Trojan & Co, the new frontiers of espionage

Once upon a time the espionage made by agents who essentially lived in complete anonymity and free of the past were able to recover the greatest amount of information about their objectives by building dangerous relationships with the reality of interest. Over the years, and the overwhelming technological evolution,  scenarios are profoundly changed. Access to information most often passes through the circuits of a mobile device or a personal computer and this led to an increasing focus of many companies and government agencies in the study and implementation of sophisticated software that can monitor every activity of the victim, collecting information useful to the cause.
The history is full of cyber espionage event, for example in 2005 a serious commercial espionage system was discovered in Israel. For years, several large-scale companies enjoyed inside information about their competitors using a Trojan horse application that was planted on victims’ workstations.

In June 2005, the United  Kingdom’s National Infrastructure Security Coordination Centre (NISCC) provided advice and issued a briefing pertaining to targeted Trojan email attacks against the UK Government and companies. The main goal of the attacks is covert gathering and transmitting of sensible information.

During the 2009 According to German Web site Der Spiegel, the German foreign intelligence agency BND has supposedly been spying on computer systems around the world in the past couple of years. BND has installed key loggers in the system.

Last month German Police has admitted using specially designed computer software to spy on citizens, after a hacker group Chaos Computer Club revealed the existence of the software. German authorities regularly employ the so-called ‘Bundestrojaner’ (‘Federal Trojan’) virus in order to spy on the users of targeted computers. The virus, which was revealed to the Club via an anonymous tipster, was developed by German police experts, and is used by government agents it to intercept electronic information during investigations.

All these cases are linked by a common factor, the intent of governments to control and spy on citizens or individuals who may potentially pose a threat to national security. Multiple violations of privacy observed in similar contexts, representing the inoculation of malware, a change in the system to be spying and thus leading to render questionable the evidence collected in this way.

Undoubtedly useful, such techniques lend themselves more to the collection of information that for probative evidence. But if in the public context this is what happened, in the meantime in the private sector we had a similar approach to the technology. Many companies have made ​​use of trojans, keyloggersand other malware to spy employees or trying to snatch secrets to their competior.  Substantial investments have been done by private companies and sometimed we have read sensational news, last one occurred in recent days related the industry giant EDF Energy sentenced for using a Trojan to spy on the operations of Greenpeace activists.

What are the scenarios that can be expected? Certainly a war without borders in cyberspace, a rapid growth in investment for this “weapon” as well as strong spending for defense against them, we will see some good!

(3L3V3N)

http://news.techworld.com/security/3317706/energy-giant-edf-used-trojans-to-spy-on-greenpeace/

http://intelligencenews.wordpress.com/2011/10/11/01-842/

http://www.computerweekly.com/news/2240074419/Trojan-spyware-suspects-arrested-as-major-industrial-espionage-scandal-emerges

 

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

12 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

19 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.