Then Krebs came out with this assessment of the technology used in the highly publicized attack on Target customers (see Brian's article here). Net net, the tool used in the attack appears to be a "derivative of the ZeuS banking trojan." Then came the Kaspersky analysis of what is almost certainly a government/state entity, the Mask/Careto virus that has penetrated the following targets:
- Government institutions
- Diplomatic / embassies
- Energy, oil and gas
- Private companies
- Research institutions
- Private equity firms
- Activists
Okay, it's time to update my three-year-old Virus Report Card. I have inferred the capabilities of Mask/Careto from the excellent Kaspersky report (read the report here). So here ya go with a new matrix:
Data exhaust suggests that Mask/Careto is:
- A false-flag operation trying to point to Spanish-speaking creators, when in fact it is most likely a Chinese or Russian operation.
- A government or state-financed operation.
- Capable of more advanced Oversight (principle #1), Feral Fertility (#2), Openness (#8), Stratification (#13), Stealth (#14) and Defense (#21).
My closing comment to the individual who originally contacted me kind of says it all: "Thanks for your note. Too bad U.S. cyber law has you playing with one hand tied behind your back."
BAD NEWS or GOOD NEWS ?
ReplyDeleteU S DEPARTMENT OF DEFENSE News
American Forces Press Service
http://www.defense.gov/news/newsarticle.aspx?id=121660
White House Announces Voluntary Cybersecurity Framework
By Cheryl Pellerin
American Forces Press Service
WASHINGTON, Feb. 13, 2014
– The Obama administration has released a voluntary framework developed by hundreds of companies, several federal agencies and many international contributors as a how-to cybersecurity guide for organizations in the business of running the nation’s critical infrastructure.......