In the Menlo Park garage where it all began, Google executives celebrate the 15th anniversary of the company’s founding. Hard to believe Google is only 15, isn’t it?
Month: October 2013
NASA to Use a 3D Printer on the International Space Station
NASA will be sending a 3D printer to the ISS in the Fall of 2014, according to an article in the LA Times by Shan Li. The printer will allow astronauts to print new tools as needed, and to fabricate parts that they would otherwise have to wait months to receive.
AP and Google Fund Six 20k Scholarships in Digital and New Media
The Associated Press and Google announced the winners of six scholarships for journalism students studying at the intersection of journalism, computer science and new media. The scholarship program had a deadline for entry in February this year, and the program is likely to continue next year.
Furloughed Gov Workers Experience a Digital Separation
The Washington Post reports that many US Government employees will have to turn in their government issued Blackberrys during the government shutdown. This is to prevent them from doing work or conducting official business such as sending emails while the non-essential operations of the government remain unfunded.
Privacy Concerns Amid New Wearable Devices
Hayley Tsukayama has written an article for the Washington Post about new privacy concerns brought on by recent devices such as Google Glass and Samsung’s Galaxy Gear. Glass has already attracted a number of preemptive bans on its use in certain places, but in general the intersection of everyday wearable devices and privacy with everyday life has yet to be socially (or governmentally) addressed.
Icefog Crew Shows You Don’t Need a 100 Person Team to be an APT
Kaspersky Lab has published a report on the activities of a small crew of advanced hackers using custom tools. Kaspersky received assistance from the Korea Internet & Security Agency and Interpol during their investigation. The team appears to be based in China and has an estimated 10 members. The targets of the team have been been in various industrial sectors; among them military contractors, shipbuilding and maritime operations, research companies, telecom operators, satellite operators, and mass media and television operators. The attacks have been primarily restricted to South Korea and Japan. The attack software used by the group, Icefog, has current versions for both Windows and Macintosh.
The attack methodology of the group has primarily been “spear-phishing”, and in the past they have relied on exploits embedded in Microsoft Office documents, though they have also directed users to Java exploits. In contrast to other APT operators, the Icefog group’s software does not automatically take files from the victim’s machine. The backdoor used is manually directed, and the attackers seem to have some idea what they are looking for with each target, often searching for individual files. After the team has obtained what they want, they abandon the compromised machines and move on to other targets.
Icefog appears to be operating as short term cyber-mercenaries, taking orders for attacks and obtaining requested documents from their targets. Their earliest attacks seem to have begun in 2011. The combination of their small size, their directed and short-term actions, and the use of custom software (although no 0-day attacks were detected by Kaspersky) raises many questions about the future trajectory of actors in the persistent threat arena. Even if state supported groups with up to a hundred members like the Comment Crew and Hidden Lynx loom largest on the horizon, there should be no doubt that small teams like Icefog and others yet undiscovered are riding close in their wakes.
Dan Gifford – MCySec Media Manager