Moreover, we know of several very similar incidents that have taken place, dating back to December 2011. We can confirm that these incidents did indeed take place and that the malicious program used in these attacks existed in April 2012. In the course of investigating the mysterious malicious attack in April, we managed to obtain and analyze samples of several hard drives attacked by Wiper. For this reason, practically no traces of the malicious program’s activity were left after Wiper was activated. Wiper’s creators did their best to destroy all the data that could be used to analyze the incidents. The International Telecommunication Union (ITU) asked Kaspersky Lab to research these incidents and determine the potential damage wrought by this malicious program. However, not a single sample of the malicious program used in these attacks was detected, which prompted many to question the accuracy of media reports. The country’s largest oil depot was especially hard hit – its operation was halted for several days after data on oil contracts was destroyed. This “mystical” Trojan greatly disturbed Iran in late April 2012: it emerged basically from nowhere and destroyed a large number of databases in dozens of organizations. The core module was never detected no further modifications of Duqu have been discovered since then. However, in late February 2012 Symantec’s experts discovered a new version of a driver in Iran, similar to the one used in Duqu but created on 23 February, 2012. The research activity prompted Duqu’s operators to destroy all traces of their activity from the C&C servers and victim computers.īy late 2011, Duqu ceased to exist “in the wild”. Besides, it was established that at least three more malware programs existed that used the same Duqu/Stuxnet framework this malware has yet to be detected. It was convincingly demonstrated that Duqu was a development of the Tilded platform, on the basis of which another high-profile malicious program – Stuxnet – had also been developed. As part of their research, the company’s experts managed to gain access to a number of Duqu’s C&C servers and collect a substantial amount of information about the programs’ architecture and its evolution. This malicious spyware program, which was detected in September 2011 and brought to public attention in October 2011, prompted Kaspersky Lab’s experts to action. ![]() In these circumstances, it is hardly surprising that other nations have sought to defend their interests and have used all available tools to both defend themselves and gather information.Īll these factors combined have sparked several serious incidents in the region which, after closer analysis, can be classified as the application of cyber weapons. Tensions in Lebanon, the on-going Israeli-Palestinian conflict and unrest in several countries around the Persian Gulf merely added to the instability across the region. Iran’s nuclear program continued, while the situation in the region was further complicated by political crises in Syria and Egypt. This change reflected the political developments in a region that has long been regarded as volatile. Previously they had only targeted Iran, but throughout the year they were deployed in a broader region of Western Asia adjacent to Iran. World viewĢ012 saw the use of cyber weapons spread to a wider area. It is safe to say, therefore, that 2012 has brought key revelations in this sphere – both in terms of the increase in security incidents and a greater understanding of how cyber weapons are being developed. Moreover, cyber warfare was on the agenda of public discussions between governments and state representatives over the course of 2012. ![]() ![]() However, analysis of these two forced the IT community to dramatically expand the whole concept of what cyber warfare entails.Īpart from an increase in the number of security incidents involving cyber weapons, the events of 2012 have also brought to light the fact that many sovereign states are heavily involved in the development of cyber weapons – something that was picked up on and widely discussed by the mass media. Cyber Weaponsīefore 2012, there were only two instances of cyber weapons being used – Stuxnet and Duqu.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |