/The biggest threat to the open internet is not Chinese government hackers or greedy anti-net-neutrality ISPs, it’s Michael McConnell, the former director of national intelligence.
McConnell’s not dangerous because he knows anything about SQL injection hacks, but because he knows about social engineering. He’s the nice-seeming guy who’s willing and able to use fear-mongering to manipulate the federal bureaucracy for his own ends, while coming off like a straight shooter to those who are not in the know.
Posts tagged “Malware”
Targeted attacks, known as “spear phishing,” are increasingly exploiting government and military themes in order to compromise defense contractors in the Unites States.  In 2009, the Washington Post reported that unknown attackers were able to break into a defense contractor and steal documents pertaining to the Joint Strike Fighter being developed by Lockheed Martin Corp.  Google was compromised in January 2010 along with other hi-tech companies and defense contractors.  The problem is becoming increasingly severe.  In fact, the Department of Defense recently released a memo with plans to protect unclassified information passing through the networks of various contractors.  The memo recognizes the severity of the ongoing threat and seeks to:
Establish a comprehensive approach for protecting unclassified DoD information transiting or residing on unclassified DIB information systems and networks by incorporating the use of intelligence, operations, policies, standards, information sharing, expert advice and assistance, incident response, reporting procedures, and cyber intrusion damage assessment solutions to address a cyber advanced persistent threat. 
From Nart Villeneuve
Nart Villeneuve (Senior Psiphon Fellow, Chief Research Officer at SecDev, and former Director of Technical Research at Citizen Lab), was featured in a Reuters news article regarding the market for malware hackers in China. The article focusses on the role of hackers in China’s malware attack on Google that prompted Google’s decision to re-think its… Read more »
Joe Stewart, a security specialist with SecureWorks in the US, told the New York Times that he had analysed the software used to attack Google, and found that the main program used by the hackers contained a module based on an algorithm that appeared in a Chinese technical document that has been published exclusively on… Read more »
With more details emerging on the inner workings of the targeted malware attack that hit Google and over 30 other companies (ZDNet News Special Coverage – Special Report: Google, China showdown), it’s time to summarize all the events that took place during the past week, and answer some of the most frequently asked questions such… Read more »
Well-known human rights advocates in China and a Tibetan rights activist in the United States have disclosed that their Gmail accounts have been compromised. They came forward after Google’s announcement of a sustained cyber attack on activists and other illicit accessing of accounts, but stressed that the problem goes back much further. Some in China… Read more »
Google has just announced that there were successful attacks against their infrastructure resulting in the theft of intellectual property. Google traced the attacks to China and although the attribution regarding the Chinese government is unclear, Google also discovered that the attackers also attempted to compromise the Gmail accounts of Chinese human rights activists. From Nart… Read more »
The Information Warfare Monitor has released a report entitled Targeted Malware Attack on Foreign Correspondents based in China, authored by Nart Villeneuve and Greg Walton. The report adds some interesting details to recent reports of targeted attacks against foreign correspondents in China, including details on the command and control servers. The report has been covered… Read more »