Beware of the Militarization of Cyberspace

In the recent months a numerous number of Hacking campaigns have been uncovered by security firms. In many cases, they have been attributed to state-sponsored hackers. Groups of hackers belonging to cyber units of several governments used sophisticated malicious code and hacking platforms to compromise computer networks worldwide. Private companies, government entities, critical infrastructure and citizens are all potential targets.The overall activities of government entities in cyberspace are generally described as the “militarization of the cyberspace.” Governments are investing significant resources to improve their cyber capabilities, creating ‘cyber armies’ to defend attacks from cyber space. The debate about cyber weapons intensified after the discovery of the Stuxnet malware in 2010. Stuxnet was used by western entities to interfere with the Iranian nuclear program by sabotaging the centrifuges at the Natanz nuclear plant. A few months after the detection of Stuxnet, other malware was discovered - Flame and Duqu are two other high-profile cyber espionage tools that were used by state-sponsored actors.Even when state sponsored, malware is discovered by security firms the vulnerabilities it exploits are targeted by attackers for a long time, causing serious damage to unpatched systems. Consider the Stuxnet virus - its code exploited the Windows Shell in Microsoft Windows XP systems, coded as CVE-2010-2568 and patched four years ago. Unfortunately, the vulnerability is still being used in cyberattacks targeting millions of computers worldwide.Malware researchers at Kaspersky Lab discovered that between November 2013 and June 2014, the same Windows Shell vulnerability was exploited 50 million times in attacks against nearly 19 million machines all over the world. In late 2013 Kaspersky Lab’s Global Research & Analysis Team started a new investigation after several attacks hit the computer networks of various diplomatic service agencies. The attacks were part of a large-scale cyber-espionage operation dubbed “Red October,” inspired by the famous novel and movie “The Hunt For Red October”. The campaign acquired sensitive information from diplomatic, governmental and scientific research organizations in many countries, spanning Eastern Europe, the former USSR and Central Asia. The malware and control infrastructure used in the attacks was highly sophisticated, which may indicate government involvement. In March 2014 researchers at BAE Systems Applied Intelligence unearthed a cyber espionage campaign codenamed “Snake” that targeted governments and military networks. “Snake” had remained undetected for at least eight years.Many other campaigns have been attributed to state-sponsored hackers. These are typically characterized by the nature of the targets, the level of sophistication and the duration of the attacks, which often take years to discover.The U.S., Israel, Russia and China are considered the most advanced countries in cyber space, with their experts able to develop malware that could hit foreign networks and exfiltrated data in a covert way. They can also manage hacking campaigns that compromise their opponents’ infrastructures.In many cases governments run operations concurrently with conventional attacks. Covert cyberattacks, for example, were blamed on Russia during its 2008 war with Georgia. The finger of suspicion was also pointed at Moscow over cyber offensives during the recent crisis in the Crimean peninsula.European governments are also investing in malware development. Malicious code R2D2 (also known as “0zapftis” or “Bundestrojaner”) is an example of efforts by the German police and customs officials to spy on users and exfiltrated data from their PCs. In March Mikko Hyppönen, chief research officer of security specialist F-Secure told  the TrustyCon conference in San Francisco that almost every government is making an effort to improve its cyber capabilities. Most of the hacking campaigns conducted by governments make use of highly sophisticated malware to compromise their targets - in many cases the code is designed to exploit zero-day vulnerabilities in the target’s infrastructure. This malware, however, could easily go out of control. In another scenario, a “threat actor” could reverse engineer the source code and spread it “in the wild.” Cyber criminals, cyber terrorists and state sponsored hackers could enhance the malware and hit targets in an unpredictable way, making it difficult to identify the attack’s source.The availability of government-built malware is also having a significant impact on the criminal underground - the main customers for zero-day exploits and malware coding services are governments. Some security experts, for example, believe that two different Ukraine-based malware factories were behind Stuxnet’s coding, acting like “sub-contractors” for the U.S. and Israeli Governments.Some experts have argued that computer security companies may not prevent the spread of government-built malware in exchange for government favors.The suspicion that security firms have “whitelisted” state-sponsored malware is certainly disconcerting - a policy like this would represent a serious menace to the overall Internet community. It also opens the door to a scary scenario in which a cyber weapon could run out of control.Similar to nuclear armaments, the use of state-sponsored malware needs to be regulated by a legal framework and accepted on a global scale, establishing the rules of engagement. Be aware, however - we are all nodes of a global network, and whoever controls this network will control the world. Governments will continue to focus their research on the development of new cyber weapons, including sophisticated malware that in the wrong hands could be a dangerous menace.Fox news http://ow.ly/KIN5F
« Metadata Will Kill Your Privacy
Europe’s Data Privacy Laws Annoy US Tech Companies »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Nixon Peabody LLP

Nixon Peabody LLP

Nixon Peabody LLP is an international law firm with offices across the USA, Europe and Asia. Practice areas include Data Privacy and Cyber Security.

Ivanti

Ivanti

Ivanti provide user-centered IT solutions designed to increase user productivity while reducing IT security risk.

ISGroup (Information Security Group)

ISGroup (Information Security Group)

ISGroup services include network penetration testing, Web application penetration testing, ethical hacking, vulnerability assessments, code review and associated training.

SafeBreach

SafeBreach

SafeBreach's platform simulates hacker breach methods across the entire kill chain to identify breach scenarios in your environment before an attacker does.

Zix

Zix

Zix offers secure email encryption, threat protection, archiving, DLP and BYOD security for hospitals, financial services, government, and more.

Seltek Technology Solutions

Seltek Technology Solutions

Seltek provides Digital Forensics, eDiscovery, Cybersecurity Assessments and IT Support services.

totemo

totemo

Totemo offers solutions for the secure exchange of business information.

IPN (ICT Research Platform Nederlands)

IPN (ICT Research Platform Nederlands)

IPN promotes academic research and education in the ICT field by building and maintaining a national community, and by developing policy to advance the field. Areas of focus include Cyber Security.

NGS (UK)

NGS (UK)

NGS (UK) Ltd are independent, vendor agnostic, next generation security trusted advisors, providing all-encompassing solutions from the perimeter to the endpoint.

Black Hills Information Security (BHIS)

Black Hills Information Security (BHIS)

Black Hills Information Security provide security testing and vulnerability assessment services.

Riskaware

Riskaware

CyberAware, by Riskaware, provides business-critical cyber attack analysis and impact assessments using NIST standards aligned with NCSC guidance.

SecureAge Technology

SecureAge Technology

We’re a rapidly growing cybersecurity company with an 18-year history of ZERO Data breaches. Our security solutions place security and usability on equal footing. Learn more about our technology.

Readynez

Readynez

Readynez is the digital skills concierge service that helps you ensure your workforce has the tech skills and resources needed to stay ahead of the digital curve.

Zenzero

Zenzero

Zenzero simplifies technology adoption and supports our customers through managed and outsourced IT support.

Aim Security

Aim Security

Aim empowers enterprises to unlock the full potential of GenAI technology without compromising security. GenAI makes business better - Aim makes GenAI secure.

Infosec Ventures

Infosec Ventures

Infosec Ventures incubates and scales cyber security innovators that solve inefficiencies in cyber security.