U.S. Government Becomes Biggest Malware Buyer, Stoking Fears Over Security
The U.S. government has become one of the largest purchasers of malware, purposefully buying computer exploits and tools to further its cyberespionage abilities.
The government, aiming to keep its library of exploits as versatile as possible, doesn't disclose its knowledge of vulnerabilities to software companies and customers.
"There has been a traditional calculus between protecting your offensive capability and strengthening your defense," NSA director Michael Hayden told Reuters in a special report. "It might be time now to readdress that at an important policy level, given how much we are suffering."
Not disclosing those exploits has caused more critical cyberattacks by hackers and criminal organizations. One exploit, named Duqu, was thought to be U.S. government exploit targeting Windows-based computers. When the vulnerability was discovered, enterprising hackers rolled the exploit into kits which they sold to an international market. Hackers used those kits to conduct massive attacks and installed viruses on vulnerable computers before Microsoft could issue a fix.
U.S. officials are increasingly worried, and vocal, about cyberattacks from overseas rivals like China. But those public fears often belie cyberattacks driven by the U.S. government. The most reported case of a U.S.-driven cyberattack was the virus Stuxnet, which targeted, and disrupted, Iran's nuclear research program by remotely damaging Iran's uranium-enriching centrifuges.
Such a lucrative market, exploits are, that developers previously working to find and patch security vulnerabilities have instead turned to selling their findings to those offering money. Other developers have organized and worked as defense contractors and list their offerings in catalogues.
Software companies, obviously, don't like this, but they are largely to blame for the burgeoning market because they refused to pay developers to find and submit security vulnerabilities.
"As our research costs became higher and higher, we decided to no longer volunteer for multi-billion-dollar companies," One vendor told Reuters. "Software vendors created this market by not decently paying researchers for their hard work."
Some companies, like Google and Facebook, do pay for exploits, but not nearly enough to outcompete government entities. A single exploit can go anywhere between $50,000 to $100,000 on the grey market.
So what can these exploits do? One vendor lists its exploits in a catalog, advertising programs capable of turning iPhones into eavesdropping devices. Other programs allow Internet-connected devices, like printers, to transmit viruses through radio waves to other computers, even if the computer isn't connected to a network.
iPad Hacker Sentenced: U.S. Government Continues Cybercrime Crackdown
A hacker who illegally accessed information from thousands of AT&T iPad users was sentenced to three and a half years in prison on Monday.
Giant Spy Operation Attacked Governments For Five Years Before Being Discovered
Researchers in Russia have uncovered an on-going spy operation so extensive that it has victimized 69 different countries in the last five years.
Obama Knew, Ordered Stuxnet Cyber Attack on Iran: NYT
According to a New York Times report on Friday, anonymous U.S. and Israeli officials have confirmed that the 2010 "Stuxnet" cyber-attack on Iran's nuclear enrichment facilities was a joint U.S.-Israeli operation known as "Olympic Games", conducted with the full knowledge of President Bush and President Obama.
‘Orange Is The New Black' Season 5 Leaked By Hackers, The Dark Overlord Call Out Network Giants
Netflix was hacked the other day and the hackers who call themselves "The Dark Overlord" are not yet finished with the streaming giant. Also, they called out ABC, NBC and NAT Geo.
A New Mac Malware Could Nastily Take Over Your Computer
The nasty malware is being spread through a targeted phishing campaign which has so far primarily targeted European users. Many of the emails containing the malicious software have baited users into downloading OSX/Dok.
MORE IN ITECHPOST
Link Building & Guest Posting Updates- 2020
Over the years, the importance of high-quality backlinks has only increased. What once used to be a quantitative measure, is now qualitatives in nature. In other words, the links are now scanned for the quality they bring in, along with the number of links.
How Do Personal Emergency Response Systems Work?
Personal emergency response systems, known as PERS for short, are systems that help people to raise the alarm and get immediate help when a medical or personal emergency occurs. They are ideal for older people and anyone with a mobility issue or an injury or illness that can cause falls.
How to Download Free Android Emulator for Gaming on PC?
Are you looking to play Android games on PC with the help of the best Android emulator? There are numerous types of online platform which provide user friendly access and support for the interested communities to get immediate access to install their best recommended Android applications.
Netflix is Raising Prices, Here’s How it Now Compares to Other Streaming Services
Once a brand gains the trust and loyalty of its market, it is only logical that it attempts to flex its dominant muscle. Such is the tale that fits the recent price hike coming from the stable of Netflix. Having baited consumers into believing that streaming, and not cable subscription, is the right way to go, Netflix has now decided to drop its own form of a bombshell on consumers in the form of price increment. The news, which was announced earlier this year, detailed that Netflix would be raising prices across all of its plans by 13 to 18 percent.