Devices are rapidly reaching the limits of silicon-based transistor miniaturization, but IBM’s developed a new approach that should be ready to go in five to six years: carbon nanotubule microtransistors. Much smaller – and much faster – than existing silicon transistors, they should be compatible with existing semiconductor technology.
IBM has recently made chips with 10,000 nanotube transistors (see “How to Build a Nanotube Computer”). Now it is working on a transistor design that could be built on the silicon wafers used in the industry today with minimal changes to existing design and manufacturing methods. The design was chosen in part based on simulations that evaluated the performance of a chip with billions of transistors. Those simulations suggest that the design chosen should allow a microprocessor to be five times as fast as a silicon one using the same amount of power.
That’s a pretty cool development. Now for the not so cool: Dragonfly. Symantec has noted that, like its Stuxnet predecessor, Dragonfly malware targets industrial control systems (ICS) and has been deployed against a range of Western power systems.
Among the targets of Dragonfly were energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry industrial equipment providers. The majority of the victims were located in the United States, Spain, France, Italy, Germany, Turkey, and Poland.
Symantec notes that the attackers are very well resourced, and they describe several of the techniques that were used to gain access to the ICS along with a couple of specific malware implementations. It appears that the attacks were a test run, intended to gather data – otherwise known as spying – and to assert their ability to control the ICS in question. Rapid detection and analysis rendered actual sabotage infeasible, although the potential existed for extensive damage to energy supply systems in targeted countries.
The parameters of the attack are now being informationally reported by Symantec since they have alrady worked with authorities to track and eliminate the infestations. Unsurprisingly, the attacks originated in eastern Europe.
Dragonfly bears the hallmarks of a state-sponsored operation, displaying a high degree of technical capability. The group is able to mount attacks through multiple vectors and compromise numerous third party websites in the process. Dragonfly has targeted multiple organizations in the energy sector over a long period of time. Its current main motive appears to be cyberespionage, with potential for sabotage a definite secondary capability.
When the malware copies root directories and Outlook contact data before encrypting them and handing them off to a C&C server, espionage is a pretty safe bet.