Slashdot Mirror
Windows Flaw Allowed Hackers To Spy On NATO, Ukraine, Others
An anonymous reader writes: Reuters reports that a cybersecurity firm has found evidence that a bug in Microsoft's Windows operating system has allowed hackers located in Russia to spy on computers used by NATO, Ukraine, the European Union, and others for the past five years. Before disclosing the flaw, the firm alerted Microsoft, who plans to roll out a fix on Tuesday. "While technical indicators do not indicate whether the hackers have ties to the Russian government, Hulquist said he believed they were supported by a nation state because they were engaging in espionage, not cyber crime. For example, in December 2013, NATO was targeted with a malicious document on European diplomacy. Several regional governments in the Ukraine and an academic working on Russian issues in the United States were sent tainted emails that claimed to contain a list of pro-Russian extremist activities, according to iSight."
Ono
Said nobody.
Russians using American software to spy on NATO. The irony is mind blowing.
It's annoying and unnecessary.
Read here for a more detailed perspective
http://www.isightpartners.com/2014/10/cve-2014-4114/
1 - ISight claims this has been a five year campaign and then add that "hackers began only in August to exploit a vulnerability found in most versions of Windows". So where did the "five year" timeline come from?
2 - "Russian hackers target NATO, Ukraine and others" the article screams and then we find this wishy washy explanation from ISight's John Hullquist on his claim about the hackers being Russian:
"Your targets almost certainly have to do with your interests. We see strong ties to Russian origins here".
Sounds like a bunch of FUD to me
Bill has always (and rightly so) that Microsoft is *not* a security company,
and that security is the user's responsibility when using their products.
In the same light, Bill also said 640k should be enough memory for anyone
(I have the audio recording!)
All kidding aside, there's no evidence to suggest the this hasn't been used
by America on other countries...
CAP == 'speech!'
User clicks on a malicious PPT file, which installs a backdoor. Don't people check task manager for unscrupulous executables running on their systems?
Buck Feta. You know what to do.
has had this one on the shelf, without disclosing it?
Best Slashdot Co
Using foreign proprietary technology and using in particular Windows are retarded. What are they really expecting?
subscribers. PleasWe
Naturally it's the Russians, because of espionage...
No US corporations have ever done that!
If one uses Windows he deserves what he gets!
- Hours, days, weeks of waisted time in Installations configurations and updates. ... Insert your bad experience here.
- Bad style, and ugliness
- Slowness and retarded technology
- Limited devices and architecture support
- Limited functionality.
- Waisted money and time on security breeches and lost data
- All one's files hijack by hackers, passwords stolen. credit cards withdrawal
- Bad Karma
Don't come complaining to me I told you so
holy shit ! NATO uses Windows ??
Womem in the Ukraine wear combat boots. Now you know.
Seems our computer (users) are in their oral phase: stick everything you find on the street in your mouth.
"I want everything to happen automagically when I stuff a random $USB_DEVICE in my box"
"I want everything to happen automagically when I open some $RANDOM_DOCUMENT I found on the intratubes"
"I want any $RANDOM_APP linked from some $MORE_RANDOM_WEBSITE to be automagically installed in my browser (which I also use for banking, ferchrissake) and to take over my life from then on"
Well, duh.
Now, don't take me wrong. This sounds a lot like "blaming the victim". While *I* do avoid many of the behaviours mentioned above, I'm painfully aware that I'm well whithin reach of a well-mounted social engineering attack of a determined and average-skilled attacker.
What I wanted to say is that we have a problem which won't go away just by wildly patching things right and left. Some part of the solution will have to be user education, and we are doing particularly badly in this deparment, in part due to Microsoft's and Apple's mantra of "our computers are so easy any idiot can use them".
It its not a 'Flaw' its a feature.
Did the bug somehow prevent NATO, Ukraine, EU and others from spying on Russia?
Bill [Gates] also said 640k should be enough memory for anyone (I have the audio recording!)
Really? Please could you give a link to that. People have argued over and over whether he really said that. He denies it himself, so it would be very interesting if a recording exists and can be made public.
1) "So where did the "five year" timeline come from?"
