IS CYBERTERRORISMTHE NEW NORMAL?

Brought to you by:

Click this icon to tweet information from each slide

could all be cited as evidence that “progression, innovation, and escalation” will be the new name of the game in advanced threats.

IS CYBERTERRORISM THE NEW NORMAL?

ADVANCED THREATS

Progression

INNOVATION

ESCALATION

Stuxnet, Flame, Red October, and now Inception–Cloud Atlas

RED OCTOBER: THE SWISS ARMY KNIFE OF ESPIONAGE

targeted at diplomatic, governmental, and scientific research organizations worldwide

Termed an advanced cyberespionage campaign

Operated undetected for up to five years prior to discovery, transmitting information ranging from diplomatic secrets to personal information, including data captured from mobile devices.

RED OCTOBER: THE SWISS ARMY KNIFE OF ESPIONAGE

domain registrars and hosting companies shut down as many as 60 domains used by the virus creators to receive information. The attackers themselves shut down their end of the operation as well.

AFTER BEING REVEALED,

Primary vectors used to install the malware were emails containing attached documents that exploited vulnerabilities in Microsoft Word and Excel.

allowing them to craft highly advanced infections that were tailored to unique configurations of infected machines. Researchers broke those 1,000 modules down into ten categories.

Highly customizable exploits

RED OCTOBER OPERATORS HAD MORE THAN 1,000 MODULES AT THEIR DISPOSAL,

RECON

PASSWORDE-M

AILUSB DRIVE

KEYBOARDPERSISTENCESPREADIN

GM

OBIL

EEX

FILTR

ATIONUSB INFECTION

THE HUNT FOR RED OCTOBER’s Baby:Inception-Cloud Atlas

scale to Red October, Inception-Cloud Atlas was created in late May, 2014 and started operating in June.

the malware targeted executives and high-ranking people in finance, engineering, and petroleum industries, as well as diplomats, politicians, and military servicemen.

Inception–Cloud Atlas let hackers record phone calls in MP4 and extract them onto anonymous CloudMe accounts.

standard, which is an improvement to the cryptographically challenged RC4 algorithm used by Red October.

Used the Advanced Encryption

On Android devices, A malware attack similar IN

Like Red October,

THE HUNT FOR RED OCTOBER’s Baby:Inception-Cloud Atlas

organizations but spread to nearby countries including Ukraine and Uzbekistan, and then moved into Europe. (Germany, France, Belgium)

The virus began by targeting RUSSIAN

as any other kind of advanced arms proliferation. New weaponry has been used successfully once; now all the ambitious up-and-comers will be scrambling to follow suit.

The New Arms Race for Commoditized

Cyberattack landscape is following the same pattern

Malware Products

0100111101101110001000000100000101101110011001000111001001101111011010010110010000100000011001000110010101110110011010010110001101100101011100110010000001001001011011100110001101100101011100000111010001101001011011110110111011100010100000001001001101000011011011000110111101110101011001000010000001000001011101000110110001100001011100110010000001101100011001010111010000100000011010000110000101100011011010110110010101110010011100110010000001110010011001010110001101101111011100100110010000100000011100000110100001101111011011100110010100100000011000110110000101101100011011000111001100100000011010010110111000100000010011010101000000110100001000000110000101101110011001000010000001100101011110000111010001110010011000010110001101110100001000000111010001101000011001010110110100100000011011110110111001110100011011110010000001100001011011100110111101101110011110010110110101101111011101010111001100100000010000110110110001101111011101010110010001001101011001010010000001100001011000110110001101101111011101010110111001110100011100110010111000100000

Brought to you by: