Cyber spying is no longer the work of movie fiction. Recently, a Canadian research security group has discovered a network of spies called GhostNet which were linked to government computers. It has infiltrated over 1,000 computers in more than 100 countries. These cyber spies gained information through spyware installed on computers of politicians, diplomats, and journalists. Targets included the Associated Press and the Dalai Lama.
The introduction of GhostNet to our awareness dictates that companies should rethink their protection strategies. Could your business be affected by spying hackers? Unique malware is often undetectable for a time, but once the virus is widespread, it will eventually be detected by anti-virus software. GhostNet specifically used malware and social engineering to give attackers full access to compromised computers and let them control cameras on the computer to remotely monitor activity in the room the computer was in. This computer surviellance exposes the evolving threat enviornment.
“By the time we get a sample, it can be too late. They’ve already gone and morphed into another variant,” said an anti-virus software representative. “There’s no end in sight.” To help counter these attacks, security software is updating and developing security technologies that are based on virtualization or use reputation to separate trusted Web sites and servers from machines that could pose a threat. Hopefully this will provide a wider scope of behviors that need to be monitored to prevent the problem before it is too late.