Beware of the Militarization of Cyberspace

In the recent months a numerous number of Hacking campaigns have been uncovered by security firms. In many cases, they have been attributed to state-sponsored hackers. Groups of hackers belonging to cyber units of several governments used sophisticated malicious code and hacking platforms to compromise computer networks worldwide. Private companies, government entities, critical infrastructure and citizens are all potential targets.The overall activities of government entities in cyberspace are generally described as the “militarization of the cyberspace.” Governments are investing significant resources to improve their cyber capabilities, creating ‘cyber armies’ to defend attacks from cyber space. The debate about cyber weapons intensified after the discovery of the Stuxnet malware in 2010. Stuxnet was used by western entities to interfere with the Iranian nuclear program by sabotaging the centrifuges at the Natanz nuclear plant. A few months after the detection of Stuxnet, other malware was discovered - Flame and Duqu are two other high-profile cyber espionage tools that were used by state-sponsored actors.Even when state sponsored, malware is discovered by security firms the vulnerabilities it exploits are targeted by attackers for a long time, causing serious damage to unpatched systems. Consider the Stuxnet virus - its code exploited the Windows Shell in Microsoft Windows XP systems, coded as CVE-2010-2568 and patched four years ago. Unfortunately, the vulnerability is still being used in cyberattacks targeting millions of computers worldwide.Malware researchers at Kaspersky Lab discovered that between November 2013 and June 2014, the same Windows Shell vulnerability was exploited 50 million times in attacks against nearly 19 million machines all over the world. In late 2013 Kaspersky Lab’s Global Research & Analysis Team started a new investigation after several attacks hit the computer networks of various diplomatic service agencies. The attacks were part of a large-scale cyber-espionage operation dubbed “Red October,” inspired by the famous novel and movie “The Hunt For Red October”. The campaign acquired sensitive information from diplomatic, governmental and scientific research organizations in many countries, spanning Eastern Europe, the former USSR and Central Asia. The malware and control infrastructure used in the attacks was highly sophisticated, which may indicate government involvement. In March 2014 researchers at BAE Systems Applied Intelligence unearthed a cyber espionage campaign codenamed “Snake” that targeted governments and military networks. “Snake” had remained undetected for at least eight years.Many other campaigns have been attributed to state-sponsored hackers. These are typically characterized by the nature of the targets, the level of sophistication and the duration of the attacks, which often take years to discover.The U.S., Israel, Russia and China are considered the most advanced countries in cyber space, with their experts able to develop malware that could hit foreign networks and exfiltrated data in a covert way. They can also manage hacking campaigns that compromise their opponents’ infrastructures.In many cases governments run operations concurrently with conventional attacks. Covert cyberattacks, for example, were blamed on Russia during its 2008 war with Georgia. The finger of suspicion was also pointed at Moscow over cyber offensives during the recent crisis in the Crimean peninsula.European governments are also investing in malware development. Malicious code R2D2 (also known as “0zapftis” or “Bundestrojaner”) is an example of efforts by the German police and customs officials to spy on users and exfiltrated data from their PCs. In March Mikko Hyppönen, chief research officer of security specialist F-Secure told  the TrustyCon conference in San Francisco that almost every government is making an effort to improve its cyber capabilities. Most of the hacking campaigns conducted by governments make use of highly sophisticated malware to compromise their targets - in many cases the code is designed to exploit zero-day vulnerabilities in the target’s infrastructure. This malware, however, could easily go out of control. In another scenario, a “threat actor” could reverse engineer the source code and spread it “in the wild.” Cyber criminals, cyber terrorists and state sponsored hackers could enhance the malware and hit targets in an unpredictable way, making it difficult to identify the attack’s source.The availability of government-built malware is also having a significant impact on the criminal underground - the main customers for zero-day exploits and malware coding services are governments. Some security experts, for example, believe that two different Ukraine-based malware factories were behind Stuxnet’s coding, acting like “sub-contractors” for the U.S. and Israeli Governments.Some experts have argued that computer security companies may not prevent the spread of government-built malware in exchange for government favors.The suspicion that security firms have “whitelisted” state-sponsored malware is certainly disconcerting - a policy like this would represent a serious menace to the overall Internet community. It also opens the door to a scary scenario in which a cyber weapon could run out of control.Similar to nuclear armaments, the use of state-sponsored malware needs to be regulated by a legal framework and accepted on a global scale, establishing the rules of engagement. Be aware, however - we are all nodes of a global network, and whoever controls this network will control the world. Governments will continue to focus their research on the development of new cyber weapons, including sophisticated malware that in the wrong hands could be a dangerous menace.Fox news http://ow.ly/KIN5F
« Metadata Will Kill Your Privacy
Europe’s Data Privacy Laws Annoy US Tech Companies »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (Manusec) is a global series of summits focusing on Cyber Security for Critical Manufacturing Sectors.

Cloudmark

Cloudmark

Cloudmark is a trusted leader in intelligent threat protection against known and future attacks, safeguarding 12 percent of the world’s inboxes from wide-scale and targeted email threats.

DG Technology

DG Technology

DG Technology is a customer-centric technology expert and business consultant that delivers services and products to minimize your information security, compliance, and business risks.

Exeon Analytics

Exeon Analytics

Exeon Analytics is a Swiss cyber security company that is specialized in detecting hidden data breaches and advanced cyber attacks.

Cyemptive Technologies

Cyemptive Technologies

Cyemptive's CyberSlice technology preempts and remove threats before they take hold, in seconds, compared to other’s hours, days, weeks and even months.

Cyber Pop-Up

Cyber Pop-Up

Cyber Pop-Up provide on-demand access to top security experts. No recruiting. No onboarding. No overhead costs.

Veratad Technologies

Veratad Technologies

Veratad Technologies, LLC is a world class provider of online/real-time Identity Verification, Age Verification, Fraud Prevention and Compliance Solutions.

Tego Cyber

Tego Cyber

Tego Cyber delivers a state-of-the-art threat intelligence platform that helps enterprises deploy the proper resolution to an identified threat before the enterprise is compromised.

TotalAV

TotalAV

TotalAV Antivirus is a free-to-use app packed with all the essential features to find and remove malware, keeping you safe.

Rimstorm

Rimstorm

Rimstorm’s mission is to significantly improve the security of your data using award-winning, state-of-the-art technology combined with cyber managed security services.

Apex Systems

Apex Systems

Apex Systems is a world-class technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients’ digital visions.

Resilience Cyber insurance

Resilience Cyber insurance

Resilience helps to improve cyber resilience by connecting cyber insurance coverage with advanced cybersecurity visibility and a shared plan to reinforce great cyber hygiene.

Redefine

Redefine

Redefine are Crypto-Native, Cyber Experts, and Blockchain Believers. We are here to make Web3 anti-fragile, safe and accessible to all.

QFunction

QFunction

QFunction works within your existing security stack to detect anomalies and threats within your data.

AKIPS

AKIPS

AKIPS develops the world's most scalable network and infrastructure monitoring software, delivered as a turn-key software appliance.

Centum Digital

Centum Digital

Centum Digital provide services, products and solutions specialized in communications engineering, control and signal intelligence.