sábado, 1 de novembro de 2014

Russia May Be Gathering Intelligence with Malware

A New Report by California-Based Cyber Security Firm, Fire Eye, Says that, a Well Known Group of Malware, May Have been Developed and Deployed by the Russian Government to Collect Sensitive Intelligence on Militaries, Governments and Other Groups of Interest to Russia. The Report, Released on Tuesday, Notes that, the Malware Group is already Well Known within the Cyber Security Community -- and that, it Differs from Other Malware in that, it Doesn't Target Financial Information or Intellectual Property (IP) that May be Useful to a Private Citizen Who Wants to Turn a Profit. Instead, the Malware Targets Intelligence on Defense and Geopolitical Issues of Various Groups which Russia has an Interest in: Several Defense and Internal Affairs Ministries in Georgia, Neighboring Countries including Poland and Hungary and Western Security Organizations including NATO and OSCE.


Fire Eye Says that, through its Threat Assessment, it has Determined Several Factors Aside from the Type of Information Targeted that Would Indicate a Russian Government Origin. The Malware Typically has a Default Language Setting of Russian and it is Developed during Working Hours in Moscow and St. Petersburg. "While we don't have pictures of a building, personas to reveal, or a government agency to name", the Firm Said in its Threat Report, "what we do have is evidence of long-standing, focused operations that indicate a government sponsor - specifically, a government based in Moscow". Earlier this Month, a Report by Another Security Firm, Detailed How Russia Used a Windows Zero-Day Exploit in a Similar Manner, to Spy on Organizations including NATO, the Ukrainian Government and Various European Telecom Companies.


As with this Group of Malware, the Windows Zero-Day Exploit, Targeted Only Information which Would be Useful to the Russian Government and Originated from Major Russian Cities. The Russian Government has also Received Significant Flak for its Approach to Technology and Cyber Security in the Past, including Passing a Bill which Would Require Personal Data of Russian Citizens to be Stored on Servers within the Country and Whipping Major Companies like Google, Twitter and Facebook to Comply with the Laws or Face a Nationwide Ban.




Info Sources:

http://www.fireeye.com/resources/pdfs/apt28.pdf

http://www.fireeye.com/blog/technical/2014/10/apt28-a-window-into-russias-cyber-espionage-operations.html



0 comentários:

Enviar um comentário