Project Cyber Dawn Explored Libyan Vulnerabilities
Wednesday, June 15, 2011
The Washinton Post reports that private sector security advisors were advising the U.S. government on how best to exploit vulnerabilities in Libyan Supervisory Control and Data Acquisition (SCADA) systems used to control Moammar Gadhafi’s oil production.
Word of the advisory study, titled "Project Cyber Dawn", came to light after the hacker collective LulzSec recently released emails stolen in a network breach of security contractor Unveillance.
According to a report in the Washington Post, "Project Cyber Dawn was put together by the Cyber Security Forum Initiative, a group whose membership includes military officials, academics and business leaders. Unveillance Chief Executive Karim Hijazi was one of the report’s 21 co-authors, among them forum founder Paul de Souza and Jeffrey Bardin, a former NSA code breaker."
Project cyber Dawn outlined a strategy to disable a refinery at Ras Lanouf employing a Stuxnet-type designer virus aimed at disrupting the facility's SCADA control systems.
SCADA systems provide operations control for critical infrastructure and production networks including manufacturing facilities, refineries, hydroelectric and nuclear power plants.
The Washington Post article goes on to state that "the authors of Cyber Dawn argued that something similar to the Stuxnet attack on Iran could be done in Libya, noting that German engineering conglomerate Siemens AG — whose software system was exploited by Stuxnet — has played an important role in projects across the North African country."
Stuxnet is a highly sophisticated designer-virus that wreaks havoc with SCADA systems, and the Stuxnet virus is thought to have caused severe damage to Iranian uranium enrichment facilities which reportedly set back the nation's nuclear program several years.
Revelations of the Project Cyber Dawn study are reminiscent of other covert operations undertaken by private security consultants, such as those revealed in the aftermath of the HBGary Federal network hack.
In January, the company was breached in an operation conducted by the rogue movement Anonymous which subsequently released of tens-of-thousands of company emails to reveal multiple instances of ethically questionable operations involving the security company.
The leaked emails showed that HBGary Federal, Palantir Technologies and Berico Technologies were involved in developing WikiLeaks counter-operations strategies for Bank of America and proposed disinformation campaigns, cyber attacks against network systems, and strong-arming journalists.
Other information released in the breach showed that the companies were engaged in developing strategies to infiltrate other civil activist groups, and plans to use social media for distributing government propaganda. There was also evidence that HBGary Federal was involved in developing an undetectable, full command and control cyber offensive weapon called Magenta.
“For the private sector to be making recommendations... that’s a level of ambition that you would not have seen until very recently,” said VeriSign's Eli Jellenc.
Siemens recently announced the company has issued a fix for at least some of the SCADA vulnerabilities that threaten the security of critical infrastructure control networks.
The remediation of the vulnerabilities are the company's first documented mitigation actions since the debut of the Stuxnet virus last year, which targeted Siemens programmable logic controllers (PLCs).