Indictments Against Chinese, Blackshades Ring a Bold Move by DOJ

By Wayne Rash  |  Posted 2014-05-19 Print this article Print

The moves by the DOJ are likely to have repercussions, however. China is already complaining of spying by the United States, some of it in response to revelations by Edward Snowden and the Foreign Ministry has announced that it's suspending participation in a cyber-security working group set up with the United States last year. It's also likely that the Chinese government will level charges against some U.S. officials for spying on China.

One difference so far is that U.S. cyber-security experts say they already have conclusive evidence of China's break-ins. Those experts, including some at victimized companies, have been able to trace the hackers back to their source, and identify the specific computers and the specific users involved. At one point, the Chinese hackers tried to eliminate evidence of their activities, but were caught in the act.

The action in Europe caught the hackers by surprise. Reportedly, the FBI had quietly penetrated the servers in Europe where the BlackShades malware was stored for download, then effectively took over the servers. Then, the investigators recorded the details of everyone who had purchased the malware to distribute it to victims' computers. All that remained for the FBI and the European intelligence agencies it was working with to do was to wait until the software was used and then nab them.

A few of those arrested were able to get warnings out, but by the time that happened, the law-enforcement and intelligence agencies already had the evidence they needed and had tracked down the suspects, so the warnings were too late.

The BlackShades malware was distributed as commercial software. The developers employed a number of administrators, a director of marketing and even customer service staff. The result was a commercial packaged malware product designed to be used by anyone.

According to FBI Special Agent Leo Taddeo in the New York field office, "To borrow a phrase from a popular advertising campaign, BlackShades made taking over a computer so easy even a caveman could do it." Taddeo made his comments at the press conference announcing the BlackShades arrests.

The problem with commercial quality malware such as BlackShades coupled with state-sponsored hacking from countries like China is that it raises the overall threat level significantly. There was a time when breaking into computers required at least some skill and a lot of effort. Now that's not the case.

Pretty much anyone—or any country—can put together the tools necessary to break into commercial targets and steal information that can assist in crime or cyber-warfare. Now, sophisticated attacks can come from anywhere and will be harder to fight off than ever.



Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel