Daily Management Review

As Spying And Crime Tools Mix, Blame Game For Cyber Attacks Grows Murkier


05/31/2017




As Spying And Crime Tools Mix, Blame Game For Cyber Attacks Grows Murkier
On the face of it looked like a menacing new industrial espionage attack by Russian cyber spies and Veteran espionage researcher Jon DiMaggio was hot on its trail three months ago.
 
clues in the programming code indicating its authors were Russian speakers, covert communication channels for grabbing documents, an advanced Trojan horse for stealing data from inside organizations, and targeted phishing emails common to government espionage were all the hallmarks that were there.
 
He found out that he was tracking a lone-wolf cyber criminal and it took weeks before the lead cyber spying investigator at Symantec, a top U.S. computer security firm, figured it out.
 
Saying the case is a run-of-the-mill example of increasing difficulties in separating national spy agency activity from cyber crime, DiMaggio won't identify the name of the culprit, whom he has nicknamed Igor. He said that Transdniestria, a disputed, Russian-speaking region of Moldova, was the place of origin of the hacker.
 
"The malware in question, Trojan.Bachosens, was so advanced that Symantec analysts initially thought they were looking at the work of nation-state actors," DiMaggio told Reuters in a phone interview on Wednesday. "Further investigation revealed a 2017 equivalent of the hobbyist hackers of the 1990s."
 
As tools once only available to government intelligence services find their way into the computer criminal underground, the example highlights the dangers of jumping to conclusions in the murky world of cyber attack and defense.
 
"The attribution problem", using technical evidence to assign blame for cyber attacks in order to take appropriate legal and political responses, id what it is referred to by security experts.
 
Whether Moscow may be attempting to disrupt national elections taking place in coming months across Europe and whether Russia used cyber attacks to influence last year's U.S. presidential elections were the questions that echo through the debate.
 
At the International Conference on Cyber Conflict in Tallin this week, the topic is a big talking point for military officials and private security researchers.
 
"Attribution is almost never a clean, smoking-gun," said Paul Vixie, creator of the first commercial anti-spam service, whose latest firm, Farsight Security, helps firms track down cyber attackers to identify and block them.
 
Cyber security threats were ratcheted to a whole new level after credit for leaking cyber-spying tools that are now being turned to criminal use, including ones used in the recent WannaCry global ransomware attack, were taken by a mystery group calling itself ShadowBrokers which has raised the stakes.
 
And to enable hacking into the world's most used computers, software and phones, ShadowBrokers has threatened to sell more such tools, believed to have been stolen from the U.S. National Security Agency, in recent weeks.
 
"The bar for what's considered advanced is lowered as time goes by," said Sean Sullivan, a security researcher with Finnish cyber firm F-Secure.
 
Last year, at a major airline, an online gambling firm and a Chinese automotive software maker, which are all customers of Symantec products used to secure their business networks, infections popped up and the Moldovan hacker's campaign to steal data and resell it on the web came to light only after such incidents.
 
“Considering the audacity of this attack, the financial rewards for Igor are pretty low,” DiMaggio wrote in a blog post on his findings to be published on Wednesday.
 
In part because the attack singles out only a handful of specific firms rather than the wide-ranging, random attacks used by many cyber criminals to scoop up the greatest number of victims, Symantec rates Trojan.Bachosens as a very low risk virus as a threat.
 
"I think those days are over when we can say in black and white: We know this is an espionage group," DiMaggio said.
 
Calculating that exposing the methods of the attack will be enough to neutralize them, the Symantec researcher has not reported Igor to local authorities.
 
(Source:www.reuters.com) 






Science & Technology

Toyota is trying to revive demand for Prius

Deloitte: Smart speakers will show record sales in 2019

China takes the lead in quantum cryptography

Gartner: Chinese smartphones lead sales

Bitcoin Mining Worsens Global Warming Effect

Europe overtakes US by number of patents for self-driving car technologies

Samsung introduces display technology for folding screens

How retailers use technologies to increase sales

Facebook releases videochat devices Portal and Portal Plus

Smartphone makers will pay for pre-installing Google apps‍

World Politics

World & Politics

Merkel refuses yet another negotiation with May

Hong Kong refuses tiny apartments

Tumblr, Facebook wage war against adult content

Arrest of Huawei’s top manager endangers US-China trade truce

Has Macron given up to Yellow Vests?

What to expect from G20 Buenos Aires summit?

China steps up space race with the US

Climate change will cost US $ 500 billion a year