U.S. Government Becomes Biggest Malware Buyer, Stoking Fears Over Security
The U.S. government has become one of the largest purchasers of malware, purposefully buying computer exploits and tools to further its cyberespionage abilities.
The government, aiming to keep its library of exploits as versatile as possible, doesn't disclose its knowledge of vulnerabilities to software companies and customers.
"There has been a traditional calculus between protecting your offensive capability and strengthening your defense," NSA director Michael Hayden told Reuters in a special report. "It might be time now to readdress that at an important policy level, given how much we are suffering."
Not disclosing those exploits has caused more critical cyberattacks by hackers and criminal organizations. One exploit, named Duqu, was thought to be U.S. government exploit targeting Windows-based computers. When the vulnerability was discovered, enterprising hackers rolled the exploit into kits which they sold to an international market. Hackers used those kits to conduct massive attacks and installed viruses on vulnerable computers before Microsoft could issue a fix.
U.S. officials are increasingly worried, and vocal, about cyberattacks from overseas rivals like China. But those public fears often belie cyberattacks driven by the U.S. government. The most reported case of a U.S.-driven cyberattack was the virus Stuxnet, which targeted, and disrupted, Iran's nuclear research program by remotely damaging Iran's uranium-enriching centrifuges.
Such a lucrative market, exploits are, that developers previously working to find and patch security vulnerabilities have instead turned to selling their findings to those offering money. Other developers have organized and worked as defense contractors and list their offerings in catalogues.
Software companies, obviously, don't like this, but they are largely to blame for the burgeoning market because they refused to pay developers to find and submit security vulnerabilities.
"As our research costs became higher and higher, we decided to no longer volunteer for multi-billion-dollar companies," One vendor told Reuters. "Software vendors created this market by not decently paying researchers for their hard work."
Some companies, like Google and Facebook, do pay for exploits, but not nearly enough to outcompete government entities. A single exploit can go anywhere between $50,000 to $100,000 on the grey market.
So what can these exploits do? One vendor lists its exploits in a catalog, advertising programs capable of turning iPhones into eavesdropping devices. Other programs allow Internet-connected devices, like printers, to transmit viruses through radio waves to other computers, even if the computer isn't connected to a network.
iPad Hacker Sentenced: U.S. Government Continues Cybercrime Crackdown
A hacker who illegally accessed information from thousands of AT&T iPad users was sentenced to three and a half years in prison on Monday.
Giant Spy Operation Attacked Governments For Five Years Before Being Discovered
Researchers in Russia have uncovered an on-going spy operation so extensive that it has victimized 69 different countries in the last five years.
Obama Knew, Ordered Stuxnet Cyber Attack on Iran: NYT
According to a New York Times report on Friday, anonymous U.S. and Israeli officials have confirmed that the 2010 "Stuxnet" cyber-attack on Iran's nuclear enrichment facilities was a joint U.S.-Israeli operation known as "Olympic Games", conducted with the full knowledge of President Bush and President Obama.
‘Orange Is The New Black' Season 5 Leaked By Hackers, The Dark Overlord Call Out Network Giants
Netflix was hacked the other day and the hackers who call themselves "The Dark Overlord" are not yet finished with the streaming giant. Also, they called out ABC, NBC and NAT Geo.
A New Mac Malware Could Nastily Take Over Your Computer
The nasty malware is being spread through a targeted phishing campaign which has so far primarily targeted European users. Many of the emails containing the malicious software have baited users into downloading OSX/Dok.
MORE IN ITECHPOST
The Role of Technology in Education in 2019
2019 is proving to be another great year for trends in educational technology. There are many upcoming trends that seem to have a bearing on the future of the sector with respect to technology.
New Retroreflective Material Could be Used in Nighttime Color-Changing Road Signs
BUFFALO, N.Y. -- A thin film that reflects light in intriguing ways could be used to make road signs that shine brightly and change color at night, according to a study that will be published on Aug. 9 in Science Advances.
Top 5 Video Games to Play for a Truly Unique First Date
Video games have a way of taking us outside of ourselves and live in a fantasy world. It's even better when you're playing a game with someone special!