Doing my morning reading of the news and ran across these.

Most everyone here is aware of this story about the Stuxnet worm which targeted certain Siemens industrial control systems.

But, of course, few really cared as it seemed to be a targeted attack against Iranian nuclear facilities.

Always in the news are folks like the Anonymous and LulaSec groups.

But McAfee notes that the two above groups are largely amateurish and relatively harmless in the larger scheme of things.

Of more interest and concern are things like this:

The above is a short synopsis of a McAfee report. The White Paper from McAfee is available on line.

Note that McAfee only mentions a SMALL number of the overall findings they made.

The interest here is that the intrusions appear to be planned, long term, and likely backed by someone (or some government) with plenty of cash and resources. And often times the victims don't even know they've been had.

Other interesting (to me) reports.

Scada systems:;txt

Is your car vulnerable?;txt

Do you have diabetes or wer a pace-maker?

However, in general recent articles suggest good news.

Attacks against Microsoft based systems are down, and those against Apple's IOS, Linux, and Android systems are up ... in a major way.

Ain't it a wonderful world?

LOL ...

As to how it directly concerns those of us in our line of work, I was just thinking that if someone were able to hack into my work laptop, and had any clue as to what they were doing, I have info on it that could allow access and control remotely of literally hundreds of buildings.

Not a lot of chance of that. For one, the targets presented are not particularly high value targets. Secondly, besides the security software always running on my laptop (kept undated) I also routinely do manual checks to see if anything is doing something I don't know about. I also avoid doing anything with the work laptop to increase its vulnerability like using it to look at unknown/untrusted sites, never open emails with it except for those related to business through our company secure email service, etc.

We recently, last year, made sure that NO sites we install or have installed in the past have the factory default passwords enabled.