Activists are now targeted with Facebook phishing! Facebook has been a popular place for Syrian Internet activists to share their opposition to the Assad regime ever since the site was unblocked by the Syrian government in early 2011. Electronic Frontier Foundation (EFF) points out that while some interpreted the Assad regime's decision to allow access to Facebook as a positive sign, others feared that the government had made Facebook available for the purpose of entrapping Syrian activists.
In the past month, EFF has reported on several instances of pro-Syrian-government hackers targeting Syrian Internet activists using malware spread through chats and emails, as well as updates downloaded from a fake YouTube site. Most recently, we've seen reports from Syrian opposition networking specialists of a phishing attack aimed at Syrian activists, spread primarily on pro-revolution forums on Facebook.
Screenshots show the phishing link accompanied by the following text in Arabic: Urgent. The thug Sharif Shihada was arrested by the Free Army. Captured by Ahrar Al Qlamoun battalion... please spread the video of him denouncing the Syrian Regime... Allahu Akbar, victory to our revolution and Free Army.
Governments and gangs realize malware is much cheaper than mainstream warfare. Malware, short for malicious software, consists of programming designed to disrupt operation, gather information that leads to loss of privacy or exploitation, gain unauthorized access to system resources, and other abusive behavior. Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, scareware, crimeware, rootkits, and other malicious and unwanted software or program. In law, malware is sometimes known as computer contaminant.
A computer virus is a computer program that can copy itself and infect a computer. A virus can spread from one computer to another. Viruses can increase their chances of spreading to other computers by infecting files. In order to replicate itself, a virus must be permitted to execute code and write to memory. For this reason, many viruses attach themselves to executable files that may be part of legitimate programs. If a user attempts to launch an infected program, the virus' code may be executed simultaneously.
The more sophisticated a virus is, the more exciting it is to crack its algorithm. There's a little professional respect involved, too. But it has nothing to do with enthusiasm. Every virus is a crime. A cyber war can't be won; it only has perpetrators and victims. Out there, all we can do is prevent everything from spinning out of control.
Based on the number of programmed viruses, Russia is in third place behind China and Latin America. Russians are also among the most sophisticated and advanced players in criminal cyber activity. These days, they invent viruses and complex Trojan programs on demand. They launder money through the Internet. However, the largest number of harmful programs are written in Chinese. This means that they can be coming directly from the People's Republic, but also from Singapore, Malaysia and even California, where there are Mandarin-speaking hackers.
In general, the crime level in India is low. It's probably a matter of the mentality. India and China have roughly the same population, the same computer density, a similar standard of living and similar religious roots. But China spits out viruses like they were coming off an assembly line.
Americans are now openly saying that they would respond to a large-scale, destructive Internet attack with a classic military strike. But what will they do if the cyber attack is launched against the United States from within their own country? Everything depends on computers these days: the energy supply, airplanes, trains. The Net has become a war zone, a platform for professional attacks on critical infrastructure.
Governments are behind many of the virus attacks! Russian spammers directed special computer networks known as botnets against Estonia. It became the prototype of a belligerent cyber attack on a country. The attackers didn't just cripple government websites; they also sent so many spam e-mails that the entire Internet channel to Estonia quickly collapsed. The country was cut off from the world. The banking system, trade, transportation, everything ground to a halt. Stuxnet, a computer virus developed by Israeli Intelligence, can infiltrate highly secure computers.
Stuxnet entered the global political arena in June 2010. The virus had attacked computers at Iran's Natanz nuclear facility, where scientists are enriching uranium, and manipulated the centrifuges to make them self-destruct. It is a digital bunker buster. The virus represents a fundamentally new addition to the arsenal of modern warfare. It enables a military attack using a computer program tailored to a specific target.
Internet security firms have raised the specter of a new round of cyber warfare with the detection of the Duqu virus, a relative of last Stuxnet. Duqu's detection comes amid growing talk in Europe about launching pre-emptive strikes to stop cyber attacks before they happen. But the nature of malware like Duqu and Stuxnet make pre-emptive strikes unrealistic.
The problem is you can't really say where they come from. You need evidence about who is behind an attack before you can strike preemptively, but you can never be sure. You can't attack infrastructure, or even send in a stealth bomber, because any information about a location could be a red herring.
Duqu is not spreading like Stuxnet. Duqu was carefully placed and can be controlled remotely. Duqu has been used to target only a limited number of organizations for the specific assets. Its warhead is not aimed at the technology industry. Duqu is being used to steal information; it's industrial espionage.
Malware makers can hide their tracks using spoofing, VPNs, proxy services, and other means to make it look like they are based in any number of countries - when in truth they are somewhere completely different.