shoppers are checking out DPL-Surveillance-Equipment's
e-layaway plan.
If you're drooling over a new nanny
camera, longing for a GPS tracker, or wishing for that spy watch, but
you're strapped for cash and can't afford to do credit, do what Jennie
Kheen did. She bought her iPod docking station (hidden camera
w/motion-activated DVR) online using our convenient lay-away plan.
Our
online layaway plan works like the old-fashioned service stores used to
offer. But, in Kheen's case, she went to
DPL-Surveillance-Equipment.com, found the iPod docking station (hidden
camera w/motion-activated DVR), then set up a payment plan.
"It's automatically drawn from my account," she said. "I have a budget, $208.00 a month.
In
three months, Kheen had paid off the $650.00 iPod docking station. She
paid another 3.9 percent service fee, which amounted to about $25.35
(plus $12.00 for shipping) for a total of $687.35.
"You
pay a little bit each month," Kheen said. "It's paid off when you get
it and you don't have it lingering over your head. It's great."
Flexible
payment terms and automated payments make our layaway plan an
affordable and fiscally responsible alternative to credit cards.
1. Register:
It's quick, easy and FREE! No credit check required!
2. Shop:
Select
the items or service you want and choose "e-layaway" as your payment
option. Our payment calculator makes it easy for you to set up your
payment terms.
3. Make Payments:
Payments are made on the schedule YOU set. Check your order status or adjust your payments online in a secure environment.
4. Receive Products:
Receive the product shortly after your last payment. The best part, it's paid in full... NO DEBT.
More Buying Power:
*
Our lay-away plan offers a safe and affordable payment alternative
without tying up your credit or subjecting the purchase to high-interest
credit card fees.
No Credit Checks or Special Qualifications:
* Anyone 18 years old or older can join. All you need is an active bank account.
Freedom From Credit Cards:
*
If you are near or beyond your credit limit or simply want to avoid
high interest credit card fees, our e-layaway is the smart choice for
you.
Flexible Payment Schedules:
*
Similar to traditional layaway, e-layaway lets you make regular payments
towards merchandise, with delivery upon payment in full. Payments are
automatically deducted from your bank account or made in cash using
MoneyGram® ExpressPayment®
A Tool for Planning Ahead:
*
Our e-layaway makes it easy for smart shoppers like you to plan ahead
and buy items such as bug detectors, nanny cameras, audio bugs, gps
trackers, and more!
No Hidden Charges or Mounting Interest:
Our
e-layaway makes shopping painless by eliminating hidden charges and
monthly interest fees. Our customers pay a flat transaction fee on the
initial purchase price.
NO RISK:
* You have the right to cancel any purchase and will receive a refund less a cancellation fee. See website for details.
Security and Identity Protection:
DPL-Surveillance-Equipment
has partnered with trusted experts like McAfee and IDology to ensure
the security and integrity of every transaction. Identity verification
measures are integrated into our e-layaway system to prevent fraudulent
purchases.
Note: Simply Choose e-Lay-Away as a "Payment Option" in The Shopping Cart
DPL-Surveillance-Equipment.com
is a world leader in providing surveillance and security products and
services to Government, Law Enforcement, Private Investigators, small
and large companies worldwide. We have one of the largest varieties of
state-of-the-art surveillance and counter-surveillance equipment
including Personal Protection
and Bug Detection Products.
Buy, rent or lease the same
state-of-the-art surveillance and security equipment Detectives, PI's,
the CIA and FBI use. Take back control!
DPL-Surveillance-Equipment.com
Phone: (1888) 344-3742 Toll Free USA
Local: (818) 344-3742
Fax (775) 249-9320
Monty@DPL-Surveillance-Equipment.com
Google+ and Gmail
DPLSURVE
Twitter
DPLSURVE
MSN
Monty@DPL-Surveillance-Equipment.com
AOL Instant Messenger
DPLSURVE32
Skype
Montyl32
Yahoo Instant Messenger
Montyi32
Alternate Email Address
montyi32@yahoo.com
Join my Yahoo Group!
My RSS Feed
Phone: (1888) 344-3742 Toll Free USA
Local: (818) 344-3742
Fax (775) 249-9320
Monty@DPL-Surveillance-Equipment.com
Google+ and Gmail
DPLSURVE
DPLSURVE
MSN
Monty@DPL-Surveillance-Equipment.com
AOL Instant Messenger
DPLSURVE32
Skype
Montyl32
Yahoo Instant Messenger
Montyi32
Alternate Email Address
montyi32@yahoo.com
Join my Yahoo Group!
My RSS Feed
posted by DPL-Surveillance-Equipment | 8:53 PM
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.
<< Home