Cyber weapons grow in 2013

2013-05-22 10:29
Kaspersky Lab does analysis of malware threats at its offices in Moscow. (Duncan Alfreds, News24)

Kaspersky Lab does analysis of malware threats at its offices in Moscow. (Duncan Alfreds, News24)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

Cape Town - Cyber spying and cyber weapons have dominated the threat landscape in the first three months of 2013, a report shows.

The report, prepared by security company Kaspersky Lab, found that new malware, dubbed MiniDuke was targeting government systems, using a zero day vulnerability in Adobe Reader.

A zero day vulnerability is a software flaw that is discovered by users outside of the organisation that developed the software and it is often used to exploit the applicaiton to gain access to the machine.

"MiniDuke's victims turned out to be government agencies located in Ukraine, Belgium, Portugal, Romania, the Czech Republic and Ireland, as well as a research organisation in Hungary, and a research institute, two scientific research centres and a medical facility in the US. In total, we detected 59 victims in 23 countries," Kaspersky said.

The company also fingered a Chinese hacker group for attacks as reported by Mandiant.


"Mandiant states that APT1 appears to be a division of the Chinese army. This is not the first time Beijing has been accused of complicity in cyber attacks against government agencies and organisations in other countries," said Kaspersky.

Beijing has consistently denied involvement in cyber attacks, but this has not stopped the US from accusing its largest trading partner by imports of targeted cyber attacks.

A People's Liberation Army researcher described the accusations in Pentagon report on the Chinese military as irresponsible and harmful to mutual trust between the sides.

The first hard evidence from Symantic emerged of an earlier version of the Stuxnet worm that caused havoc when it infiltrated Iran's nuclear programme.

"We're very confident that the Flame team shared some of their source code with the Stuxnet group," Roel Schouwenberg of Kaspersky said of the link between the two pieces of malware.

"Although this worm has been studied by numerous antivirus vendors, there are still lots of modules that have only been examined briefly, if at all. The study of Stuxnet version 0.5 has provided more information about this malicious programme in general," said Dennis Maslennikov, senior malware analyst at Kaspersky Lab.

Company attacks

"It's likely that we’ll find even more information in the future. The same can be said about the other cyber weapons detected after Stuxnet, as well as malware used in cyber espionage - there's a lot we still don't know," Maslennikov added.

Company attacks remained high on hackers' agenda in the period under review. Hackers have realised that corporations potentially represent a huge cash bonus if an attacks can succeed.

"Cyber criminals remain as interested as ever in hacking large companies and getting their hands on confidential data, including user information. In the first quarter of 2013 victims included Apple, Facebook, Twitter, and Evernote, among others," said Kaspersky.

Kaspersky said that it detected 20 000 mobile malware applications in the first three months of 2013, equivalent to half of all malware for 2012.

- Follow Duncan on Twitter
Read more on:    kaspersky lab  |  cybercrime

Join the conversation! encourages commentary submitted via MyNews24. Contributions of 200 words or more will be considered for publication.

We reserve editorial discretion to decide what will be published.
Read our comments policy for guidelines on contributions. publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
Comments have been closed for this article.

Inside News24


Book flights

Compare, Book, Fly

Traffic Alerts
There are new stories on the homepage. Click here to see them.


Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire network.


Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.

Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.