- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
IDG News Service - Despite an increasing number of successful cyberattacks launched by East Asian hackers against companies and government institutions around the world in recent years, Eastern European cybercriminals remain a more sophisticated threat to the global Internet, security researchers say.
"While East Asian hackers dominate cybersecurity-related headlines around the world with high-profile intrusions and advanced persistent threats (APTs), it would be a mistake to conclude that these attackers are the sole or greatest criminal threat to the global Internet today," Tom Kellermann, vice president of cybersecurity at antivirus vendor Trend Micro, said in a report entitled "Peter the Great Versus Sun Tzu."
"After conducting extensive research into the nature of the East Asian and East European underground, Trend Micro has concluded that hackers from the former Soviet Bloc are a more sophisticated and clandestine threat than their more well-known East Asian counterparts," said Kellermann, who until recently served as a commissioner on the Commission on Cyber Security for the 44th U.S. Presidency.
East Europeans are "master craftsmen" when it comes to malware development, Kellerman contends. "East European malware are so elegantly crafted, they have been dubbed the 'Faberge Eggs' of the malware world," he said.
East Asian hackers will use zero-day exploits -- exploits targeting previously unknown vulnerabilities -- and spear phishing in order to compromise a target's computer system, but then will rely on basic malware and third-party tools to maintain and expand their access on a target's network.
In contrast, East European hackers use exploits created by others for initial penetration, but their malware programs are customized specifically for their goals and have all of the needed functionality built in.
Malware programs produced in Eastern Europe tend to be small in size and use advanced detection evasion techniques, Kellermann said.
Kellermann attributes the advanced malware writing skills of Eastern European hackers to a long history of high-quality science and math education in the region. He also credits the discipline of making every line of code count that stems from the fact that computer scientists from the former Soviet Bloc had to make do with less sophisticated computing resources.
"As an East European vendor of anti-malware technologies, we also believe that the European malware underground is more technical and has more tradition than the Asian hacking scene," Bogdan Botezatu, senior e-threat analyst at Romanian antivirus vendor BitDefender, said Thursday via email.
"In the early days of the post-communist era, East Europeans (especially Bulgarians and Russians) have focused their attention on infecting capitalist countries as a response to the state of their economy," Botezatu said. "Aided by a solid background in mathematics and cryptography, the East Europeans have quickly become the undisputed champions in a, back then, means of political protest and retaliation."