Finnish security firm F-Secure Labs recently released a Threat Report [pdf] for the first half of 2013; it shows "a continued rise in exploit-based attacks, particularly against Java, and an increasing sophistication in mobile threats." Regarding exploits, the most common attack vector, "users in the U.S. saw the most vulnerability-related attacks, with 78 out of every 1,000 users encountering an exploit attempt."
Mikko Hypponen, chief research officer of F-Secure, had a few other things to say about zero-day exploits and NSA spying. After the leaks, first came the claim that the NSA is only monitoring foreigners. Since he isn't an American, Hypponen found no comfort from that. After leaks revealed the NSA targeted the EU, the next NSA damage-control statements that emerged were about monitoring due to the War on Terror. Hypponen told V3, "It's very difficult to list spying on an ally government department as being part of the War on Terror."
"The next justification was 'everyone's doing it' and this is no different. But it is different, as no country has the visibility the U.S. does. How many businesses use U.S.-based companies' systems? There used to be some people using Nokia, but that's been sold to the U.S. Skype used to be trusted but it's been sold to the States. All the world is using a U.S.-based cloud system that the U.S. government has a legal right to. It's not the same."
"The two greatest tools of our time have been turned into government surveillance tools. I'm talking about the mobile phone and the internet. George Orwell was an optimist. This is what's happened."
Earlier this month, MuckRock obtained a contract via a Freedom of Information Act request that showed the NSA purchased a zero-day exploit service from the French security company Vupen. In September 2012, the NSA signed a one-year subscription for Vupen's "binary analysis and exploits service." That news caused ripples in the cyber ether, with some people believing it was to be expected and others believing it was curiosity on the part of the NSA, not lack of talent to create exploits.
Hypponen, however, believes that the outsourcing for weaponized exploits is a sign the NSA and UK's GCHQ may be suffering from a shortage of talented cyber-warriors. He's been checking out job listings for the last two years, and posts that require "experience with 'the Fort Meade customer' as a necessary skill" are referring to the NSA. He told V3, "It's no wonder they're outsourcing, because they can't build or find the skills inside. If you want to have a good cyber offensive capability you need a new arsenal of exploits. You need a fresh supply of weaponized exploits, which builds a demand in the market."
Regarding exploits and vulnerabilities in the first half of 2013, F-Secure's Threat Report states, "The whole point of carrying out an exploit-based attack is to install malware onto a system - be it ransomware, bots, banking trojans or backdoors." The report covers Advanced Persistent Attacks (APT), Android as the most-attacked mobile platform, and the growth of Mac malware. According to F-Secure, ZeroAccess, the second largest botnet in the world, is focused on getting rich with Bitcoins. "We estimate them to make over $50,000 a day by mining Bitcoins on infected computers."
"The most notable information security occurrence of early 2013 is undoubtedly the hacking and breach of several Internet giants (Twitter, Facebook, Apple, Microsoft) and of numerous other Silicon valley companies via a watering hole at iPhone Dev SDK," according to the Threat Report. The fact that the general public "has learned few lessons" about such attacks may be due to the companies involved keeping "important details tightly under wraps."
Like this? Here's more posts:
- Wickr: Free texting app has military-grade encryption, messages self-destruct
- Nuke data: BleachBit for Windows has 1300+ cleaners to help protect your privacy
- School starts mass social media surveillance of students for their ‘safety’
- Microsoft shows off two new Surface tablets: Surface 2, Surface Pro 2
- Researchers develop attack framework for cracking Windows 8 picture passwords
- Microsoft warns of IE zero day in the wild, all IE versions vulnerable
- Been groped by TSA agents? Former DHS official implied privacy advocates are to blame
- Is Microsoft an enemy of the internet by helping the NSA undermine encryption?
- Cautionary tales: Teen beauty queen and baby spied on via hacked cameras
- Microsoft Research: Secret tags in 3D-printed objects, hooked to the Internet of Things
- Gmail is the preferred email service of terrorists, claims former NSA chief
- ACLU: FBI has '20 separate records' for every adult and child in the USA
Follow me on Twitter @PrivacyFanatic