Online Espionage: Mikko Hypponen at SecTor IT security conference
5 April, 2012
What is the present-day governmental and nation states espionage like and how should security companies treat it? How do emails with contagious attachments transform into critical privacy problems? How do you tell that youre being spied on? The well-known malware adventurer and cybersecurity analyst Mikko Hypponen addresses these non-trivial relevant issues of today in his Online Espionage speech at SecTor IT security conference.
Lets start off with the German governmental trojan the trojan which we detect as R2D2 because the actual network transmissions from the infected laptop sent back to the government are initiated with this pass phrase, which is C3PO-R2D2-POE, which are all references to the Star Wars the movie.
Should antivirus and security companies like us try to detect governmental trojans? These are being used by different governments, police forces and investigators to catch bad people. I guess it isnt a bad thing if you get hit by a governmental trojan and you are a potential school shooter or a drug lord. But it is a bad thing if you get infected by a governmental trojan and you are innocent. And we are not the ones to make that call. We have to make the decision based on something else. Malware decisions are made by technical methods. If its a trojan, we will detect it regardless of the source as easy as that. And I dont see any other way.
If we would bow to, lets say, the government of Germany, or government of Canada, or government of the United States of America, then where do we draw the line? Next stop we have is the Italians asking us not to detect something, then the Spanish, then the Israelis, the Syrians
Where do you draw the line? So we dont, we dont draw the line at all. If its a trojan, we detect it as simple as that.
We actually did a public statement on this over 10 years ago which still stands today. And this is how we do it, we have it written out on our website and we follow that rule. But this was the very first time we had to actually use it in the real world. This was the first governmental trojan we received, which we knew was a governmental trojan.
Read more here..
»
privacy-pc.com/articles/ ··· nce.html