Moderators: Elvis, DrVolin, Jeff
Via: CBS:
The majority of Americans use all these cell phones to talk, text or tweet.
But all this high tech communication hides a dark and troubling danger.
“I don’t think the general public is aware how insidious this can be,” said private investigator and cell phone spyware expert Tim Wilcox.
Wilcox owns and runs one of the premier private investigative companies in the country, International Investigators, Inc. International Investigators does a lot of things. But one the company’s specialties and expertise is uncovering and exposing hidden spy tools like bugs in cell phones and other appliances.
“It takes about 90 seconds to download the spyware and you’re in business,” said Wilcox of some versions of this software that can be loaded onto someone’s cell phone.
The spyware is a lurking danger that turns your cell phone into a secret listening device, an instrument used to spy against you. Worse yet, you’ll likely never know it is on your phone.
“There could be anywhere from three to five or six million cell phones that are infected with spyware (at any one time),” said Wilcox.
This spyware, otherwise called malware, can be found through a simple search on the Internet. The software can be loaded onto your phone in a matter of minutes or even seconds. Once it is on your phone and operating it can turn your cell phone against you.
Houston
At least three US oil companies were the target of a series of previously undisclosed cyberattacks that may have originated in China and that experts say highlight a new level of sophistication in the growing global war of Internet espionage.
The oil and gas industry breaches, the mere existence of which has been a closely guarded secret of oil companies and federal authorities, were focused on one of the crown jewels of the industry: valuable “bid data” detailing the quantity, value, and location of oil discoveries worldwide, sources familiar with the attacks say and documents obtained by the Monitor show.
The companies – Marathon Oil, ExxonMobil, and ConocoPhillips – didn’t realize the full extent of the attacks, which occurred in 2008, until the FBI alerted them that year and in early 2009. Federal officials told the companies proprietary information had been flowing out, including to computers overseas, a source familiar with the attacks says and documents show.
The data included e-mail passwords, messages, and other information tied to executives with access to proprietary exploration and discovery information, the source says.
While China’s involvement in the attacks is far from certain, at least some data was detected flowing from one oil company computer to a computer in China, a document indicates. Another oil company’s security personnel privately referred to the breaches in one of the documents as the “China virus.”
“What these guys [corporate officials] don’t realize, because nobody tells them, is that a major foreign intelligence agency has taken control of major portions of their network,” says the source familiar with the attacks. “You can’t get rid of this attacker very easily. It doesn’t work like a normal virus. We’ve never seen anything this clever, this tenacious.”
Neither Marathon Oil, ExxonMobil, nor ConocoPhillips would comment on the attacks or confirm that they had happened. But the breaches, which left dozens of computers and their data vulnerable in those companies’ global networks, were confirmed over a five-month Monitor investigation in interviews with dozens of oil industry insiders, cybersecurity experts, former government officials, and by documents describing the attacks
“We’ve seen real, targeted attacks on our C-level [most senior] executives,” says one oil company official, who, like others familiar with various aspects of the attacks, spoke only on condition of anonymity. “I was at a meeting with the FBI earlier this year [2009] that was pretty eye-opening.”
The new type of attack involves custom-made spyware that is virtually undetectable by antivirus and other electronic defenses traditionally used by corporations. Experts say the new cyberburglary tools pose a serious threat to corporate America and the long-term competitiveness of the nation.
“We’ve had friends in the petroleum industry express grave concern because they’ve spent hundreds of millions of dollars finding out where the next big oil discovery will be,” says Ed Skoudis, cofounder of InGuardians, a computer security firm, who was called last year to help a big oil and gas company secure its bid data after its computer network was infiltrated. He wouldn’t name the company. “The attacker would be saving huge expenses for himself by stealing that data.”...
... Still, a simple thirst for oil is no proof that a country is conducting corporate espionage. Even the suggestion, contained in one of the documents, that some data had flowed from a ConocoPhillips computer to a computer in China could have been the result of some other nation’s cyberspy unit co-opting Chinese servers to cover their tracks, experts say. Lee and other specialists admit that it will be difficult, and perhaps impossible, to ever determine definitively who was behind the attacks...
... On Nov. 13, 2008, a senior executive at Marathon Oil in Houston looked at a strange e-mail on her screen. It appeared to be a response to a message she had sent a corporate colleague overseas. The only problem was, according to a source familiar with the incident who asked for anonymity, she hadn’t sent the original e-mail.
Yet there, on her screen, was a “reply” to what looked like her request for a comment on the “Emergency Economic Stabilization Act” – the federal bailout of US banks. And the original e-mail contained something else: an embedded Internet link. Recognizing the danger, the executive alertly sent out an internal warning that the e-mail was fake and may contain a computer virus.
But, according to the source and documents obtained by the Monitor, her response was too late. The fake had already been forwarded to other people – and someone had clicked on the link it contained. Instantly, an unseen spy program started spreading stealthily across Marathon’s global computer network...
... “Identity theft is small potatoes compared to this new type of attack we’ve been seeing the past 18 months,” says Scott Borg, who heads the US Cyber Consequences Unit, a nonprofit that advises government and the private sector. “This is a gigantic loss with significant economic damage.”...
... “Antivirus software misses more than 20 percent of the Trojans in my testing,” says Paul Williams, a cybersecurity expert who spoke at a recent oil and gas industry conference in Houston...
When the Conficker computer “worm” was unleashed on the world in November 2008, cyber-security experts didn’t know what to make of it. It infiltrated millions of computers around the globe. It constantly checks in with its unknown creators. It uses an encryption code so sophisticated that only a very few people could have deployed it. For the first time ever, the cyber-security elites of the world have joined forces in a high-tech game of cops and robbers, trying to find Conficker’s creators and defeat them. The cops are failing. And now the worm lies there, waiting …
Summation at the end of a long, informative article:
By Mark Bowden
... Imagining Conficker’s creators as a skilled group of illicit cyber entrepreneurs remains the prevailing theory. Some of the good guys feel that the worm will never be used again. They argue that it has become too notorious, too visible, to be useful. Its creators have learned how to whip computer-security systems worldwide, and will now use that knowledge to craft an even stealthier worm, and perhaps sell it to the highest bidder. Few believe Conficker itself is the work of any one nation, because other than the initial quirk of the Ukrainian-keyboard exemption, it spreads indiscriminately. China is the nation most often suspected in cyber attacks, but there may be more Conficker-infected computers in China than anywhere else. Besides, a nation seeking to create a botnet weapon is unlikely to create one as brazen as Conficker, which from the start has exhibited a thumb-in-your-eye, catch-me-if-you-can personality. It is hard to imagine Conficker’s creators not enjoying the high level of cyber gamesmanship. The good guys certainly have.
“It’s cops and robbers, so to speak, and that was a really interesting aspect of the work for me,” says Martinez. “It’s guys trying to outwit each other and exploit vulnerabilities in this vast network. “
In chess, when your opponent checkmates you, you have no recourse. You concede and shake the victor’s hand. In the real-world chess match over Conficker, the good guys have another recourse. They can, in effect, upend the board and go after the bad guys physically. Which is where things stand. The hunt for the mastermind (or masterminds) behind the worm is ongoing.
“It’s an active investigation,” Joffe says. “That’s all I can say. Law enforcement is fully engaged. We have some leads. This story is not over.”
Return to Data & Research Compilations
Users browsing this forum: No registered users and 2 guests