Wednesday, August 24, 2016

Stuxnet has offspring all over the place


It seems Stuxnet and Duqu, the (in)famous cyber-spying programs, have given birth to multiple descendants, all far more sophisticated and far harder to detect than their ancestor.  They include packages such as Gauss, Duqu 2.0, Regin and others. Strategy Page reports:

Yet another high-end spyware system was recently discovered. This one has been called Sauron and it is very difficult to detect because it is designed that way. So far Sauron has been found in over 30 government networks in China, Rwanda, Russia, Iran and Belgium. Sauron spends most of its time monitoring the system it is in for specific types of information (like passwords, decryption keys and similar useful stuff.) Sauron can deliver its information via the Internet or by hiding in USB drives that are available. Internet security experts are hard at work trying to find out how to more easily detect that a system has been infected by Sauron and who created it and controls it.

High-end malware like this began showing up (or was first discovered) in 2009. In 2012 American and Israeli officials admitted that the industrial grade Cyber War weapons (like Stuxnet and several others) used against Iran recently were indeed joint U.S.-Israel operation. Few other details were released, although many more rumors have since circulated. Initially it was thought high-end malware might be created and used by existing Internet criminal gangs. East European programmers are suspected of being capable of this sort of thing and Russia appears to have commissioned some “royal” software using East European mercenaries. But as time goes on, and more is known about how this very complex and efficient malware is designed and built it becomes obvious that a government operation is the most likely source.

. . .

Despite all the secrecy, this stuff is very real and the pros are impressed by Stuxnet-type systems, even if the rest of us have not got much of a clue. The demonstrated capabilities of these Cyber War weapons usher in a new age in Internet based warfare. Amateur hour is over and the big dogs are in play. The Cyber War offensive by the U.S. and Israel appears to have been underway for years, using their stealth to remain hidden. There are probably more than three of these stealthy Cyber War applications in use and most of us will never hear about it until, and if, other such programs are discovered and their presence made public.

There's much more at the link.

We hear a great deal in the news media about computer malware and state-sponsored hacking by China, Russia and some other places, but there seems to be very little mention of the fact that the USA appears to be up to its neck in the same activities, using software such as that described above.  One does wonder who really hacked those DNC e-mails, and the Clinton Foundation . . .

Peter

6 comments:

Rev. Paul said...

"One does wonder who really hacked those DNC e-mails, and the Clinton Foundation . . ."

Given the information presented here, the answer is, "Anyone who wanted to."

Anonymous said...

Oh yes, Clinton if she gets in will have the NSA with more dirt on her than J. Edgar Hoover dreamt of.

Old NFO said...

My vote is the NSA... Just sayin... :-)

Anonymous said...

And people wonder why we want Open hardware with Open software.

kamas716 said...

I'm pretty sure every country with a programmer has probably tried hacking the DNC, GOP, and every other big corporation or government entity. More than one has likely been successful at any given time and is just keeping its mouth shut. Why advertise what you've done if you want to keep doing it?

Toastrider said...

I ran across a particularly nasty 'hack' alert a couple days ago -- a USB drive that basically tells your computer 'I'm not a USB drive, I'm a keyboard' -- and can be configured to dump a payload right into a computer it's connected to.

There's a reason security-conscious entities get mighty twitchy about flash drives...