Weekly Roundup : Aug 12, 2011 : Dissecting a Shady Rat

Trending Security News

Probably the most widely discussed and interesting story in security news was the follow-on activity from McAfee’s disclosures last week of “Operation Shady Rat.”  As we noted previously, Vanity Fair called it an “unprecedented cyber-espionage campaign and intellectual property bonanza,” while others say the hacking claims are overblown.  Analysis continued this week with other security vendors weighing in and everything from a denial of involvement by China to claims that Shady Rat could benefit investors.  Other lingering news from last week’s Black Hat included coverage of the analysis by iSec Partners on Apple Mac OSX (Lion), “… not recommended for corporate use unless it’s in islands within larger networks, the OSX operating system has made strides.” 

Finally, I think it worth noting that in the context of the global drop in the stock market and the riots this week in Great Britain, we see continued reminders (Britain considers blocking social media) of how the Internet is part of the fabric of society and we should expect continued Government involvement as one of the large emerging trends shaping computing.

Shady Rat (Cyber Threats / Cyber espionage)

While not comprehensive by any means, here is a good sampling of the spectrum of discussions generated by Operation Shady Rat.

• Global cyber-espionage operation uncovered – CNET
• US was chief target of cyber attacks: McAfee – MSNBC
• Security vendor offers tool to see if your organization was infected by Operation Shady Rat – Computerworld
• China Is Behind Shady RAT, Experts Say – Darkreading
• China Denies Any Involvement in ‘Shady RAT’ – PC Magazine
• Shady RAT No China Smoking Gun – InformationWeek
• While Operation Shady Rat is shady, we need to be ready‎  – China Post
• China Must Worry about an American Version of Shady RAT‎ – Council on Foreign Relations
• Symantec digs into Shady RAT attack emails – ZDNet
• Security companies question ‘RAT’ attack – MSNBC
• Rival antivirus companies question McAfee’s Shady RAT report – Computer Business Review
• McAfee Finds A Shady RAT — But I Smell Something Worse – Darkreading
• ‘Operation Shady RAT’ Attackers Employed Steganography 
• Congress Wants Answers on World’s Largest Security Breach – Council on Foreign Relations
• Lawmaker requests McAfee briefing to discuss Shady RAT – SC Magazine
• Shady RAT? Investors Could Benefit from Security Stocks – International Business Times

 

IT Security

• Suppy Chain risk mitigation has been a CSO (aka Chief Shotgun Operator) responsibility since the Wild West
• “Black Hat: Apple Does Well but Microsoft Does Better with Enterprise Security” — Network World
• Mobile Malware: Protect Yourself Against Evolving Threats – InformationWeek
• Cloud Computing: 4 Tips for Regulatory Compliance – CIO.com

Cyber Threats

• “Stop fooling yourself’ and assume you are compromised” Black Hat crowd told – Government Computer News
• German hacker claims to have deciphered code used to encrypt mobile Internet traffic – The New York Times
• Hong Kong stock exchange halts trading after hack attack – CNET
• Girl hacker, 10, finds bugs in iPhone, Android

 

Security Research & Intelligence

• China saw nearly 500,000 Trojan horse attacks in 2010 – MSNBC
• Two thirds of banks believe cyber-crime is uncontrollable, according to Fundtech Survey – Credit Union Times
• Report: Q2 Theat Evolution, the Year of the Hacktivist? – Threatpost
• AntiSec’s Dump Of Law Enforcement Data Includes Personal Data Of Thousands – Darkreading
• Malware may have exposed student, staff data – MSNBC
• Harnig Botnet Returns, But Without Rustock

Government, Legislation & Policy

• Expert says joint efforts needed to battle cyberattacks as China becomes major victim – Xinhua News Agency
• Twitter, Facebook and RIM ‘look forward’ to riots talks – ZDNet
• Britain considers blocking social media – Hillicon Valley

---

Blog Picks

• Germany – Lessons from Some of the Least Malware Infected Countries in the World – Part 4 – Microsoft Security Blog
• Counterfeit Pilot IDs and Uniforms Will Now Be Sufficient to Bypass Airport Security – Schneier on Security
• Data Breaches On The Rise? – Adrian Lane
• FLAMING RETORT: Hacktivism, hacking and hackers – what do these words really mean? – Naked Security
• Protecting the Supply Chain–The CSO Rides Shotgun

---

Microsoft Research, Papers and Media

• Cybersecurity/Internet Health
  • Rethinking the Cyber Threat (paper)
  • Collective Defense: Applying Public Health Models to the Internet (paper)
  • Video: Collective Defense: Enabling Healthy Devices (video)
• Security Intelligence
  • Battling the ZBot Threat (paper)
• Trustworthy Computing
  • Imagine Video: Microsoft Trustworthy Computing (video)
• Cybersecurity/Trusted Supply Chain:
  • Supply Chain Risk Management keynote at the East-West Institute’s Second Worldwide Cybersecurity Summit (video)
  • Cyber Supply Chain Risk Management: Toward a Global Vision of Transparency and Trust (paper)
  • Toward a Trusted Supply Chain: A Risk Based Approach To Managing Software Integrity (paper)