Tag: trojan

The Moral of Sony? Stop Doing Attribution

The hack of Sony Pictures Entertainment, which first came to light on November 24th, devolved this week into a chaotic international “whodunnit” with conflicting reports attributing the incident to everything from the government of North Korea to the government of China to global hacktivist group Anonymous to disgruntled Sony employees. For sure: those attributing the attack to hacking crews within the military of the Democratic Peoples Republic of Korea (DPRK) had their argument bolstered by reports in the New York Times and elsewhere claiming that the U.S. government now believes that the DPRK, under the leadership of Kim Jong Un, was responsible for the devastating hack. Officials at Sony Pictures Entertainment clearly believe the connection is credible, ordering the cancellation of the release of the Sony Pictures film The Interview following threats of violence on theaters showing the film. That acceded to a key demand of the hackers, who have used the […]

Malicious or Obnoxious? Chinese Mobile Vendor CoolPad Uses Secret Backdoors

CoolPad, an up-and-coming Chinese mobile phone maker, is shipping high-end, Android smart phones with so-called “back door” access built into the phone’s software. That, according to research by the firm Palo Alto Networks. Palo Alto researchers Claud Xiao and Ryan Olson released a report identifying the suspicious remote access software, which they dubbed “CoolReaper” on Wednesday. According to the report, the so-called “backdoor” program was shipped with stock operating systems (or ROMs) used by Coolpad’s “high end” phones in China and Taiwan. The software, which appears to have been created and managed by Coolpad, runs on top of the Android operating system and allows the company to remotely manage the phone independent of the wishes of its owner: pushing applications to the device without the user’s consent or notification, wiping data and applications, sending over-the-air (or OTA) updates to the phone, transmitting device data and sending arbitrary phone calls and SMS […]

The Moral of Sony: Ignoring Cyber Risk Can Be Fatal

  Mark Anderson over at IEEE Spectrum has a nice article today on “How Not To Be Sony Pictures.” His argument: corporations can no longer afford to be cavalier about cyber security. Accordingly: they need to do much more than simply spot threats. “Any organization that thinks cybersecurity is as simple as installing and regularly updating their anti-virus software risks similar nightmare scenarios as what Sony Pictures now stares down.”  – Mark Anderson, IEEE Spectrum. Anderson notes this blog post, by Fengmin Gong, the chief strategy officer and co-founder of Cyphort Security. Gong argues that the sheer scale and complexity of connected devices requires a new attitude towards protecting critical data and assets. “The new approach today that people have shifts away from prevention — which everyone knows is not achievable — to a focus on attack sequence and consequence,” Gong writes. What does that mean? Gong and Anderson are […]

Research Exposes Attacks on Military, Diplomats, Executives

Researchers from Blue Coat Systems said on Wednesday that they have identified an online attack framework that is being used in highly targeted attacks on executives in industries like oil, finance and engineering as well as military officers, diplomats and government officials. The attacks are designed to steal sensitive information and Blue Coat, in a report, said that the attackers went to extreme lengths to cover their tracks: routing all communications between the hackers and the compromised systems they controlled through a “convoluted network of router proxies and rented hosts” in countries like South Korea. The framework, dubbed “Inception” is global in scope, but appears to have started out targeting individuals in Russia. Attacks spread via phishing e-mail messages that contained malicious attachments, including key logging tools and remote access Trojan horse programs, BlueCoat said. The company has released a full report on the incident, which can be found here. (PDF) [Read more Security Ledger coverage […]

DPRK Mum as Hackers Dump Sony Pictures Data Online

The hack of Sony Pictures Entertainment has taken a turn for the worse, as evidence has turned up that suggests hackers have ransacked the networks of the high-profile studio, dumping everything from unreleased films to detailed business and employee records online. A spokesman for the Democratic People’s Republic of Korea (DPRK) did not explicitly deny or take responsibility for the attack when contacted by the BBC, telling the British news agency that “the hostile forces are relating everything to [North Korea]. I kindly advise you to just wait and see.” Sony Pictures’ network was attacked using destructive “wiper” malware last week that stole and exfiltrated data from the company, then erased data on infected PCs and servers. An FBI FLASH alert sent to U.S. firms provided details on the malware, including its use of a hard-coded list of IP addresses and hostnames, and the inclusion of configuration files created on computers […]