Entries in Cyber Security (3)


British Spy Chief: 'Astonishing' Cyber Espionage Threat

MARK WAUGH/AFP/Getty Images(LONDON) -- In a rare public speech, the head of Britain's domestic spy service said Monday that the West now faces an "astonishing" cyber espionage threat on an "industrial scale" from specific nation states.

"The extent of what is going on is astonishing," said Jonathan Evans, director general of MI5, "with industrial-scale processes involving many thousands of people lying behind both state-sponsored cyber espionage and organized cyber crime."

Though Evans did not name any countries, ABC News has separately learned from sources that the U.K., the U.S. and several European allies have a robust discussion underway on how to counter cyber espionage by perhaps the most significant state operator -- China.

Evans' speech on potential security threats to the West, delivered to English financial executives, came just one month before the 2012 Summer Olympics begin in London.

"The Games present an attractive target for our enemies and they will be at the centre of the world's attention in a month or so," said Evans. "No doubt some terrorist networks have thought about whether they could pull off an attack."

While Osama Bin Laden may be dead, he said, "in back rooms and cars on the streets of this country there is no shortage of individuals talking about wanting to mount terror attacks here."

The U.K. has had 43 terror plots or incidents since 2001, authorities said, numbers that are similar to those in the U.S. All since 2005 have been thwarted and several had also been aimed at the U.S., including the recent "printer bomb plot."

Evans said preparation for the Olympics had gone well, and that the Olympics, even if an "attractive" target, would not be an "easy target."

"There is no such thing as guaranteed security," he said. "But I think that we shall see a successful and memorable Games this summer in London."

However, said Evans, "as the government said after the Brighton bombing in 1984 [an IRA attack that narrowly missed British Prime Minister Margaret Thatcher], the terrorist only has to get lucky once."

Though U.K. retains the Pound as its national currency, Evans singled out the likely rise of political extremism as a result of the "Euro" crisis as a potential threat to the financial community in The City of London -- a mile-square independent jurisdiction within London.

He also pointed out three past national security risks to the financial sector-- all from the U.S. -- the World Trade Center attack in 2001, the almost forgotten bombing of the same towers in 1993, and the anarchist bomb attack on J.P. Morgan's bank in 1920.

"If I may be allowed a Rumsfeld moment," he said, "there are of course the uncertainties we can be certain about -- like terrorism, cyber security challenges and hostile intelligence activities by states. But there are also things we remain uncertain about." During a 2002 press conference, then U.S. Defense Secretary Donald Rumsfeld made a famous distinction between "known knowns," "known unknowns," and "unknown unknowns."

Copyright 2012 ABC News Radio


'Proof' Links Flame, Stuxnet Super Cyber Weapons: Researchers

iStockPhoto/Thinkstock(WASHINGTON) -- Researchers say they have uncovered "proof" linking the authors of the Flame cyber espionage program to Stuxnet, the most powerful offensive cyber weapon ever developed -- both of which are believed to have targeted Iran.

Analysts at the Russia-based cyber security firm Kaspersky Labs, which was the first to uncover Flame and had previously analyzed Stuxnet, wrote in a blog post today that they had found the "missing link" between Flame and Stuxnet: a specific piece of code that appears to have been used in both programs.

Flame, a highly advanced "toolkit" of cyber espionage programs capable of watching virtually everything on an infected computer, was discovered last month on computers in the Middle East and Iran and had apparently been spying on those systems for years. Stuxnet, an offensive cyber weapon designed to physically alter its intended target, was discovered in 2010 after it reportedly infiltrated and managed to damage an Iranian nuclear enrichment facility -- an unprecedented feat.

In both cases, cyber security experts that analyzed the programs' code determined that due to similarities in cost, time requirement and apparent target, it was likely they had each been developed under the direction of a nation-state, leading to speculation the U.S. or Israel may be involved. However, the same experts quickly noted that Flame's code architecture was vastly different from Stuxnet's and determined that while both could have come from the same nation-state, they were not likely written together.

But now Kaspersky Labs says the two cyber tools appear to have been developed in tandem and a section of code directly from Flame was used in an early 2009 version of Stuxnet, meaning that the two development teams overlapped in their work at least for a little while, even if they appear to have gone their separate ways in 2010 when newer versions of the programs appeared.

