Nation-state sponsors learn lesson of too-sophisticated cyber weapons

[InfoSec News <alerts () infosecnews org>]

http://www.nextgov.com/cybersecurity/2012/10/nation-state-sponsors-learn-lesson-too-sophisticated-cyber-weapons/58616/

By Aliya Sternstein
Nextgov.com
October 5, 2012

The presumed government sponsors behind a string of targeted attacks on 
mainly Middle Eastern computers likely are evolving their techniques to 
hide trademarks that have revealed their work to be a unified campaign, 
according to computer security researchers. The public’s ability to 
attribute cyber strikes to a single, organized entity could undermine 
the covert maneuvers.

During the past year various antivirus analysts have connected Stuxnet, 
a cyber sabotage tool allegedly authored by Israel and the United States 
to disable Iran's nuclear program, with other malicious software also 
thought to be state-sponsored. Unlike Stuxnet, the others are designed 
to scavenge intelligence from adversary computers without necessarily 
disrupting operations. After Stuxnet was first discovered in 2010, 
Russia-based Kaspersky Lab, U.S. company Symantec and other 
international research groups came across the other bugs.

Although Stuxnet and its related espionage weapons are sophisticated in 
performance, whoever constructed them used similar stealth tactics too 
many times, the analysts have found.

"These common links have allowed us to tie things together, and I don't 
think these nation-states will make the same mistakes going forward," 
Roel Schouwenberg, a Kaspersky senior antivirus researcher, told U.S. 
Chamber of Commerce members at a summit Thursday.

[...]

--
Get your CEH, CISSP or ISSMP with ExpandingSecurity.com Live OnLine classes that will not wreck your schedule.
Come to a free class and see how good our program really is. Free weekly PainPill:
http://www.expandingsecurity.com/PainPill