Chinese hackers have deployed a new cyber weapon that is aimed at the Defense Department, the Department of Homeland Security, the State Department and potentially a number of other United States government agencies and businesses, security researchers say.
Researchers at AlienVault, a Campbell, Calif., security company, said on Thursday that they had uncovered a new variant of some malicious software called Sykipot that targets smart cards used by government employees to access restricted servers and networks. Traces of Sykipot malware have been found in cyberattacks dating back to 2006, but AlienVault’s researchers say this is the first time Sykipot has compromised smart cards.
The government uses smart cards to supplement employee passwords, which have proven easy to crack. By cracking smart cards, hackers eliminate the final hurdle between themselves and some of the government’s most sensitive information. Mandiant, a security firm, first outlined smart card weaknesses in a January 2011 report and said it had investigated several attacks in which hackers used smart cards to crack into companies. The latest Sykipot strain offers a look at how hackers are compromising smart cards and indicates who they are after.
via The New York Times, continued here.