Articles about Espionage

How do you know if you're being targeted by an agent of a foreign power? It used to be easy, as soon as he ordered red wine with his fish* you knew he wasn't the right sort of chap.

Nowadays when nation states are more likely to befriend you on social media in order to try to steal sensitive data you can no longer rely on the wine list to help you spot a bad guy.

Continue reading →

Cybersecurity company ESET has released new research into FamousSparrow, a cyberespionage group attacking hotels worldwide, as well as governments, international organizations, engineering companies and law firms.

The Advanced Persistent Threat (APT) group FamousSparrow has been exploiting the Microsoft Exchange vulnerability known as ProxyLogon, which allows hackers to take control of Exchange servers.

Continue reading →

The China-based Thrip group was first exposed in 2018 and has carried out attacks across South East Asia, mainly targeting military organizations and satellite communications operators.

New research from Symantec shows that since June 2018 Thrip has attacked 12 targets located in Hong Kong, Macau, Indonesia, Malaysia, the Philippines, and Vietnam. Analysis of the attacks shows close links to another long-established espionage group called Billbug making it likely the two are the same.

Continue reading →

Cyberattacks come in many forms and from many sources, but a new report from endpoint security company Carbon Black reveals an increasing number originate from nation states with espionage as their goal.

The findings show that 81 percent of incident response (IR) professionals say the majority of attacks come from Russia, while 76 percent say the majority come from China. These foreign actors are seeking more than just financial gain or theft -- 35 percent of IR professionals say the attackers' end goal is espionage.

Continue reading →

There is a new, global cyber espionage campaign, and this one demonstrates a "new level of maturity." This is according to a new report by PwC and BAE, released after consultation with other cyber security experts, including the UK's National Cyber Security Center.

The report claims this new cyber espionage campaign targets businesses through managed services IT providers.

Continue reading →

You'd be hard pressed to find someone who enjoys a trip to their department of Motor Vehicle. While not everyone there is bad or unfriendly, the general reputation would have you believe so. Couple that with long wait times. One thing you don't think you need to worry about is a stalker.

That  appears to be sort of what happened recently in New York. The New York Motor Vehicle employee was caught using a work computer to get a date with a customer -- without the customer's knowledge.

Continue reading →

Kaspersky Lab's security researchers have found a new cyber-espionage malware, most likely built by a nation-state to use against other states' organizations.

Dubbed "ProjectSauron", it is "particularly interested" in accessing encrypted communications. The malware hunts such communications down using an "advanced modular cyber-espionage platform", comprised of a number of different and unique tools.

Continue reading →

At this point it almost feels like we've been living with the Edward Snowden revelations all of our lives. While what was revealed scared many people, it also led to a lot of legal battles that are still raging on. At the forefront of those is the Electronic Frontier Foundation, a group that tirelessly fights for people's rights.

The foundation has had an ongoing case which has been termed Jewell v NSA, as well as Wikimedia v NSA. There are many irons in the fire in this battle and now the EFF has filed a new amicus brief in the Wikimedia case.

Continue reading →

What a strange coincidence: Earlier this week, Smithsonian Channel's "Air Disasters" broadcast an episode about the downing of Korean Airlines flight 007 in 1983 -- at the height of the Cold War. Turns out the Soviet Union recovered the black boxes and hid them for a decade. I'm old enough to remember the Cold War and what the United States fought against. I told my wife: "Sometimes I really wish the Soviet empire still existed, so Americans had a measure for government bad behavior". A day later, the Guardian and Washington Post broke what likely is the biggest story about U.S. surveillance since the Watergate break in. The activity stinks of behavior opposed decades ago.

The National Security Agency spies on you, in secret, something many people suspected. The NSA monitors Internet servers, without warrants. In a Google+ comment today, Joe Betsill brilliantly and succinctly captures what changed: "There's a difference between suspicion and evidence". He links to an Electronic Frontier Foundation "Timeline to NSA domestic spying". I strongly suggest reading the EFF material, in addition to the Guardian and Washington Post investigative reports -- so that you are informed.

Continue reading →

In a rather unexpected move, Samsung Mobile Display Co. is throwing a corporate espionage bomb, by accusing LG of stealing and leaking OLED technology secrets. The news comes as a shock indeed, because if found guilty of orchestrating it the consequences can be disastrous for LG.

Eleven people were indicted Sunday on charges of leaking or stealing core OLED technology from Samsung. The list also includes executives from LG, which currently trails Samsung as the second largest LCD panel manufacturer in the world. To top off bad news with more bad news, it is reported that six more suspects were formerly or currently working for Samsung.

Continue reading →

Small businesses have their hands full these days in light of a down economy, tightening budgets and the steepening pace of business, but with nation-state hacks front and center in the threatscape, should you worry about those, too, or are you (and your customers) safe?

Nation-state hacks bring to mind images of large defense contractors, big government offices, and/or high profile financial institutions. After all, if a bad actor overseas stole the cutting edge design of a new nuclear reactor, it would be quite a haul for that government and its cronies -- and worth their time, money and effort to go after. But you’re a small business, too small to garner that kind of attention, right?

Continue reading →

The new, targeted, high-tech, military grade malicious code such as Stuxnet, Duqu and Flamer dominates security news. So imagine our surprise when an AutoCAD worm, written in AutoLISP, the scripting language that AutoCAD uses, suddenly showed a big spike in one country on ESET’s LiveGrid two months ago, and this country is Peru.

We have seen other small number of infections of ACAD/Medre.A in other countries, but they are all in regions that are near Peru or have a large Spanish speaking contingent. The odd one out in the infection table would be the People’s Republic of China, but not quite so weird when we started to analyze the worm based on this sudden spike. More about China will follow later.

Continue reading →