Wednesday, September 28, 2011

The Best Spies Money Can Buy
Security firms have found evidence that espionage agents are buying time on leased botnets: Will cybercriminals services lead to more efficient spying?

During the past decade, cybercriminals have specialized in the various tasks needed to compromise computers, steal data, and make money. Now, more elusive nation-state attackers could be using rented botnets and cybercriminal services to streamline their own operations, security experts say.

In June, security firm FireEye detected evidence of such a connection when it found instances of a remote-access Trojan whose code seemed to have been reused to infect machines with fake antivirus software. In another incident, cybercriminals sold access to compromised military and government computers, allowing would-be cyberspies to get direct access to their targets, says Darien Kindlund, senior staff scientist at FireEye.

The two examples are part of a building body of evidence that suggests attackers representing what the military and security industry refer to as the advanced persistent threat (APT) are not shying away from using criminals' resources to help them in their missions.

"If military and government hosts are being sold on the black market, who are the most likely buyers -- spammers?' No, they could buy something cheaper on a different network. But for APT?'Yes, it meets their mission objectives," Kindlund says.


No comments: