blame game for cyber attacks grows murkier
Last Updated : GMT 06:49:16
Arab Today, arab today
Arab Today, arab today
Last Updated : GMT 06:49:16
Arab Today, arab today

Blame game for cyber attacks grows murkier

Arab Today, arab today

Arab Today, arab today Blame game for cyber attacks grows murkier

man types on a computer keyboard in front of the displayed cyber code in this illustration picture
Tallinn (Estonia) - Arab today

 Veteran espionage researcher Jon DiMaggio was hot on the trail three months ago of what on the face of it looked like a menacing new industrial espionage attack by Russian cyber spies.

All the hallmarks were there: targeted phishing emails common to government espionage, an advanced Trojan horse for stealing data from inside organisations, covert communication channels for grabbing documents and clues in the programming code indicating its authors were Russian speakers. 

It took weeks before the lead cyber spying investigator at Symantec, a top U.S. computer security firm, figured out instead he was tracking a lone-wolf cyber criminal.

DiMaggio won't identify the name of the culprit, whom he has nicknamed Igor, saying the case is a run-of-the-mill example of increasing difficulties in separating national spy agency activity from cyber crime

The hacker comes from Transdniestria, a disputed, Russian-speaking region of Moldova, he said.

"The malware in question, Trojan.Bachosens, was so advanced that Symantec analysts initially thought they were looking at the work of nation-state actors," DiMaggio told Reuters in a phone interview on Wednesday. "Further investigation revealed a 2017 equivalent of the hobbyist hackers of the 1990s."

Reuters could not contact the alleged hacker.

The example highlights the dangers of jumping to conclusions in the murky world of cyber attack and defence, as tools once only available to government intelligence services find their way into the computer criminal underground.

Security experts refer to this as "the attribution problem", using technical evidence to assign blame for cyber attacks in order to take appropriate legal and political responses.

These questions echo through the debate over whether Russia used cyber attacks to influence last year's U.S. presidential elections and whether Moscow may be attempting to disrupt national elections taking place in coming months across Europe.

The topic is a big talking point for military officials and private security researchers at the International Conference on Cyber Conflict in Tallin this week. It has been held each year since Estonia was swamped in 2007 by cyber attacks that took down government, financial and media websites amid a dispute with Russia. Attribution for those attacks remains disputed.

"Attribution is almost never a clean, smoking-gun," said Paul Vixie, creator of the first commercial anti-spam service, whose latest firm, Farsight Security, helps firms track down cyber attackers to identify and block them.

Raising the stakes, a mystery group calling itself ShadowBrokers has taken credit for leaking cyber-spying tools that are now being turned to criminal use, including ones used in the recent WannaCry global ransomware attack, ratcheting up cyber security threats to a whole new level.

In recent weeks, ShadowBrokers has threatened to sell more such tools, believed to have been stolen from the U.S. National Security Agency, to enable hacking into the world's most used computers, software and phones.

"The bar for what's considered advanced is lowered as time goes by," said Sean Sullivan, a security researcher with Finnish cyber firm F-Secure.

The Moldovan hacker's campaign to steal data and resell it on the web came to light only after infections popped up last year at a major airline, an online gambling firm and a Chinese automotive software maker, which are all customers of Symantec products used to secure their business networks.

Igor appears to have targeted the auto-tech company to steal its car diagnostics software, which retails for around $1,100 but Igor sold for just a few hundred dollars on underground forums and websites he had created. His aims in trying to break into the airline and gambling firm remain a mystery.

"Considering the audacity of this attack, the financial rewards for Igor are pretty low,” DiMaggio wrote in a blog post on his findings to be published on Wednesday.

As a threat, Symantec rates Trojan.Bachosens as a very low risk virus, in part because the attack singles out only a handful of specific firms rather than the wide-ranging, random attacks used by many cyber criminals to scoop up the greatest number of victims.

"I think those days are over when we can say in black and white: We know this is an espionage group," DiMaggio said.

The Symantec researcher has not reported Igor to local authorities, calculating that exposing the methods of the attack will be enough to neutralise them.

Source: Timesofoman

 

 

arabstoday
arabstoday

Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

blame game for cyber attacks grows murkier blame game for cyber attacks grows murkier

 



Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

blame game for cyber attacks grows murkier blame game for cyber attacks grows murkier

 



GMT 23:45 2017 Tuesday ,17 October

Kerry calls for Syrian, Arab ground troops against IS

GMT 03:38 2017 Wednesday ,22 March

Somalia's new president names 26-minister cabinet

GMT 19:39 2017 Wednesday ,18 October

Gatland eyes New Zealand rugby jobs after Wales

GMT 12:08 2017 Saturday ,16 September

Dutch 360-degree beachfront painting gets public facelift

GMT 05:16 2016 Wednesday ,15 June

Scientists use underwater robots

GMT 02:41 2017 Sunday ,16 April

Pentagon confirms DPRK missile launch fails

GMT 18:00 2011 Thursday ,12 May

Attack on Celtic manager sparks inquiry

GMT 10:40 2017 Saturday ,30 September

Trump says to decide Fed chair in 2, 3 weeks

GMT 01:10 2017 Monday ,10 July

Islamic social media to be launched by year end

GMT 13:17 2016 Monday ,08 February

Russia shuts down 2 more banks

GMT 07:19 2017 Sunday ,31 December

Nepal bans solo climbers from Everest

GMT 10:48 2014 Saturday ,22 March

Parata launches new digital education portal

GMT 17:47 2017 Tuesday ,18 April

Saudi Shoura member in favor of women driving

GMT 19:07 2011 Tuesday ,19 April

Electric cars: night-time charging better

GMT 19:48 2017 Wednesday ,01 March

5 facebook accounts closed over provocative posts

GMT 22:42 2017 Sunday ,08 January

UAE’s first nuclear plant is 75 per cent complete

GMT 11:11 2017 Friday ,25 August

Bahrain-Korea ties praised

GMT 09:04 2017 Thursday ,23 March

Qatari Chief Justice Meets Turkish Official

GMT 04:43 2017 Tuesday ,04 April

‘Baby’ beats ‘Beauty’ in box-office battle

GMT 06:33 2017 Monday ,20 February

Participates in a workshop on Babylon

GMT 13:43 2017 Monday ,01 May

Survivor of Oman bus crash recalls ordeal

GMT 13:22 2017 Thursday ,16 March

Two Russian spies indicted in massive Yahoo hack
Arab Today, arab today
 
 Arab Today Facebook,arab today facebook  Arab Today Twitter,arab today twitter Arab Today Rss,arab today rss  Arab Today Youtube,arab today youtube  Arab Today Youtube,arab today youtube

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

arabstoday arabstoday arabstoday arabstoday
arabstoday arabstoday arabstoday
arabstoday
بناية النخيل - رأس النبع _ خلف السفارة الفرنسية _بيروت - لبنان
arabstoday, Arabstoday, Arabstoday