Working with McAfee Vulnerability dark national cyber security of the RAT
2011 and the Black Hat hacker conference this week, security vendor McAfee Inc., the attacks described above can compromise the analysis has identified as the most comprehensive information and detail about the revelation, published U.S. national security and other countries.
McAfee about 72 appointed a research effort that led to the identification Currently, dealer safety, the operation was Shady RAT parties, all entries on the state of U.S.
Recordings and take legal attacks on the security company since mid-2006, the population suffers from the scope and duration of the violation of a command and control used by attackers to access the server is started before the attack, although not open.
"I am (or soon will be) an important and valuable intellectual property and trade secrets has been committed and I am sure that all companies in every sector imaginable," Dmitri Alperovitch, research vice president of McAfee Labs threaten " In fact, those who know the danger. Two categories of Fortune Global 2000 split, and we do not know the number yet,”
UN report, a multinational Fortune 100 and national Olympic team are a wide variety of organizations, including victims, he said. Alperovitch report that a number of attacks by attacking the server looks at the records and said the organization "in the thousands."
Intrusions report, there was a fairly standard procedure with an abuser is usually the target for the organization of a spear phishing message is sent to a privileged insider who has access to a reliable, he said. For an unpatched system is on, it starts a download of malicious software, and implants. Malware can also access the Live server back door attackers infected the machine with the command and control provides a communication channel.
Such attacks in February, was acquired by Intel Corp., McAfee, at least the last five years, according to the surveys were uninterrupted. And motivation is not financial at the time, at least not to enjoy, such as computer crime, a "hunger for mystery and the intellectual property," he said.
McAfee closely guarded secret and confidential information of national plans and re-negotiate the details of the supply of oil and gas SCADA system configurations, including programs for the past five years, said the design has been compromised and many other sensitive information.
The report, missing only a major economic threat to individual companies and industry ... while "Some of the best competitor or a landmark agreement to create products that are used to explain the defeat of a rival, but an entire country." national security of these countries is very important and can be shocked the loss of top secret intelligence and defense.
The targeted countries and the attackers can attack the United States Canada , South Korea , Taiwan , Japan , Switzerland , United Kingdom , Indonesia , Vietnam , Denmark , Singapore , and Hong Kong, including Germany and India
But Graham Cluley, senior consultant at Sophos PLC security provider, questioned the relevance of the results of McAfee.
"To be honest, we have an interest in computer security for the McAfee report, there is nothing particularly surprising," Cluley wrote a blog on Wednesday. "What the report does not explain exactly what information was stolen from private organizations, each company the number of teams have been affected."
A player or group of intrusions carried out in this report as a specific operation, who does not want to point fingers Alperovitch tried to clarify. Behind the attacks "has no convincing evidence," he said, "then we can only speculate," he said.
"This can be changed easily go play ... and may have the potential for more dangerous activities," said Alperovitch.
"It's almost stolen the economies of many countries, no useful or interesting is a value that is exempt from the danger of organizations in all industries and sectors that affect not only large-scale problem," the report said.
No comments:
Post a Comment