Zero-Day Exploit Enabled Cyber-Attack on U.S. Labor Department
In the latest incident of nation-state cyber-attacks, attackers slipped malware onto the agency's site, apparently aiming to compromise nuclear-energy officials from the Department of Energy.Hackers compromised the U.S. Department of Labor's Website this week, modifying pages about nuclear-related illnesses with malware that could compromise visitors' computers through a zero-day vulnerability in Internet Explorer 8, according to security experts. While security firms first released details of the attack on May 1, endpoint protection firm Invincea reported on May 3 that the malware served up by the Department of Labor's pages used an exploit for a previously unknown flaw in Internet Explorer 8. Victims’ systems which fell prey to the attack would be compromised with a variant of Poison Ivy, which is a malware type popular with Chinese hackers. In addition, the command-and-control traffic matches that seen in cases of espionage attributed to a Chinese attacker known as DeepPanda, according to security-management firm AlienVault. The attack follows reports of the theft of technology secrets, allegedly by Chinese agents, from Western defense firms. These recent attacks highlight the necessity for the U.S. government to address the issue of nation-state espionage, Anup Ghosh, founder and CEO at Invincea, told eWEEK.
"They are essentially stealing defense technology secrets right from under our noses; it's pretty brazen," he said. "At what point, do we as a nation, as a government, say enough is enough, that the red lines are being crossed here?"