web analytics

Whose line of attack is it anyway? Cyber-assault whodunnits harder than ever to solve

Sophisticated groups not always so easy to pick out

 
By Shaun Nichols in San Francisco 4 Oct 2018
 

 

Government-backed spies and hackers are increasingly using commercially available malware – thanks to a flourishing market of off-the-shelf software nasties – making it harder for researchers to identify who exactly is behind a cyber-attack.

 

Traditionally, infosec bods have sought to pinpoint and unmask hacking crews by studying the malicious code they use, or domain names and IP addresses for the backend control servers, and so on. However, when groups within intelligence agencies use common and widely available toolkits, or launch attacks from each others’ networks, it’s hard to figure out who exactly is behind an intrusion, according to FireEye eggheads. It could be a nation state operation, it could be some criminals in a basement, or it could be a bored teenager, all using the same toolsets. As always, attribution is difficult.

 

Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software