+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

This Diagram Shows How A Recent String Of Hacking Attacks Came From One Cyber Arms Dealer

Nov 27, 2013, 20:02 IST
Computer security firm FireEye recently revealed to Business Insider that what has looked like random hacking attacks against Adobe, Microsoft, and other U.S. Companies is actually far more coordinated and connected than previous thought. If that weren't disturbing enough, FireEye released a report last week detailing how a recent string of eleven hacking attacks, which FireEye has dubbed Sunshop, actually share the same base tools, suggesting that a common Chinese cyber arms dealer is distributing the malware to individual hacking teams. Here's how FireEye thinks the hacking supply chain works:
FireEye

FireEye found that the attacks shared the same tools, elements of code, digital certificates, and identical timestamps. While that might lead many to assume that all of the attacks were engineered by a single hacking team (and FireEye admits this is a possibility), because of the seeming lack of consistent objective across attacks and the wide timeframe in which the attacks occurred, FireEye concluded that it is more likely that a single "digital quartermaster" is creating the tools and then distributing them. In the diagram below, you can see how each of the 11 attacks are connected. The yellow circles are the attacks, while the diamonds indicate the different shared properties:
FireEye

Leo Mirani at Quartz explains why FireEye's findings could have huge implications for cybersecurity: It seems a minor discovery-after all, somebody has to build the tools with which to compromise networks. But the implications are enormous. The supplier provides attackers with a "builder tool" that allows them to easily make the weapons they need without advanced coding skills. Indeed, the builder comes as a graphical user interface, which is to programming what Windows was to DOS. Attackers would still need a degree of technical sophistication to know how to use the tools. But just as it is easier to learn how to use a computer program to write your own, it is easier to configure a pre-existing tool than to start from scratch. If hacker arms dealers are selling easy-to-use malware bundles to the highest bidders, cyberwarfare could get a whole lot uglier.
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article