SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

A Disturbing Trend: Government Sponsored Malware

It is understandable that nations may undertake operations against other nations. This is believed to be the origin of StuxNet after all. What is more disturbing is when a government will use malware against its own citizens, as discoveredin the last couple of weeks in Germany. What is especially disturbing is this quote:

In one case, the trojan was installed on a suspect's laptop while he was passing through customs & immigration at the Munich International airport.

Think about the implications of this for a minute. If challenged, we're required to show proof that a computer is actually a working computer. That's understandable. But in this case an agent was able to access the laptop in a way that specifically allowed for the trojan to be installed. There are quite a few attack vectors but the simplest would be to have a USB flash drive with a potential exploit that isn't patched yet. You turn on the laptop, you are distracted by another agent, and the agent armed with the laptop inserts the USB drive, which launches the silent install, and then quickly unplugs the drive and the laptop is infected. Yes, it would mean finding an exploit in the OS, but if you're already a government investing in malware against your own citizens, why wouldn't you fund research/pay for an exploit? It all gets downright Orwellian.

The paranoid side of me says to fully encrypt the drives and ship the laptop ahead, but that's not always practical and not without its own set of issues. At this point I'm not sure what the right answer is. I don't like being paranoid, but I feel something like this abuses the public trust that government is supposed to maintain. Keep in mind we're not talking about North Korea or Iran here, we're talking about states within Germany. This is the equivalent of the same happening in Georgia, Colorado, or Washington.


K. Brian Kelley - Databases, Infrastructure, and Security

IT Security, MySQL, Perl, SQL Server, and Windows technologies.


No comments.

Leave a Comment

Please register or log in to leave a comment.