Cyber security firms have discovered a computer virus that uses servicemembers’ network security cards to hack into government networks.

How does it work? servicemembers receive an email with an official-looking PDF file connected to the virus that allows it to record keystrokes, said Jaime Blasco, lab manager for Alien Vault, a California-based cyber security firm. The virus then collects a service member’s personal identification number associated with a Common Access Card when he logs into a government computer.

“The hackers can get in pretty easily with this virus and do whatever they want on a government computer while a soldier just works on his computer,” Blasco said in a phone interview from his office in Spain.

Blasco said he suspects the cyber attack originates from China because of the Chinese characters found within the virus’ coding.

“Since we started tracing it … we found software that’s only really used in China,” Blasco said. “We’re 99 percent sure this attack is coming from China. Not 100 percent sure, but we’re pretty sure.”

The Defense Department is aware of the virus strain called “Sykipot,” according to multiple news reports. Pentagon officials didn’t respond to a request for comment.
Blasco said he has spoken to cyber-experts working for the U.S. government about the virus strain.

“They know about it and are working on it,” Blasco said.

Alien Vault has tracked the virus for three months. Blasco said he’s not sure what sort of information the hackers have targeted.

The military is not the sole target. The virus could have hit other U.S. government agencies such as the State Department.

The only way to protect against Sykipot is to train servicemembers not to open the PDF attachment. Hackers often disguise their poisoned email attachments as government documents, Blasco said.

Called “CAC cards” by servicemembers, the CAC doubles as an identification card for servicemembers and most contractors. A computer chip is embedded into the card that also contains the owner’s photo.

servicemembers must insert their CAC in order to log onto government computers. servicemembers use their CAC to access the military’s secret and top-secret cyber networks.

Cyber officials say the CAC system is more secure than one that uses only passwords. However, a report published last year by the cyber security firm Maniant documented multiple cyber attacks in which hackers targeted identification card systems.

Defense Secretary Leon Panetta and other senior DoD officials have called cyber attacks one of the greatest threats to national security, and an arena in which the U.S. military is the farthest behind.

Panetta has implored Congress to increase funding to improve research and development for cyber weapons, even as other areas in the defense budget shrink or grow at a reduced rate.

 

Articolul original: aici

Tags: