Cyber Espionage

"Kaspersky Security Bulletin" talks about Cyber-espionage or "hacktivism" and naton-state cyberattacks, apart from legal surveillance, cloud based network attacks, cyber extortion of individuals and companies. The mobile malware will start shaping the digital security landscape in the forthcoming years painting a different picture. This apart there is a surge in fake security certificates, coupled with skillfully coded malware fostering the nationally authorized cyber attacks leading to a cold cyber war across developed countries. Cyberespionage perpetrators are people with excellent technical skills and psychological understanding of human behavior capable of manipulating their targets within an organization, since the universal statement is people are always the weakest security link.

As understood, the prime targets could be the critical infrastructure like the energy supply facilities, transportation controls, financial systems, telecommunications etc which has a direct impact on the economy of the country.  Security company FireEye declares in its blog that it has collected evidences of a cyber espionage campaign, named "Sanny", attributable to Korea.  No country is  in a situation to say that it absorbs absolute protection.  According to FireEye, the malicious MS Word document sample that kicked off investigation was 338d0b855421867732e05399a2d56670 with a exploit. FireEye clarifies that the behavior of the exploit was fairly standard and follows protocol by droping an executable, which drops another .EXE and two .DLLs, and  creates multiple components that aggravate AV detection and cleanup. FireEye named the malware “Sanny” after one of the identified email addresses (jbaksanny AT yahoo.com) used by the attacker. The flame, gauss and shamoon (or Disstrack) viruses are only some of the latest examples of sophisticated cyber-attacks developed to gain access to the region’s confidential and economic data.

Spear fishing

Spear fishing is targeted. Kevin McAleavey, cofounder and chief architect of the KNOS Project, said executives tend to be spear fished through sophisticated emails with Zero day vulnerabilities, due to their direct access to specific material,and this goes undetected. Lucian Constantin in his report says that The recent cyberattack which infected Israeli police computers with malware was a year-long planned cyberespionage operation with targets in Israel and the Palestinian territories. The malware delivered was a remote access Trojan (RAT) program called Xtreme RAT presented in an archive attached to a spoofed email claiming to be from Benny Gantz, the chief of general staff of the Israel Defense Forces says Lucian.

Cyber Economics

Cyber Economics comes into play, where, there is a growing public demand on the Malware and sophisticated worms on the one side and a small set of developers producing it on the other side.  It is evident that the demand for sophisticated malware is in the raise with the nation-countries on end and the manufacturing units are spread over multiple  locations.  This unique economic situation has exercised a lot of pressure on the security industry to hunt for talent. 

Ray Boisvert, former assistant director of intelligence for the Canadian Security Intelligence Service, says that Not acting leaves us vulnerable to a complete loss of our economic and commercial advantages, not to mention our sovereignty. Wishing it away is not an option.

Countries are in a situation where they need to recalibrate their electronic defense mechanisms to handle this alarming threat. Numerous countries in the world along with Middle east have been victims of advanced malware by hacktivist groups like “anonymous”, “luzlsec “and the “cutting sword of Justice”. to address these borderless and anonymous threats, governments need to accelerate efforts to educate and train their workforce to deter leaks and combat hackers’ ability to collect state secrets.
--
BM