Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

UCAM-CL-TR-746: The snooping dragon: social-malware surveillance of the Tibetan movement

0 views
Skip to first unread message

tech-r...@cl.cam.ac.uk

unread,
Mar 28, 2009, 6:26:20 PM3/28/09
to
Publication announcement:

The snooping dragon: social-malware surveillance of the Tibetan
movement

Shishir Nagaraja, Ross Anderson

Technical report UCAM-CL-TR-746, University of Cambridge,
Computer Laboratory, March 2009, 12 pages.

This document is now available at

http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-746.html

Abstract:

In this note we document a case of malware-based electronic surveillance
of a political organisation by the agents of a nation state. While
malware attacks are not new, two aspects of this case make it worth
serious study. First, it was a targeted surveillance attack designed to
collect actionable intelligence for use by the police and security
services of a repressive state, with potentially fatal consequences for
those exposed. Second, the modus operandi combined social phishing with
high-grade malware. This combination of well-written malware with
well-designed email lures, which we call social malware, is
devastatingly effective. Few organisations outside the defence and
intelligence sector could withstand such an attack, and although this
particular case involved the agents of a major power, the attack could
in fact have been mounted by a capable motivated individual. This report
is therefore of importance not just to companies who may attract the
attention of government agencies, but to all organisations. As
social-malware attacks spread, they are bound to target people such as
accounts-payable and payroll staff who use computers to make payments.
Prevention will be hard. The traditional defence against social malware
in government agencies involves expensive and intrusive measures that
range from mandatory access controls to tiresome operational security
procedures. These will not be sustainable in the economy as a whole.
Evolving practical low-cost defences against social-malware attacks will
be a real challenge.

--
University of Cambridge, Computer Laboratory,
Technical Reports (ISSN 1476-2986)
http://www.cl.cam.ac.uk/techreports/

0 new messages