Some Sandworm attacks also use five older vulnerabilities that have already been patched. The exploits are used to install various versions of BlackEnergy, a malicious tool used by cybercriminals. The tool gained notoriety in 2008 when botnets infected with the malware were used to launch denial-of-service attacks against systems in Georgia during a standoff between that country and Russia.
2) "wishy washy explanation from ISight's John Hullquist on his claim about the hackers being Russian"
Hulquist said he believed they were supported by a nation state because they were engaging in espionage, not cyber crime.
crime can be anyone, espionage is reserved for a very select set of parties. it's a mere matter of deduction but feel free to believe what you wish, just stop posting it.
Anons need not reply. Questions end with a question mark.
Put your computers in a locked room.
Do not attach your computers to an external network.
If you don't trust your employers, don't attach your computers to any network.
Lock the door to the computer room and allow no one but trusted individuals entry.
Lock the door.
We knew this in 1975 when I worked at Burroughs. We knew this in 1973 when I was in charge of changing the paper tapes used for batch printing. Why don't we seem to know this today?
Article fails to mention that Kaspersky anti-virus maker themselves has been linked to Russian state security services and computers using Kaspersky may contain back doors accessible to FSB.
You know that they've been all in there for even longer than the "Russian hackers", but it's convenient to not mention them when trying to demonize Russia.
What's the news about this? It's not like the US hasn't used the same leaks, or any other country...
...work nicely for {NSA, GCHQ, BND, FAPSI, Unit 8200, Nork Long-Range Reconnaissance Division, Russkie Mafia}.
..what's your hourly rate at Burson-MarsTeller ? I might join you.
Please write to me at Slimebag762111@hotmail.com
NSA has to make sure U.S. computers dont have those bugs, but the rest of the world will get the exploitable version. THAT is probably what they did. Too bad anyone trusts Americans.
Time to ban this crap from computers.
Blimey, get with the times!
22 years ago at school we were all using Object Packager in Windows 3.1 to smuggle in arbitary EXEs - long before any of this current hoo-ha erupted. Of course, we were more concerned with smuggling in games rather than using it for spying...
The only surprising thing is that it's taken them over 22 years to realise that yes, allowing random EXEs to be packaged up isn't really a good idea!
> If you see a huge flashing "It's a trap!" sign [...]
In a way, you are right. Then, you ain't. It's a matter of perception. You (and me) might see the flashing and the red button, others just see a Powerpoint presentation from some "interesting source" which just wants to download this tiny thing to work properly.
We've been acclimatized to downloading & executing stuff from random locations (Javascript, anyone?). I do browse with no Javascript (tho the usual browsers make it more and more difficult to switch it of, yikes), but I'm sure that a determined hacker can mout something which deceives me too.
Now -- how do we solve this conundrum? I don't know. But one part will be user education. Another would be (keep on dreaming, hah) MUCH less "active content" out there, so that browsing is (most of the time) feasible without executing random stuff downloaded from The Tubes. But as long as The Tubes are fueled by the advertisment industry, and as long as ads resemble more and more advanced malware there'll be a financial incentive in keeping people gullible and their systems vulnerable.
Like diversity at the CIA they consider this a success...
Don't hold your breath. This guy knows he does not have an audio recording, I have googled high and low, and all you can find is the quote, which Bill Gates denies. Furthermore, MS was never in a position to dictate the memory on the system, that was decided by IBM who decided to use a 16-bit intel chip which is inherently restricted to 1024KB (640K for programs, 384K for VRAM and BIOS functions). It's merely propaganda, blaming IBM isn't Politically correct since they are now linux backers.
"...I think the Microsoft hatred is a disease." - Linus Torvalds
Doesn't even list hostnames or even IP addresses of the Sandworm C&C's, no matter how deep you dig into it and its source articles. That's totally substandard bullshit and useless.
Well, yes, the way in which I was right was the context of user education, which is the topic of the post to which I was replying. My point was that user education only works for users willing to be educated, and those users, by and far, don't need to be taught, because, like you and me, they've already taken the time to learn. In short, anyone who has these problems repeatedly has not only refused to ask how to prevent them, they've also refused to listen when told.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
An undocumented ability to spy on NATO countries? Sounds to me like a feature, not a bug.
Correction: spy back on NATO countries. I'm living in one of the snoopiest.
There's no time like the present. Well, the past used to be.