Is Your Government A Source of Malware?

Posted by on Jul 3, 2013

Many enterprises are already familiar with malware. IT teams regularly provide maintenance on devices and best practices for avoiding contracting malware on a corporate network. But according to recent news, malware isn’t just coming from hackers these days, but from big governments around the world. Protect your sensitive company and consumer data from government backed malware and legal snoops by shielding information in a private cloud service that provides user anonymity.

Government Malware

Photo courtesy of cnmeonline.com

According to a recent Reuters special report, the United States government has become the largest single buyer of malware in the world, sparking a wave of protest and concern from both consumers and enterprises. The securities industry has voiced concerns over the government’s refusal to register purchased vulnerabilities, which would help enterprises and consumers to fight against malware developments. Instead, the government has used such exploits to develop spy technologies and cyber weapons to wage an ongoing cyber war against foreign networks. However, according to former White House cyber security advisor Richard Clarke, this aggressive cyber defense strategy has left American consumers and enterprises vulnerable to hacking and security breaches from their own government. Clarke said, “If the U.S. government knows of a vulnerability that can be exploited, under normal circumstances, its first obligation is to tell U.S. users.” And a recent New York Times report revealed that the Obama administration has established the right to stage a pre-emptive cyber attack against any perceived threat under the guise of defense.

Malware Infections

Image courtesy of Microsoft.com

Such developments have whittled away at consumer confidence in the possibility of a more private Internet. And the justified paranoia doesn’t just stop at the NSA’s notorious PRISM program, with reports that such data mining isn’t limited to those nine major technology firms, with thousands of finance, technology, and manufacturing companies willingly handing data over to the U.S. government on a routine basis in return for benefits like access to classified data. According to Bloomberg’s Michael Riley, such companies and firms have ongoing agreements with agencies like the NSA, FBI, and CIA to provide data the could potentially bolster national security while helping develop offensive strategies against suspected enemies of the U.S. Even programs that purportedly only cover infrastructure can undermine privacy as shown in the NSA program called Einstein 3. Originally developed to protect government devices against hackers, Einstein 3 monitors billions of emails between government computers to check for malware.

But the threat of malware doesn’t just come from the U.S. government as malware has been traced to governmental sources all around the world. One example is found in the discovery by Trend Micro researchers of Brazilian government websites that have served malware variants to site visitors under the guise of Flash Player and Adobe updates. The malware drops an executable and Java file disguised as a generic .GIF file. Once the malware alters the system’s security settings, it begins downloading additional files including a .JAR file that establishes a new administrator account. This account enables multiple remote desktop sessions, giving hackers remote access over the computer.

Malware Around the World

Image courtesy of securelist.com

Another instance of government-backed malware is the dangerous NetTraveler, which has infiltrated the systems of more than 300 victims in forty countries. Targets included government agencies and private organizations involved in sectors like communications, nanotechnology, and nuclear power. According to Kaspersky, NetTraveler dates back to 2004 and is likely traced to China as a cyber-spying tool. Many targets are Uigher and Tibetan activists and according to a Kaspersky spokesperson, “Based on collected intelligence, we estimate the group size to about 50 individuals, most of which speak Chinese natively and have working knowledge of the English language,” said a spokesperson for Kaspersky. The Kaspersky spokesperson also said, “NetTraveler is designed to steal sensitive data as well as log keystrokes, and retrieve file system listings and various Office or PDF documents.” NetTraveler infiltrates victims through spear-phishing emails with Microsoft Office attachments. The malicious attachments targeted the CVE-2010-3333 and CVE-2012-0158 vulnerabilities that have since been patched by Microsoft.

Shielding Private Data with SpiderOak

A great way to shield sensitive consumer and corporate data from any snooping eyes is through storing and syncing with a private cloud service provider. For enterprises looking for a truly private cloud, SpiderOak Blue offers fully private “public” and onsite server deployment options for full flexibility. Choosing the right third party cloud service can be a challenge as many services on the market have security gaps that leave private data vulnerable to third party attacks, malware, and legal snooping. But SpiderOak sets itself apart from the rest of the market by providing a fully private cloud service featuring all of the benefits of cloud storage along with 100% data anonymity.

SpiderOak protects sensitive enterprise data through 256-bit AES encryption so that sensitive files and passwords stay private. Authorized accounts can store and sync sensitive data with complete privacy, because this cloud service has absolutely “zero-knowledge” of user passwords or data. And all plaintext encryption keys are exclusively stored on approved devices, as SpiderOak never hosts plaintext data. SpiderOak Blue’s private cloud services are available for enterprises on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices, making this one of the only cross-platform solutions on the market.

Leave a Reply