Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Security Companies Team Up, Take Down Chinese Hacking Group
Newest First  |  Oldest First  |  Threaded View
Marilyn Cohodas
100%
0%
Marilyn Cohodas,
User Rank: Strategist
10/29/2014 | 11:47:55 AM
Re: We Have Arrived at Gibson's Dystopia
Point taken. We can't go full speed ahead and ignore the potential risks..
RetiredUser
50%
50%
RetiredUser,
User Rank: Ninja
10/29/2014 | 11:46:00 AM
Re: We Have Arrived at Gibson's Dystopia
Ah, but you'll note, @Marilyn Cohodas, that I also agree it's a step in the right direction and feel it's finally time we saw this happen - for clarification, what I'm getting at is: Now that we're here, what more can we do to prevent a good thing turning into a bad thing?  I'm that guy that wants to push and combat until the criminal elements are out of our electronic space, but caution and self-preservation are as important elements in this battle as the battle strategy itself :-)
Marilyn Cohodas
100%
0%
Marilyn Cohodas,
User Rank: Strategist
10/29/2014 | 8:44:44 AM
Re: We Have Arrived at Gibson's Dystopia
Must respecfully disagree, @Christian Bryant. I think it's a big step in the right direction to see competing security companies collaborate to take down a common adversary. Sure there is potential for abuse. Nothing is perfect. But the best way to defeat the attackers is for the defenders to work in concert against them.
RetiredUser
100%
0%
RetiredUser,
User Rank: Ninja
10/28/2014 | 7:49:06 PM
We Have Arrived at Gibson's Dystopia
Well, OK - maybe not to the extreme of William Gibson's novel Neuromancer, but I'm seeing the signs for sure.  Reading the Axiom report is interesting.  "Finally" is the word that comes to mind.  The report opens the Key Findings with the statement: 

"Axiom is responsible for directing highly sophisticated cyber espionage operations against numerous Fortune 500 companies, journalists, environmental groups, pro-democracy groups, software companies, academic institutions, and government agencies worldwide for at least the last six years. In our coordinated effort, we performed the first ever-private sponsored interdiction against a sophisticated state sponsored advanced threat group. Our efforts detected and cleaned 43,000 separate installations of Axiom tools, including 180 of their top tier implants."

Now, I don't read a ton of fiction - I'm happier with manuals and HOWTOS. But in reading this report, I can't help but wonder at what's next. Cyberwarfare is clearly here at the level of Nations and that is mildly disturbing. The fact that incredibly wealthy corporations have pulled together (like pseudo-governments) and (seemingly) taken the law into their own hands is either frightening or inspiring. I said "finally" earlier because I have always supported the idea of combative cyber security, though it is incredibly risky. But I am thinking of those who almost have to fight for themselves, the small business owner who stands to lose everything.

But here we have mega corporations re-defining the rules of cyber crime; sabotage and espianage are alive and well, reprisals are on the way. At what point before we are the recipients of computer technology pre-built with nasties at both at the hardware and software level? (And yes, for those who are catching on, I'm echoing James Turner from O'Reilly here.)

The report also notes:

"The breadth and scope of Axiom's operations served as motivation and justification for the approach adopted by the coalition of large scale data capture, analysis, and distribution of both data and analytical output to industry. In the intervening period, the coalition has received a substantial amount of information relating to the removal of these malware tools. To date, over 43,000 separate installations of Axiom-related tools have been removed from machines protected by Operation SMN partners, and 180 of those infections were examples of Hikit, the late-stage persistence and data exfiltration tool that represents the height of an Axiom victim's operational lifecycle."

Again, "finally" - the kind of language I like to read, but also again, how far?  It's similar to old-fashioned terrorism where we have to reach that point of "enough". but then the path we take to combat it may lead us down a dark road, and in some ways make the enemy stronger.

Maybe for now this is what we need.  But I am holding my breath a little for the backlash.  In the meantime, saddle up.  Tech just got a whole lot more serious, and we need to sharpen our skills all the more.

 

 


News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24259
PUBLISHED: 2021-05-05
The “Elementor Addon Elements� WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24260
PUBLISHED: 2021-05-05
The “Livemesh Addons for Elementor� WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24261
PUBLISHED: 2021-05-05
The “HT Mega – Absolute Addons for Elementor Page Builder� WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by ...
CVE-2021-24262
PUBLISHED: 2021-05-05
The “WooLentor – WooCommerce Elementor Addons + Builder� WordPress Plugin before 1.8.6 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-priv...
CVE-2021-24263
PUBLISHED: 2021-05-05
The “Elementor Addons – PowerPack Addons for Elementor� WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scriptin...