dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
538

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

Name Game

Premium Member

Online Espionage: Mikko Hypponen at SecTor IT security

Online Espionage: Mikko Hypponen at SecTor IT security conference
5 April, 2012
What is the present-day governmental and nation states espionage like and how should security companies treat it? How do emails with contagious attachments transform into critical privacy problems? How do you tell that you’re being spied on? The well-known malware adventurer and cybersecurity analyst Mikko Hypponen addresses these non-trivial relevant issues of today in his “Online Espionage” speech at SecTor IT security conference.

Let’s start off with the German governmental trojan – the trojan which we detect as R2D2 because the actual network transmissions from the infected laptop sent back to the government are initiated with this pass phrase, which is C3PO-R2D2-POE, which are all references to the ‘Star Wars’ the movie.

Should antivirus and security companies like us try to detect governmental trojans? These are being used by different governments, police forces and investigators to catch bad people. I guess it isn’t a bad thing if you get hit by a governmental trojan and you are a potential school shooter or a drug lord. But it is a bad thing if you get infected by a governmental trojan and you are innocent. And we are not the ones to make that call. We have to make the decision based on something else. Malware decisions are made by technical methods. If it’s a trojan, we will detect it regardless of the source – as easy as that. And I don’t see any other way.

If we would bow to, let’s say, the government of Germany, or government of Canada, or government of the United States of America, then where do we draw the line? Next stop we have is the Italians asking us not to detect something, then the Spanish, then the Israelis, the Syrians…Where do you draw the line? So we don’t, we don’t draw the line at all. If it’s a trojan, we detect it – as simple as that.

We actually did a public statement on this over 10 years ago which still stands today. And this is how we do it, we have it written out on our website and we follow that rule. But this was the very first time we had to actually use it in the real world. This was the first governmental trojan we received, which we knew was a governmental trojan.

Read more here..

»privacy-pc.com/articles/ ··· nce.html

Cudni
La Merma - Vigilado
MVM
join:2003-12-20
Someshire

Cudni

MVM

If it’s a trojan, we will detect it regardless of the source – as easy as that. And I don’t see any other way.

That sounds just right. Adhering to it shouldn't be an issue for any AV

Cudni

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

Name Game

Premium Member

It's going to get interesting very soon...

Pentagon to fast-track cyberweapons acquisition
»www.washingtonpost.com/w ··· ory.html

dvd536
as Mr. Pink as they come
Premium Member
join:2001-04-27
Phoenix, AZ

dvd536 to Cudni

Premium Member

to Cudni
said by Cudni:

If it’s a trojan, we will detect it regardless of the source – as easy as that. And I don’t see any other way.

That sounds just right. Adhering to it shouldn't be an issue for any AV

Unless of course the author greases their palms nicely!