Government built Malwares and cyber-espionage methods are spinning out of their control : TrustyCon

TrustyCon: On Thursday F-Secure’s Malware Researcher Mikko Hypponen addressed the TrustyCon conference about the latest developments in malware behaviour. The conference named TRUSTYCON  was held at the AMC Metreon Multiplex as Mikko had boycotted the annual RSA Conference.  Mikko was supposed to deliver a talk at the RSA Conference on “Government as Malware Authors” but was apparently miffed by RSA and EMC’s alleged bias and apathy towards privacy of non-Americans.  Mikko wanted to have Counter-RSA conference after the Rueters leak which revealed the $10 M deal between the National Security Agency (NSA) and RSA for creating a backdoor in RSA products for NSA.

Government built Malwares, and cyber-espionage ways running out of control, TrustyCon

The Theater absolutely jam packed and the speakers lineup included  many international security researchers including Finnish national Mikko Hypponen.  

“Governments writing viruses: today we sort of take that for granted but 10 years ago that would have been science fiction,”.”If someone had come to me ten years ago and told me that by 2014 it will be commonplace for democratic Western governments to write viruses and actively deploy them against other governments, even friendly governments, I would have thought it was a movie plot. But that’s exactly where we are today, Hypponen said.


In his presentation Hypponen said how Government is creating Malware programs to spy over other Nations, talking more about the Notorious Malware Stuxnet which was deployed at Iran’s Nuclear Facilities by United states and Israel to infect and destroy the Iranian  Nuclear ambitions, and the “Flame Malware” which spread using a false windows update system to steal data, both of which he described as a  perfect toolkit for cyber-espionage.

Its not only that The United States have been involved, but China and many others countries are also involved in this so called Malware Authoring. Infact United states president Obama and China were due to have a summit at the White House over the issue, but unfortunately the Edward Snowden NSA leaks coming just four days before the summit meant that President Obama had to abandon the meet.

In Europe, German police and customs officials have access to a bespoke computer Trojan called R2D2 which is used to track and collect data on targets. the Russians have also been a lead in the cyber-espionage. “NSA’s 9 eyes program” which included 9 European countries partnership in the Spying Game. and not to forget the recently discovered “Malware Mask” which was used to Spy over more than 31 Countries and provides a hint of it being created by a Spanish speaking country.

Security Researcher Alex Stamos, one of the lead who helped organise the TrustyCon said โ€œWe are failing, and added that the community must stop blaming users for security shortcomings, and find ways, in spite of sophisticated actors, to latch onto avenues for โ€œbuilding technology that people can feel comfortable using from day to day.โ€

Jeffrey Brock, senior operations manager for cloud security and compliance for San Rafael, Calif.-based software vendor Autodesk Inc. Admired the discussion offered by Hypponen and said that he himself took part in TrustyCon because his company needed to establish trust with its customers. “the security community has been aware of allegations involving backdoors in RSA products for a long time and the world shouldn’t have needed Snowden to highlight either issue.” brock added further. 
“I think this conference is really focused on opening the curtains and demanding transparency,” said Brock, “which I think in the long run, I don’t see how any legitimate government is not going to have that transparency.

Abhishek Kumar Jha
Abhishek Kumar Jha
Knowledge is Power

Read More

Suggested Post