[LINK] Cyberattacks, max the CPU and turn-off fans

Scott Howard scott at doc.net.au
Thu Feb 27 17:57:33 AEDT 2014 

This is hardly new(s).

Viruses that damage "hardware" date back to at least 1998 with the CIH
virus that overwrote the computers BIOS, in a day where this could
frequently not be recovered from without physically replacing the BIOS chip
in many systems - http://en.wikipedia.org/wiki/CIH_(computer_virus)

The "overheating" experiment has been carried out several times and is
nothing new. Doing it on a Mac may be new, but that's about it.

However if you want to talk about malware damaging hardware you don't need
to look any further than Stuxnet, which is suspect of destroying as many as
1000 uranium enrichment centrifuges in Iran in 2009 -
http://en.wikipedia.org/wiki/Stuxnet

The odds of this actually occurring in a widespread malware attack are low.
A malware infected PC is worth far more to a bot-net owner "alive" than
dead.

  Scott
  (Speaking for myself, not on behalf of my employer who may happen to be
mentioned in the article...)



On Wed, Feb 26, 2014 at 10:26 PM, Stephen Loosley <stephen at melbpc.org.au>wrote:

>
>
>
> RSA security attack demo deep-fries Apple Mac
>
> By Ellen Messmer  (Network World) -- 26 February, 2014 20:13
>
> San Francisco --  How bad can cyberattacks get? How about burning the
> internal components of a machine, whether PC or Mac, to a crisp so there's
> no thought of it being recoverable?
>
> That's what security vendor CrowdStrike showed could be done to an Apple
> Mac OS X today at the RSA Conference.
> "We can actually set the machine on fire," said Dmitri Alperovitch, chief
> technology officer at CrowdStrike, who joined with the security firm's CEO
> George Kurtz to show exactly how this kind of attack can be carried out on
> an Apple OS X computer.
>
> Alperovitch added the demo done at the Moscone Center would be controlled
> to raise the temperature level of the targeted Mac to permanently damage
> the electronics, not ignite it, since this after all was a public venue at
> the Moscone Center where fires would not be countenanced.
>
> The cyberattack demonstration  "frying the machine" was done by targeting
> the machine's APC embedded controller through a fake firmware update
> devised by CrowdStrike that spiked the CPU and turned off the fans.
> The point, said Alperovitch, is this is a type of cyberattack that
> enterprises really can expect to see happen in the future, an attack that
> is not recoverable in terms of data or the machine itself.
>
> "This is the next-generation permanent destruction," warns Kurtz. It
> involves attacking hardware itself -- and far more than just a Mac OS X can
> be manipulated this way -- and this is "what we believe will happen in the
> real world." In contrast, most other types of cyber-attack currently can be
> regarded as "recoverable" in the sense that even though damage is done,
> there is usually a way to restore systems or retrieve data.
> But now, "we are entering a new age of targeted destruction attacks,"
> Kurtz concluded.
> Ellen Messmer is senior editor at Network World, an IDG website, where she
> covers news and technology
>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
>

More information about the Link mailing list