August 26, 2011
While most of us think Cyberwar is the stuff of Hollywood movies and Pentagon budget padding, there is growing evidence of "State Actors" at work in the hacker's underworld. Security firm McAfee released information in August on "Operation Shady Rat", a 5 year long hacking campaign McAfee has uncovered. Government systems in the US, Canada, and South Korea plus corporate networks of defense contractors were apparently penetrated, with some of the intrusions lasting almost 2 years. Signs point to folks behind the Great Wall as probable culprits. The Stuxnet Worm reported earlier this year targeted Siemen's controller chips on manufacturing equipment. It just happened to infect and disable equipment necessary for Iran's nuclear program. Such focus suggests a state sponsored attack. Recently the Dutch Certificate Authority DigiNotar was found to have been hacked and forged security certificates created for domains like Google, the CIA and Mossad. The fake certificates appear to have been used to gain access to anonymizing Tor networks, Skype phone traffic, and the Gmail accounts of 300,000 Iranians. Once again, this hack appears to be state run or sponsored as part of a domestic spying effort.