Tuesday, October 14, 2014

As if it were a novel

"No Place to Hide" is the latest book by Glenn Greenwald. It exposes NSA’s surveillance tactics supported on Snowden’s revelations. Yesterday by chance we brought to you an interview to this former NSA consultant where he reported on the dangers of services commonly used like Dropbox. And today such cloud service is on the spotlight again.

Dropbox has been hacked. Well, actually it seems that the problem does not come directly from the company itself, but from users who use the same password for multiple services. Pastebin and Reddit are a boiling pot due to ongoing publication of emails and passwords by cybercriminals who claim to have up to 7 million accounts.

On the one hand, we have users sharing passwords between different services. On the other hand, third party applications that allow you to "get to the kitchen", as it happened with the leak of 100.000 Snapchat intimate images, many of which from under age people. SnapSaved, a client developed by third parties, seems to have been the attack’s vector.

The wonderful job done by iSIGHT Partners along with Microsoft, F-Secure and ESET, has been useful to discover and patch one 0-day affecting all Windows and Windows Server 2008 and 2012 versions. It appears to have been used by a Russian intelligence group since 2013 to attack European governments, telcos, American educational institutions, the NATO and Ukrainian organizations. They used PowerPoint files to infect them via different tools, most notably Black Energy, a well-known bank fraud suite.

Who is behind these attacks? Although intelligence agencies have doubts, the truth is that most of the attackers come from cybercrime industry, which according to EUROPOL is led by only 100 brains. A small elite group who designs campaigns and even develops the proper technology to conduct such attacks. They hide under different countries’ law systems, and therefore, are more complex to hunt.

Curiously, while some people raise digital walls to protect themselves, others design weapons to destroy such barriers. One of the most essential variables to measure efficiency of military strikes is the Battle Damage Assessment (BDA). They were born in the World War II due to the advent of bombers. How to know if an attack had taken effect, and if so, update information about the target? In Cyberwar, the deploy of digital BDA is clearly necessary to monitor victims in order to know their status before and after an attack, using strategies ranging from industrial espionage tool, to APTs, open source analysis, connected hardware search engines and even infected nodes on the communication chain of victim’s system.

After a hard work day, what's better than lying on the couch at home and read a novel? Especially if its topic is so attractive as this collection of novels related to computer security. There is something for everyone, so relax and enjoy :)


Post a Comment