“SpyGames” – Global Cyber Espionage Ring Discovered January 15, 2013
Posted by Chris Mark in Uncategorized.Tags: Chris Mark, cyberespionage, information security, InfoSec, Kaspersky, mark consulting group, Stuxnet
add a comment
In an article published today in RT Magazine, it was disclosed that recently Russia’ Kaspersky labs uncovered. “A sophisticated cyber-espionage network targeting the world’s diplomatic, government and research agencies, as well as gas and oil industries…” “The majority of infections are actually from the embassies of ex-USSR country members located in various regions such as Western Europe and even in North America – in the US we have few infections as well. But most infections are concentrated around Russia,” Vitaly Kamluk, chief malware expert at Kasperky Lab, told RT, adding that in Europe, the hardest-hit countries are apparently Beligum and Switzerland. Kaspersky is also the company that identified Stuxnet, Flame, and Duqu malware.
According to the article: “The hackers’ primary objective is to gather information and documents that could compromise the security of governments, corporations or other organizations and agencies. In addition to focusing on diplomatic and governmental agencies around the world, the hackers also attacked energy and nuclear groups, and trade and aerospace targets.”
In August, 2012, I published an article in The Counter Terrorist Magazine titled: “The Rise of CyberEspionage” which outlines the International efforts to steal data from Western nations. Unfortunately, while many companies are busy trying to protect NPI, PII etc. advanced efforts are being undertaken to steal their intellectual property. Stay tuned for a February 2013 article in The Counter Terrorist, as well!
All’s Fair in Love & (Cyber) War September 17, 2012
Posted by Heather Mark in cyberespionage.Tags: cyberespionage, data security, Dr. Heather Mark, information security, InfoSec, Kapersky Lab, Stuxnet, Symantec
add a comment
A report released today suggests that the United States government is far more involved in the use of trojans and mal-ware than previously thought. The US had previously been linked to the Stuxnetvirus that wreaked havoc on the Iranian nuclear program. Speculation at that point was that the US and Israel had collaborated on the program in an effort to derail Iranian nuclear ambitions. I don’t think many were surprised to hear that supposition. Today, though, Kapersky Lab and Symantec announced that they have found evidence linking the US to three other, previously unknown viruses.
The use of covert operations on “enemy” governments dates back to the beginning of the civilization, really. Sun Tzu writes extensively about the subject and the use of “covert operatives” peppers Greek and Roman history, as well. These historical endeavors share a common purpose with the cyber-espionage that we see today – to gather data, or to provide data, that can be used to bring about the downfall of one’s enemy, or at least provide a significant advantage to the other side. It shouldn’t come as any surprise, then, that any country would make use of the available technology to conduct remote espionage operations.
We know that other countries, China in particular, has a specific focus on launching attacks on Intellectual Property of Western companies. A recent report in the Baltimore Sun highlights the countries singular focus on hiring cyber-soldiers (for lack of a better word): “Experts estimate that North Korea has as many as 1,000 cyber warfare agents working out of China and is recruiting more every day.” When we know that our enemies are fully engaged in cyber-warfare tactics, it would be short-sighted and naive to believe that our government is not fighting back.
“Gauss What!?” – Another CyberWeapon Discovered August 14, 2012
Posted by Chris Mark in cyberespionage, Risk & Risk Management, terrorism.Tags: cyber espionage, cybersecurity, data breach, Flame, Gauss, information security, Kaspersky, mark consulting group, Stuxnet
add a comment
According to Kaspersky labs, yet another cyberweapon was discovered last week. On August 9, 2012 Kaspersky labs released a press release stating that they had identified another cyber-weapon dubbed Gauss. According to the press release:
“…‘Gauss’, a new cyber-threat targeting users in the Middle East. Gauss is a complex, nation-state sponsored cyber-espionage toolkit designed to steal sensitive data, with a specific focus on browser passwords, online banking account credentials, cookies, and specific configurations of infected machines. The online banking Trojan functionality found in Gauss is a unique characteristic that was not found in any previously known cyber-weapons.” (more…)
“Flame On!”- New CyberWeapon Discovered in Middle East May 28, 2012
Posted by Chris Mark in cyberespionage, cybersecurity, InfoSec & Privacy, News, terrorism.Tags: Chris Mark, cybercrime, cyberespionage, cybersecurity, data theft, Duqu, Flame, hack, InfoSec, Kapersky, security, Stuxnet
1 comment so far
Complementing the post CyberEspionage, researchers have discovered a new cyberweapon. First there was Stuxnet, then there was Duqu..now there is Flame. Called by a researcher: “…the most complex piece of malicious software discovered to date…” the recently discovered virus is designed to capture data but can also change computer setting and turn on integrated microphones to record what is being said in the room. Kapersky labs discovered the virus, dubbed “Flame”, which has been lurking undetected inside of thousands of computers in the Middle East for as long as 5 years. According to Kapersky, the countries with the most infections include Iran with the most infections followed by Israel/Palestine area, Syria, and Sudan. According to Kapersky senior researcher Roel Schouwenberg: “The virus contains about 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility, causing centrifuges to fail. It has about 100 times as much code as a typical virus designed to steal financial information”. (more…)
Richard A. Clarke: Every Major US Company has been Hacked by China March 31, 2012
Posted by Chris Mark in Industry News, InfoSec & Privacy, Risk & Risk Management, terrorism.Tags: china, cyber espionage, cyber war, cybersecurity, information security, PCI DSS, richard a clarke, Stuxnet
add a comment
According to an article and interview on FastCompany, Counter terrorism expert, and best selling author, Richard Clarke has gone on the record claiming that “…every major company in the United States has already been penetrated by China.” Mr. Clarke served under three presidents and currently runs a cybersecurity organization called Good Harbor. He is the author of CyberWarfare and several other books. You can read his interview in Smithsonianmag.com. One of his more compelling statements is:
“My greatest fear is that, rather than having a cyber-Pearl Harbor event, we will instead have this death of a thousand cuts. Where we lose our competitiveness by having all of our research and development stolen by the Chinese. And we never really see the single event that makes us do something about it. That it’s always just below our pain threshold. That company after company in the United States spends millions, hundreds of millions, in some cases billions of dollars on R&D and that information goes free to China….After a while you can’t compete.”
Global Security, Privacy, & Risk Management 