Your AntiVirus Does Not See NSA's Botnet



nsa3 resized 600

The revelations are getting wilder by the week. The NSA has its own botnet, they infected more than 50,000 computer networks worldwide with malicious software designed to steal sensitive information. Documents provided by whistleblower Snowden and seen by the Dutch newspaper NRC Handelsblad, prove this. (link below) 

The NSA's 1,000 in-house hackers (they are called Tailored Access Operations) have created malware that apparently has escaped all antivirus tools just like Stuxnet did. I wonder if the code base is similar. NSA's intelligence pals in the UK (GCHQ) have been gratefully using the malware as well, infecting a Belgium telecom provider where a sample was found in September 2013. 

And how did GCHQ do it? Social Engineering! The Belgacom network was infiltrated by luring employees to a false Linkedin page. The malware can be controlled remotely and be turned on and off at will. Call it a "sleeper agent". According to the Washington Post, the NSA has been carrying out this type of cyber operation since 1998. So as we speak, right now, 50,000 machines are "pwned" by the NSA and they can make those machines do what they want. That's a botnet. Incredible. 

Now, let's extrapolate for a moment. If the NSA does this, so do the Chinese, and they mainly prey on your intellectual property. Highly likely the Chinese use contractors in the cyber mafia to send out sophisticated spear phishing attacks so that they can put invisible Chinese malware in your networks. And your antivirus is not catching it...

It is unlikely we are seeing the whole picture, but the moral of the story is to get your employees effective security awareness training

This is a link to the (English language) article: 

http://www.nrc.nl/nieuws/2013/11/23/nsa-infected-50000-computer-networks-with-malicious-software/?utm_campaign=rss&utm_source=syndication

 

 

 

 

 

 




Subscribe To Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews