Friday, June 15, 2018

3 of the big ones

Russia, the United States and North Korea, three of the countries which are on our screens every day. They are currently three of the world powers that occupy the front pages in all the newspapers of the world in economic, social and political topics, and not precisely because of their good relationship. Tension is felt on the air and it would not be less in cybersecurity terms. ¿Are we going to abandon traditional war in order to initiate a cyberwar? The first steps are already taking place...

The relationships between Russia, The United States and North Korea regarding cybersecurity, are hidden. Invisible and suspicious attacks, and not a clear attacker, these are the characteristics that set this week’s actuality.

Recently, The U.S. has imposed sanctions on five Russian organizations and three individuals, the latest move by the Trump administration in response to Russian cyberattacks. The Trump administration has taken measures and quoted the ‘destabilizing cyber activities’ of Russia: The NotPetya cyberattack, intrusions against the US energetic grid.. Global compromises of routers and switches and its tracing of undersea communications cables.But this is not new, already in March, the US announced sanctions against five Russian entities and 19 Russian individuals "for interference with the 2016 U.S. elections. Cybernetic attacks such as the past NotPetya outbreak and attack campaigns and surveys against US critical infrastructure have caused the fact that Russia has turned itself into the Trump organization’s main objective.

But Russia is not safe from attacks either. A series of espionage attacks have been uncovered, targeted at service centers in Russia that provide maintenance and support for a variety of electronic products. In particular, it is about a commercial version of the Imminent Monitor tool. FortiGuard Labs analyzed the attacks and they use a great quantity of tricks in order to achieve their goal, fake emails and malicious Office documents included.

The third country involved on this cyberwar is North Korea. According to AlienVault investigators, Cybercriminals linked to North Korea planted an ActiveX zero-day vulnerability on the website of a South Korean expert group focused on national security.

The investigators attributed the attack to the well-known group APT Lazarus and pointed out that the controls Active X are generally deactivated on the majority of the systems, but the governmental authorities of South Korea demand the citizens to set them up.

But not everything is going to be about bad relationships, but always under the shadow of suspicion. The summit between the US President, Donald Trump, and the North Korean leader, Kim Jong – Un provided a topic of conversation. Experts in cybersecurity alarmed behind the USB – powered fans that were given to the journalists in the summit. Some of the attendants warned the reporters about not plugging them in their computers, since the USB devices can contain malware in order to lead a survey about the journalists’ steps.

Hidden attacks that are not that anonymous anymore. The great powers are increasingly facing this cyberwar by clearly showing their position in front of them. What will be their next movements? We will be very attentive..


Post a Comment