“Gauss What!?” – Another CyberWeapon Discovered August 14, 2012
Posted by Chris Mark in cyberespionage, Risk & Risk Management, terrorism.Tags: cyber espionage, cybersecurity, data breach, Flame, Gauss, information security, Kaspersky, mark consulting group, Stuxnet
add a comment
According to Kaspersky labs, yet another cyberweapon was discovered last week. On August 9, 2012 Kaspersky labs released a press release stating that they had identified another cyber-weapon dubbed Gauss. According to the press release:
“…‘Gauss’, a new cyber-threat targeting users in the Middle East. Gauss is a complex, nation-state sponsored cyber-espionage toolkit designed to steal sensitive data, with a specific focus on browser passwords, online banking account credentials, cookies, and specific configurations of infected machines. The online banking Trojan functionality found in Gauss is a unique characteristic that was not found in any previously known cyber-weapons.” (more…)
“I know it’s true because I got it from the Internet!” – Reuters Hacked by Pro-Assad Group to publich Propaganda August 6, 2012
Posted by Chris Mark in competitive intelligence, cyberespionage, cybersecurity.Tags: assad, cybersecurity, data breach, data security, mark consulting group, propaganda, reuters, risk, Twitter
add a comment
Reuters acknowledged that on August 3rd, their blogging platform was hacked and a false, pro-Assad post was published. “Reuters.com was a target of a hack on Friday,” the company said in a statement. “Our blogging platform was compromised and fabricated blog posts were falsely attributed to several Reuters journalists.” Additionally, Reuters Twitter account was hacked and used to tweat several false, and pro-Assad messages. While this type of propaganda has been going on for as long as news has been published, the ease of which a person or group can publish on the Internet coupled with the speed at which it can spread creates new challenges for companies. Imagine a situation in which a company is hacked and fraudulent financial data is released before an IPO? As the US Presidential elections ramp up, we are seeing increasing numbers of stories and claims that can only be categorized as propaganda. In fact, unless you clicked on the links above and checked the underlying domains, you have no real confidence that this particular post is true, or accurate. 😉
It is important for companies to monitor the news that is being distributed about the organization. I have worked at an organization where we found someone who had intentionally published misleading and malicious information in an attempt to promote a competitor. While it did not require hacking a news system to publish the story, it is yet another area that exposes companies to unnecessary risk.
“The Rise of Cyber Espionage” – The Counter Terrorist Magazine August 5, 2012
Posted by Chris Mark in cyberespionage, cybersecurity, terrorism.Tags: chinese hackers, Chris Mark, Counter Terrorist Magazine; RSA, cyberespionage, data security, deterrence theory, Homeland1, InfoSec, IP Theft, Rise of CyberEspionage, risk management, SSI, terrorism
2 comments
UPDATE: I want to thank The Counter Terrorist magazine staff for including attribution to the article. They quickly corrected a mistake and the inaccuracy. Kudos!
Chris Mark (that is me;) has an article in the June/July 2012 issue of The Counter Terrorist Magazine. The article is titled: “The Rise of Cyber Espionage” and provides an overview of the current cyber espionage issues being faced by US businesses today. The article covers the breach at RSA to the subsequent attacks at Lockheed Martin, General Dynamics and others as examples of the types of attacks being faced by state sponsored cyber espionage groups. While this magazine may be new for some readers of this particular blog, it in its 4th year and is filled with great information for military, law enforcement, first responders, and even businesses. This particular issue is 76 pages of information covering Iran’s Nuclear Objectives, Cyber Espionage, First Responder Intelligence, Intelligence for Terror, and a number of great product reviews and other information. The magazine is subscription based but if you are interested in a copy of this particular issue, leave a comment with your email and other contact information and I can forward a free ezine.
“The Rise of CyberEspionage” – Chris Mark Published in Homeland Security Network June 18, 2012
Posted by Chris Mark in cyberespionage, cybersecurity.Tags: anonymous, china, cybercrime, cyberespionage, cybersecurity, data breach, data security, homeland security network, L3, mark consulting group, RSA, security
add a comment
An article I wrote on the Rise of Cyber Espionage was picked up by the Homeland Security Network. I must admit that the article title is not what was submitted but the article is one I wrote. If you are interested, spin on over to the Homeland Security Network and read the article. Any feedback would be appreciated..here is an excerpt:
“On April 15, 2011, the US Congressional Subcommittee on Oversight and Investigations conducted a hearing on Chinese cyber-espionage. The hearing revealed the US government’s awareness of Chinese cyberattacks. In describing the situation in her opening remarks, sub-committee chairperson Dana Rohrbacher astutely stated:
“[The]United States is under attack.”12 “The Communist Chinese Government has defined us as the enemy. It is buying, building and stealing whatever it takes to contain and destroy us. Again, the Chinese Government has defined us as the enemy.”
“Flame On!”- New CyberWeapon Discovered in Middle East May 28, 2012
Posted by Chris Mark in cyberespionage, cybersecurity, InfoSec & Privacy, News, terrorism.Tags: Chris Mark, cybercrime, cyberespionage, cybersecurity, data theft, Duqu, Flame, hack, InfoSec, Kapersky, security, Stuxnet
1 comment so far
Complementing the post CyberEspionage, researchers have discovered a new cyberweapon. First there was Stuxnet, then there was Duqu..now there is Flame. Called by a researcher: “…the most complex piece of malicious software discovered to date…” the recently discovered virus is designed to capture data but can also change computer setting and turn on integrated microphones to record what is being said in the room. Kapersky labs discovered the virus, dubbed “Flame”, which has been lurking undetected inside of thousands of computers in the Middle East for as long as 5 years. According to Kapersky, the countries with the most infections include Iran with the most infections followed by Israel/Palestine area, Syria, and Sudan. According to Kapersky senior researcher Roel Schouwenberg: “The virus contains about 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility, causing centrifuges to fail. It has about 100 times as much code as a typical virus designed to steal financial information”. (more…)
Global Security, Privacy, & Risk Management 