Skip to content

When Countries Attack…and Hack

Is the threat of malware real? The answer is definitely yes. Fortunately for most of us, the most serious malware attacks are going after large targets these days, such as government agencies and large international corporations.

For example, in late November 2014, Sony Corporation was the victim of a severe and successful hacking effort by a group calling itself The Guardians of Peace, according to the Wall Street Journal. They reported that the hackers “brought down the Hollywood studio’s corporate email, and leaked five films and a slew of sensitive personnel data, including a spreadsheet allegedly containing salaries of some 6,000 employees and top executives.”

Sony Corp. didn’t immediately know how hackers had accessed its systems. The attack was disruptive and effective—almost like something you’d see in a Sony-released movie. It was a quick, deliberate and obvious example of hacking, but that’s not always the case.

Country vs. country.

About the same time as the Sony attack, a report came out that said a sophisticated malware program had been discreetly spying on businesses and governments without detection since 2008—almost six years earlier.

The data break-in, or hack, was discovered by Symantec Corp., the maker of security software and systems. They described the attack as complex and very hard to detect. More significantly, the report said that the malware had come from a “nation state”: in other words, a foreign enemy.

The malware was top-notch and able to do all of its computer surveillance under the radar. It was definitely an espionage computer tool designed for high-level spying. The malware had been quietly and systematically collecting sensitive government and business data for a while, going undetected for a very long time.

The malware, which has been named “Regin,” is malware known as a backdoor Trojan. A Trojan, or Trojan horse, carries out actions when triggered to do so, stealing data and crashing systems. It got its name from the ancient story of the hollow wooden horse statue Greek soldiers hid in to enter and attack Troy. The malware gains access to the compromised computer, then sends commands. It can be loaded on the host computer in stages instead of all at once, which helps it to avoid detection.

Customized and well-planned attacks.

Sophisticated malware can be customized for a highly targeted attack. In the case of Sony Pictures, the malware was designed, among other things, to steal employee emails and raid Sony’s stored digital movies, several of which were unreleased. Within days of the attack (which could prove very costly to Sony), experts had identified North Korea as the likely source of the attack, in retaliation for a soon-to-be-released Sony movie that North Korea objects to.

Lying in wait.

In the case of the Regin malware, Symantec estimates the initial infections occurred between 2008 and 2011. The malware seemed to disappear for a period, only to resurface in 2013. That’s the year Symantec discovered Regin at work. Symantec reported that it likely took many months or years to complete the attack. Throughout the entire time, the malware creators were carefully monitoring and covering their digital tracks.

The report said, “Regin displays a degree of technical competence rarely seen and has been used in spying operations against governments, infrastructure operators, businesses, researchers, and private individuals…its capabilities and the level of resources behind Regin indicate that it is one of the main cyber-espionage tools used by a nation state.”

Foreign attacks are a growing problem.

The United States wasn’t the primary country attacked by Regin—Russia lead the list, followed closely by Saudi Arabia and more than a half dozen other countries.

Not that the U.S. isn’t being targeted enough. Here are some recent incidents the U.S. has experienced:

  • The U.S. Investigation Services (USIS), which provides the majority of background checks for the government, was targeted in an attack, mostly likely initiated by a foreign entity.
  • In late 2014, a highly publicized report revealed that China and a few other countries were capable of a significant cyber attack on America’s power grid.
  • In August 2014 the U.S. Nuclear Regulatory Commission announced that it had been hacked by a foreign group several times over the past three years.

In this modern technology age, the warfare of choice seems to be cyber attacks, and no country is safe from them.

Related Articles

Related Articles

  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking
  • Online Privacy
  • Online Safety
Image of a man standing next to a huge brain

Here’s How to Choose a VPN: Don’t Overthink It and It’ll Be Fine

We're not all IT (internet technology) types, but don't tell that to VPN review sites! They make...

[Read More]

Email Scams 101: How To De-Code Sketchy Emails

Why are they dangerous? Because most, if not all, of our accounts, are tied to our email….

[Read More]
Scammers are Everywhere! Who You Gonna Call?

SCAM PREVENTION: Call a Good Friend BEFORE You Get Scammed!

Make someone in the family the point-person to stop a scam in progress. Scam prevention tactics are…

[Read More]

How a Scam Works: It’s All in the Formula and You’re an Ingredient.

A scam works (for the con artist) when all the elements come together just right.

[Read More]
Scam Savy

Avoid a Scam and Stay Safe With these 8 Simple Tricks

Scammers have a bag of tricks to try to separate you from your money. However, you can...

[Read More]
Cyber Crime

The Top Scams Aren’t Going Away Anytime Soon

Some aren't only victims of scams, there also victims of circumstance. They may lose their job and...

[Read More]