Category Archives: Cyber Espionage

This System Will Self Destruct: Crimeware Gets Powerful New Functions

Wikia

Researchers have discovered new capabilities in the BlackEnergy crimeware tool that significantly extend its reach. The ability to run on network devices, steal digital certificates, and render infected computers unbootable are just a few of new-found weapons in its arsenal.

BlackEnergy emerged as a tool for launching denial-of-service attacks. It later morphed into crimeware used to funnel banking credentials and most recently was observed as a refitted piece of software for espionage that targeted the North Atlantic Treaty Organization, Ukrainian and Polish government agencies, and a variety of sensitive European industries over the last year. In this last incarnation, BlackEnergy in some cases was installed by exploiting a previously unknown vulnerability in Microsoft Windows systems.

According to a report published Monday by security firm Kaspersky Labs, the breadth of BlackEnergy goes even further. A host of extensions customized for both Windows and Linux systems contain commands for carrying out DoS attacks, stealing passwords, scanning ports, logging IP sources, covertly taking screenshots, gaining persistent access to command and control channels, and destroying hard drives. Researchers Kurt Baumgartner and Maria Garnaeva also acquired a version that works on ARM- and MIPS-based systems and uncovered evidence BlackEnergy has infected networking devices manufactured by Cisco Systems. They are unsure precisely what the purpose is for some plugins, including one that gathers device instance IDs and other information on connected USB drives and another that collects details on the BIOS, motherboard, and processor of infected systems.

Read 3 remaining paragraphs | Comments

An Unprecedented Look at Stuxnet, the World’s First Digital Weapon

In an excerpt from her new book, “Countdown to Zero Day,” WIRED’s Kim Zetter describes the dark path the world’s first digital weapon took to reach its target in Iran.

The post An Unprecedented Look at Stuxnet, the World’s First Digital Weapon appeared first on WIRED.

How Attackers Can Use Radio Signals and Mobile Phones to Steal Protected Data

Radio-frequency hack developed by researchers in Israel would let attackers steal data remotely from even air-gapped computers not connected to the internet.

The post How Attackers Can Use Radio Signals and Mobile Phones to Steal Protected Data appeared first on WIRED.

White House Unclassified Network Hacked, Apparently by Russians

The unclassified network of the Executive Office of the President—the administrative network of the White House—was breached by attackers thought to be working for the Russian government, according to multiple reports. The Washington Post reported that an investigation is ongoing, and White House officials are not saying what data, if any, was stolen from the computers on the network. “We are still assessing the activity of concern,” an unnamed White House official told the Post.

According to the Post’s anonymous sources, the breach was discovered in early October after a friendly foreign government alerted US officials. The network’s virtual private network access was shut down, and some staff members were told to change passwords. “We took immediate measures to evaluate and mitigate the activity,” the Post’s source at the White House said. “Unfortunately, some of that resulted in the disruption of regular services to users. But people were on it and are dealing with it.”

This isn’t the first time attackers, apparently sponsored by a foreign state, have targeted the White House’s network. In 2008 and 2012, Chinese hackers penetrated the White House’s network. On the first occasion, the attackers gained access to the White House’s e-mail server; in 2012, a phishing attack against White House staffers gave attackers access to the network, though officials said no sensitive data was exposed.

Read 1 remaining paragraphs | Comments

Russia Reportedly Suspected In Hack Of White House Network

The breach of the unclassified network is thought to be a state-sponsored effort, and The Washington Post reports that Russia is considered the most likely culprit.

» E-Mail This

Call to Probe UK Firm Over ‘Spying’

The National Crime Agency is asked to investigate a British company for allegedly aiding the surveillance of Bahraini activists in the UK.

Suspected Russian “Sandworm” Cyber Spies Targeted NATO, Ukraine

A group of cyber spies targeted the North Atlantic Treaty Organization (NATO), Ukrainian and Polish government agencies, and a variety of sensitive European industries over the last year, in some cases using a previously unknown flaw in Windows systems to infiltrate targets, according to a research report released on Tuesday.

Dubbed “Sandworm” by iSIGHT Partners, the security consultancy that discovered the zero-day attack, the campaign is suspected to be Russian in origin based on technical details, the malware tools used, and the chosen targets, which also included government agencies in Europe and academics in the United States. If confirmed, the attack is an uncommon look into Russia’s cyber-espionage capabilities.

“We can confirm that NATO was hit; we know from several sources that multiple organizations in the Ukraine were targeted,” said John Hultquist, senior manager of cyber-espionage threat intelligence for iSIGHT. “We have seen them using Ukrainian infrastructure as part of their attacks.”

Read 10 remaining paragraphs | Comments

Russian ‘Sandworm’ Hack Has Been Spying on Foreign Governments for Years

A cyberespionage campaign believed to be based in Russia has been targeting government leaders and institutions for nearly five years, according to researchers with iSight Partners who have examined code used in the attacks. The campaign, dubbed “Sandworm” is believed to have been running since 2009, and used a wide-reaching zero-day exploit uncovered by the […]

The post Russian ‘Sandworm’ Hack Has Been Spying on Foreign Governments for Years appeared first on WIRED.

Bahraini Activists Hacked by Their Government Go After UK Spyware Maker

Human rights groups and technologists have long criticized Gamma International and the Italian firm Hacking Team for selling surveillance technology to repressive regimes, who use the tools to target political dissidents and human rights activists. Both companies say they sell their surveillance software only to law enforcement and intelligence agencies but that they won’t sell their software to every government. Gamma has, in fact, denied selling its tool to Bahrain, which has a long history of imprisoning and torturing political dissidents and human rights activists.

The post Bahraini Activists Hacked by Their Government Go After UK Spyware Maker appeared first on WIRED.

NSA May Have Undercover Operatives in Foreign Companies

As a much-anticipated documentary about NSA whistleblower Edward Snowden premiers in New York this evening, new revelations are being published simultaneously that expose more information about the NSA’s work to compromise computer networks and devices. Newly-brought-to-light documents leaked by Snowden discuss operations by the NSA working inside China, Germany and South Korea to help physically […]

The post NSA May Have Undercover Operatives in Foreign Companies appeared first on WIRED.

US Spy Programs May Break the Internet if Not Reformed, Google Leader Says

You own your data. And the government needs to start respecting that.

The post US Spy Programs May Break the Internet if Not Reformed, Google Leader Says appeared first on WIRED.

Maker of StealthGenie, an app used for spying, is indicted in Virginia- 29 September 2014

Leave a reply

29 September 2014- The Washington Post
Maker of StealthGenie, an app used for spying, is indicted in Virginia

Self-Destructing SSDs Will Nuke Themselves If You Text Them a Code Word- 30 September 2014

Leave a reply

30 September 2014- Gizmodo
Self-Destructing SSDs Will Nuke Themselves If You Text Them a Code Word

China hacked into Pentagon contractor networks ‘nine times’, US Senate finds- 17 September 2014

Leave a reply

17 September 2014- The Guardian
China Hacked into Pentagon Contractor Networks ‘Nine Times’, U.S. Senate Finds

U.S. Nuclear Regulator Hacked Three Times in Three Years- 19 August 2014

Leave a reply

19 August 2014- ThreatPost
U.S. Nuclear Regulator Hacked Three Times in Three Years

Popular Financial Trojan Citadel Gets a Makeover as a Corporate Spy- 17 September 2014

Leave a reply

17 September 2014- Ars Technica
Popular financial trojan Citadel gets a makeover as a corporate spy

Hackers Penetrated Systems of Key Defense Contractors- 18 September 2014

Leave a reply

18 September 2014- Help Net Security
Hackers penetrated systems of key defense contractors

US Naval Academy Works on Accrediting Cyber Major- 8 September 2014

Leave a reply

8 September 2014- The Washington Times
US Naval Academy Works on Accrediting Cyber major

FBI Says it Located the Silk Road by Exploiting an Error with the Server’s Login page- 6 September 2014

Leave a reply

6 September 2014- Engadget
FBI says it located the Silk Road by exploiting an error with the server’s login page

Stanford Will Teach You All About Mass Surveillance, on the Deep Web, for Free- 4 September 2014

Leave a reply

4 September 2014- Vice Motherboard
Stanford Will Teach You All About Mass Surveillance, on the Deep Web, for Free

MIIS CySec

Cyber Security Initiative at MIIS, a Graduate School of Middlebury College

Category Archives: Cyber Espionage

This System Will Self Destruct: Crimeware Gets Powerful New Functions

An Unprecedented Look at Stuxnet, the World’s First Digital Weapon

How Attackers Can Use Radio Signals and Mobile Phones to Steal Protected Data

White House Unclassified Network Hacked, Apparently by Russians

Russia Reportedly Suspected In Hack Of White House Network

Call to Probe UK Firm Over ‘Spying’

Suspected Russian “Sandworm” Cyber Spies Targeted NATO, Ukraine

Russian ‘Sandworm’ Hack Has Been Spying on Foreign Governments for Years

Bahraini Activists Hacked by Their Government Go After UK Spyware Maker

NSA May Have Undercover Operatives in Foreign Companies

US Spy Programs May Break the Internet if Not Reformed, Google Leader Says

Maker of StealthGenie, an app used for spying, is indicted in Virginia- 29 September 2014

29 September 2014- The Washington Post
Maker of StealthGenie, an app used for spying, is indicted in Virginia

Self-Destructing SSDs Will Nuke Themselves If You Text Them a Code Word- 30 September 2014

China hacked into Pentagon contractor networks ‘nine times’, US Senate finds- 17 September 2014

U.S. Nuclear Regulator Hacked Three Times in Three Years- 19 August 2014

Popular Financial Trojan Citadel Gets a Makeover as a Corporate Spy- 17 September 2014

Hackers Penetrated Systems of Key Defense Contractors- 18 September 2014

US Naval Academy Works on Accrediting Cyber Major- 8 September 2014

FBI Says it Located the Silk Road by Exploiting an Error with the Server’s Login page- 6 September 2014

Stanford Will Teach You All About Mass Surveillance, on the Deep Web, for Free- 4 September 2014

29 September 2014- The Washington Post Maker of StealthGenie, an app used for spying, is indicted in Virginia

29 September 2014- The Washington Post
Maker of StealthGenie, an app used for spying, is indicted in Virginia