"We believed that the two teams only had access to some common resources, [but] that didn't show any true collaboration," Kaspersky Labs senior researcher Roel Schouwenberg told ABC News. "However, now it turns out that the Stuxnet team initially used Flame to kickstart the project. That proves collaboration and takes the connection between the two teams to a whole new level."

After Stuxnet's discovery, a Congressional report in December 2010 put the U.S. and Israel on a short list of countries believed to be capable of carrying out that attack -- a list that also included Russia, China, the U.K. and France. A month later, The New York Times reported Stuxnet may have been the result of a joint U.S., Israeli project to undermine Iran's nuclear program.

Five different U.S. government agencies declined to comment to ABC News about allegations they were involved in Flame and the Israeli government has reportedly denied any link to the virus.

News of the new connection between the two programs came just days after a U.S.-based cyber security firm, Symantec, reported Flame appears to have been given a "suicide" command that would wipe any trace of it from an infected computer.

Copyright 2012 ABC News Radio


China Still Spies the Old Fashioned Way, Russia Says

Stockbyte/Thinkstock(WASHINGTON) -- A day after a top American lawmaker accused China of exercising "an intolerable level" of espionage in the U.S., Russia's spy service announced it has detained a Chinese national for allegedly attempting to steal secrets about a Russian missile system.

While the accusations out of the U.S. primarily refer to cyber intrusions of American corporations, the Russian government is accusing China of an old standby in the tradecraft playbook: outright bribery.

Russia's secretive spy agency, the Federal Security Service (FSB), issued a rare statement Wednesday claiming the state had arrested a Chinese citizen who, posing as a translator for official delegations, was working under the direction of the Chinese government in an attempt to buy state secrets from Russians about Russia's S-300 missile system.

The Chinese national, identified as Tong Shenyun, was reportedly detained last year but the arrest was not made public until earlier this week. Russia has already supplied the Chinese with the relatively dated missile system and Beijing has the license to manufacture it, Russian state news said, but the FSB accused Shenyun of trying to obtain "technical and repair documentation" about the system.

The announcement of Shenyun's arrest came just hours after a top U.S. lawmaker in the House Intelligence Committee issued the strongest yet condemnation of China's alleged widespread cyber campaign against American corporations, which has allegedly reached into "nearly every sector" of U.S. industry.

"I don't believe that there is a precedent in history for such a massive and sustained intelligence effort by a government agency to blatantly steal commercial data and intellectual property," House Intelligence Committee Chairman Rep. Mike Rogers (R-Mich.) said in an open committee meeting Tuesday. "Chinese espionage has reached an intolerable level... Beijing is waging a massive trade war on all of us."

Rogers said that cyber intrusions of American and other Western corporations by hackers working behalf of Beijing -- allegedly including attacks on corporate giants like Google and Lockheed Martin -- amounted to "brazen and widespread theft."

In one attack on Google, the company claimed Chinese hackers attempted to breach private emails of senior U.S. government officials, prompting Secretary of State Hillary Clinton to say the U.S. government was "very concerned" about the possible connection to China.

In August, a documentary broadcast on Chinese state-run television showed what appeared to be a cyber attack in progress aimed at an I.P. address based at an Alabama university.

The same month the documentary aired, U.S.-based cyber security giant McAfee released a report which it suggested a nation-state was likely behind "relentless" cyber attacks on up to 70 global companies, governments, and non-profit organizations over the last half-decade. Included in the list of victims was a U.S. satellite communication company, several defense contractors, real estate firms, the International Olympic Committee and several Asia-based targets -- but none based in China.

Though China was not named as a suspect in the report, Chinese state-run media blasted its reasoning when responding to suggestions by other experts that China was the most likely culprit.

"McAfee's new report alleges that 'a government' carried out a large-scale Internet espionage hacking action but its analysis of the justification is obviously groundless," China's People's Daily said.

Chinese officials in the U.S. did not return requests for comments on this report, but, like in the case of the McAfee report, officials have repeatedly said the hacking accusations are "groundless."

Copyright 2011 ABC News Radio

ABC News Radio