[ISN] The Globalization Of Cyberespionage

From: InfoSec News <alerts_at_private>
Date: Tue, 13 Nov 2012 04:07:18 -0600 (CST)
http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/240115353/the-globalization-of-cyberespionage.html

By Kelly Jackson Higgins
Dark Reading
Nov 12, 2012

A recently discovered targeted cyberespionage campaign targeting Israeli 
and Palestinian organizations in operation for more than a year serves 
as chilling evidence that cyberspying is a global phenomenon and no 
longer mostly the domain of massive nation-states like China.

While much of the attention has been trained on China as the source of 
cyberespionage, the discovery of this latest operation highlights just 
how popular and easy it has become to execute cyberspying. Thanks to 
ease of access and use of remote access Trojan (RAT) tools and 
reliability of social engineering, you don't need nation-state backing 
to conduct these types of targeted attacks. RATs traditionally had been 
associated with Chinese-based attackers, but that conventional wisdom is 
shifting as other nations and politically motivated attackers move to 
cyberspying via these tools to more efficiently gather intelligence on 
their marks.

Researchers at Norman Security today revealed that they recently 
analyzed malware used in phishing emails targeting Israeli and 
Palestinian targets and found that attackers used malware based on the 
widely available Xtreme RAT crimeware kit. The attacks, which first hit 
Palestinian targets, this year began going after Israeli targets, 
including Israeli law enforcement agencies and embassies around the 
world. Norman says the same attacker is behind the attacks because the 
attacks use the same command-and-control (C&C) infrastructure, as well 
as the same phony digital certificates.

This attack campaign just scratches the surface of the breadth and 
spread of these types of attacks around the world as more players have 
been turning to cyberspying. "We're just seeing the tip of the iceberg," 
says Einar Oftedal, deputy CTO at Norman.

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org 
Received on Tue Nov 13 2012 - 02:07:18 PST

This archive was generated by hypermail 2.2.0 : Tue Nov 13 2012 - 02:23:08 PST