Hacking Team Exploits Used By Chinese Cyber Attackers

reminiscences of a stock operator pdf

Italian cybersecurity firm Hacking Team recently suffered an attack in which serious security flaws were exposed.

Now it is believed that hackers linked to China used those security exploits to attack companies in the aerospace and defense, energy, telecommunications and healthcare sectors, writes James Griffiths for The South China Morning Post.

Hacking Team stockpiled security flaws

The hackers allegedly used tools which were stolen from Hacking Team, which sells surveillance software to authorities around the world.. The company lost 400 GB of data related to its core business of cyber security.

By maintaining a collection of flaws without informing the developers of affected programs, Hacking Team was vulnerable to an attack which would release knowledge of the security exploits to the wider hacking community.

In 2012 Reporters Without Borders called Hacking Team an “enemy of the internet” for selling surveillance tools to governments accused of human rights abuses. After it was hacked, many cybersecurity experts questioned why the company had not informed developers about the flaws.

The company stockpiled various so-called zero-day flaws, which had never been detected even by program developers. Their publication meant that hackers could use them to attack other targets.

Exploits used by hackers before developers could react

Security firm FireEye reports that it has noticed two Chinese hacking groups using Adobe Flash Player exploits.

“Zero-day exploits are extremely valuable to attack groups,” Bryce Boland, FireEye’s chief technology officer for Asia Pacific, told the South China Morning Post. “When we discover attackers using unknown exploits, we work with technology vendors to get them addressed quickly.”

He criticized the practice of stockpiling security flaws, saying that it “introduces a new risk that the exploits could be stolen and used by others.”

The hacking groups were able to carry out their attacks before Adobe issued a patch to fix the security flaw, which Hacking Team chief executive David Vincenzetti admitted to Italy’s La Stampa newspaper could be used by “terrorists [and] extortionists.”.

“Sufficient code was released to permit anyone to deploy the software against any target of their choice,” he said.

Although patches are expected to be released, there is no guarantee that everyone will download the updated versions. Users who continue to use older versions of software will still be at risk.

For exclusive info on hedge funds and the latest news from value investing world at only a few dollars a month check out ValueWalk Premium right here.

Multiple people interested? Check out our new corporate plan right here (We are currently offering a major discount)

About the Author

Brendan Byrne
While studying economics, Brendan found himself comfortably falling down the rabbit hole of restaurant work, ultimately opening a consulting business and working as a private wine buyer. On a whim, he moved to China, and in his first week following a triumphant pub quiz victory, he found himself bleeding on the floor based on his arrogance. The same man who put him there offered him a job lecturing for the University of Wales in various sister universities throughout the Middle Kingdom. While primarily lecturing in descriptive and comparative statistics, Brendan simultaneously earned an Msc in Banking and International Finance from the University of Wales-Bangor. He's presently doing something he hates, respecting French people. Well, two, his wife and her mother in the lovely town of Antigua, Guatemala. To contact Brendan or give him an exclusive, please contact him at [email protected]

Be the first to comment on "Hacking Team Exploits Used By Chinese Cyber Attackers"

Leave a comment