Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Cyberwar increasingly defined by espionage and regional conflicts, argues FireEye

John E Dunn | Jan. 16, 2014
The world is still in the foothills of the cyberwar era but already online confrontation is being defined by an unstable and possibly dangerous mixture of proxy conflicts and old-fashioned espionage mixed with lower-level digital activism, security firm FireEye has said.

"What I find interesting is that simple changes made to existing malware are often more than enough to evade detection," said FireEye researcher Nart Villeneuve.

"Even more surprising is that technically 'unsophisticated' malware is often found in the payload of "sophisticated" zero-day exploits. And this year quite a number of zero-days were used in targeted attacks."

This makes it relatively simple for attackers to reheat malware used in older attacks for use in new campaigns.

FireEye said it had spotted the emergence of malware arms dealers and even 'hitmen', groups willing to supply malware packages to the highest bidder as part of a commercial service. The best example of this in 2013 was the Hidden Lynx attacks.

"While the noisier groups will continue their operations as usual being documented in research papers rarely seems to faze them I believe that some groups will adopt increasingly stealthy techniques in the near future," concluded Villneuve.

One trend FireEye doesn't analyse is what all this means for the security market itself. One answer is more acquisitions at higher prices, not least by FireEye itself which recently announced it was buying security forensics outfit Mandiant for $1 billion.


Previous Page  1  2 

Sign up for Computerworld eNewsletters.