Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Flaw Allowed Hackers To Spy On NATO, Ukraine, Others

Posted by Soulskill on from the hand-in-the-cookie-jar dept.

An anonymous reader writes: Reuters reports that a cybersecurity firm has found evidence that a bug in Microsoft's Windows operating system has allowed hackers located in Russia to spy on computers used by NATO, Ukraine, the European Union, and others for the past five years. Before disclosing the flaw, the firm alerted Microsoft, who plans to roll out a fix on Tuesday. "While technical indicators do not indicate whether the hackers have ties to the Russian government, Hulquist said he believed they were supported by a nation state because they were engaging in espionage, not cyber crime. For example, in December 2013, NATO was targeted with a malicious document on European diplomacy. Several regional governments in the Ukraine and an academic working on Russian issues in the United States were sent tainted emails that claimed to contain a list of pro-Russian extremist activities, according to iSight."

5 of 97 comments (clear)

  1. I wonder how long the NSA by wiredog · · Score: 4, Insightful

    has had this one on the shelf, without disclosing it?

    --

    Best Slashdot Co
    1. Re:I wonder how long the NSA by TheRaven64 · · Score: 4, Insightful
      That's the real question. And again, the NSA needs to answer the following question:

      Were they sufficiently technically incompetent that they didn't discover an attack that the Russians have been using, or were they sufficiently inept in a more general intelligence sense that they didn't realise that leaving US and allied machines vulnerable might be a problem?

      --
      I am TheRaven on Soylent News
    2. Re:I wonder how long the NSA by skgrey · · Score: 3, Insightful

      If they did have the exploit (and they probably did) the issue is visibility - they know they have this exploit, and probably a lot more, that can be used to easily get access to a system. How do you only patch "friendly" computers? Alerting Microsoft that this issue exists means that they will push out the patch to everyone, they simply aren't going to write patches for "friendly" computers. There allegiance is to the market, not to the country.

      That's probably the big problem the NSA has in general - they have all these great exploits, but others could have them as well. They are the method for being able to do some of the critical things they need to do to get access, especially abroad, but the second they disclose they potentially lose their ability to utilize them. It becomes a spy race at that point - get as much important data as you can while hoping the "bad guys" aren't doing the same or are slower at it.

      I wonder if the NSA ever feels a little guilty, knowing they have these exploits and could get them patched, and ultimately one of the could be used to do something very, very bad.

    3. Re:I wonder how long the NSA by king+neckbeard · · Score: 4, Insightful

      Since the security of Microsoft systems became a significant factor in national security. Perhaps they could shift their efforts of illegally tipping off DEA agents into security audits of software vital to our infrastructure, since that would actually protect the security of the nation.

      --
      This is my signature. There are many like it, but this one is mine.
  2. No mention of Kaspersky link to FSB by Anonymous Coward · · Score: 3, Insightful

    Article fails to mention that Kaspersky anti-virus maker themselves has been linked to Russian state security services and computers using Kaspersky may contain back doors accessible to FSB.