Targeted Threats

Posts tagged “Targeted Threats”

Malware Attack Targeting Syrian ISIS Critics

This report describes a malware attack on a Syrian citizen media group critical of Islamic State of Iraq and Syria (ISIS). Though we are unable to conclusively attribute the attack to ISIS or its supporters, a link to ISIS is plausible. The malware used in the attack differs substantially from campaigns linked to the Syrian regime, and the attack is against a group that is an active target of ISIS forces. In the interest of highlighting a developing threat, this post analyzes the attack and provides a list of Indicators of Compromise.

Privacy and security in cyberspace: Right of all or luxury of the few?

In an article published on openDemocracy.net, Citizen Lab Senior Legal Advisor Sarah McKune writes about the digital threats that civil society organizations (CSOs) face in carrying out their work, which undermine their privacy and compromise sensitive information. “To address this problem we must expand the terms and scope of the debate, exploring the link between the right to privacy and access to digital security more fully,” said McKune.

Targeted Threat Research at USENIX Security 2014

At USENIX Security 2014 Citizen Lab researchers presented two papers on targeted threats against civil society communities as part of a dedicated session on the topic entitled Tracking Targeted Attacks against Civilians and NGOs.

Targeted Threat Index

The Targeted Threat Index is a metric for assigning an overall threat ranking score to email messages that deliver malware to a victim’s computer. The TTI metric was first introduced at SecTor 2013 as part of the talk “RATastrophe: Monitoring a Malware Menagerie” by Katie Kleemola, Seth Hardy, and Greg Wiseman.

A Call to Harm: New Malware Attacks Target the Syrian Opposition

The Citizen Lab is pleased to announce the publication of A Call to Harm: New Malware Attacks Against the Syrian Opposition. This research report by Morgan Marquis-Boire and John Scott-Railton examines two recent cyber attacks targeting the Syrian opposition: malware masquerading as the circumvention tool Freegate and a campaign masquerading as a call to arms by a pro-opposition cleric.