Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
5Activity
0 of .
Results for:
No results containing your search query
P. 1
The snooping dragon: social-malware surveillance of the Tibetan movement

The snooping dragon: social-malware surveillance of the Tibetan movement

Ratings: (0)|Views: 305|Likes:
Published by Natch Greyes
In this note we document a case of malware-based electronic surveillance of a political organisation by the agents of a nation state. While malware attacks are not new, two aspects of this case make it worth serious study. First, it was a targeted surveillance attack designed to collect actionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed. Second, the modus operandi combined social phishing with high-grade malware. This combination of well-written malware with well-designed email lures, which we call social malware, is devastatingly eective. Few organisations outside the defence and intelligence sector could withstand such an attack, and although this particular case involved the agents of a major power, the attack could in fact have been mounted by a capable motivated individual. This report is therefore of importance not just to companies who may attract the attention of government
agencies, but to all organisations. As social-malware attacks spread, they are bound
to target people such as accounts-payable and payroll staff who use computers to
make payments. Prevention will be hard. The traditional defence against social malware in government agencies involves expensive and intrusive measures that range from mandatory access controls to tiresome operational security procedures. These will not be sustainable in the economy as a whole. Evolving practical low-cost defences against social-malware attacks will be a real challenge.
In this note we document a case of malware-based electronic surveillance of a political organisation by the agents of a nation state. While malware attacks are not new, two aspects of this case make it worth serious study. First, it was a targeted surveillance attack designed to collect actionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed. Second, the modus operandi combined social phishing with high-grade malware. This combination of well-written malware with well-designed email lures, which we call social malware, is devastatingly eective. Few organisations outside the defence and intelligence sector could withstand such an attack, and although this particular case involved the agents of a major power, the attack could in fact have been mounted by a capable motivated individual. This report is therefore of importance not just to companies who may attract the attention of government
agencies, but to all organisations. As social-malware attacks spread, they are bound
to target people such as accounts-payable and payroll staff who use computers to
make payments. Prevention will be hard. The traditional defence against social malware in government agencies involves expensive and intrusive measures that range from mandatory access controls to tiresome operational security procedures. These will not be sustainable in the economy as a whole. Evolving practical low-cost defences against social-malware attacks will be a real challenge.

More info:

Published by: Natch Greyes on Mar 30, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

05/10/2014

pdf

text

original

 
Technical Report 
Number 746
Computer Laboratory
UCAM-CL-TR-746ISSN 1476-2986
The snooping dragon:social-malware surveillanceof the Tibetan movement
Shishir Nagaraja, Ross Anderson
March 2009
15 JJ Thomson AvenueCambridge CB3 0FDUnited Kingdomphone +44 1223 763500
http://www.cl.cam.ac.uk/ 
 
c
2009 Shishir Nagaraja, Ross AndersonThis material is based in part upon work supported by theU.S. Department of Homeland Security under Grant AwardNumber 2006-CS-001-000001, under the auspices of theInstitute for Information Infrastructure Protection (I3P)research program. The I3P is managed by DartmouthCollege. The views and conclusions contained in thisdocument are those of the authors and should not beinterpreted as necessarily representing the official policies,either expressed or implied, of the U.S. Department of Homeland Security, the I3P, or Dartmouth College.Technical reports published by the University of CambridgeComputer Laboratory are freely available via the Internet:
http://www.cl.cam.ac.uk/techreports/ 
ISSN 1476-2986
 
The snooping dragon: social-malwaresurveillance of the Tibetan movement
Shishir NagarajaInformation Trust InstituteUniversity of Illinois at Urbana-Champaign
sn275@iti.uiuc.edu
Ross AndersonCambridge UniversityComputer Laboratory
Ross.Anderson@cl.cam.ac.uk
Abstract
In this note we document a case of malware-based electronic surveillance of apolitical organisation by the agents of a nation state. While malware attacks are notnew, two aspects of this case make it worth serious study. First, it was a targetedsurveillance attack designed to collect actionable intelligence for use by the policeand security services of a repressive state, with potentially fatal consequences forthose exposed. Second, the modus operandi combined social phishing with high-grade malware. This combination of well-written malware with well-designed emaillures, which we call
social malware
, is devastatingly effective. Few organisationsoutside the defence and intelligence sector could withstand such an attack, and al-though this particular case involved the agents of a major power, the attack could infact have been mounted by a capable motivated individual. This report is thereforeof importance not just to companies who may attract the attention of governmentagencies, but to all organisations. As social-malware attacks spread, they are boundto target people such as accounts-payable and payroll staff who use computers tomake payments. Prevention will be hard. The traditional defence against socialmalware in government agencies involves expensive and intrusive measures thatrange from mandatory access controls to tiresome operational security procedures.These will not be sustainable in the economy as a whole. Evolving practical low-costdefences against social-malware attacks will be a real challenge.
3

Activity (5)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
Xiam Nguyen liked this
Mohd Zeremy liked this
mathpalsonu liked this

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->