preview

Waterbug Attack Essay

Decent Essays

If I were a CIO one of the topics I feel would be worth the while to take notice to would be the targeted attacks. Waterbug is a cyberespionage bunch that uses complex malware to efficiently target government-related elements in a scope of nations. The groups’ approach focuses on spear-phishing and watering-hole attack crusades to target casualties. It’s a technique that has been adopted by cyberespionage attackers also ("Internet Security Threat Report," 2015). It’s designed to provide long-term persistent monitoring, which can be used to exfiltrate data and provide powerful spying capabilities. Waterbug used a zero-day exploit against the Microsoft Windows Kernel ‘NDProxy.sys’ Local Privilege Escalation Vulnerability (CVE-2013-5065), targeted emails, stolen certificates, and a sophisticated watering-hole distribution network known as Venom to compromise its victims ("Waterbug attack group," 2015).

The exploitation is made possible by infecting hardware with a back door Trojan. It then strategically targets would-be victims by sending spear-phishing campaign via emails. It may seem no different than regular spear-phishing techniques, however, once the victim has been “speared” Trojan …show more content…

The first is a keyed Logic Built-In Self-Test (LBIST), One possibility to mitigate the dopant-level Trojans is to make the initial state of the Pseudo-Random Pattern Generator (PRPG) dependant on a configurable key. The PRPG needs to be adapted to generate test patterns based on an initialization value, which is derived from the key. Another way to mitigate the dopant-level Trojans is to modify LBIST so that it uses a different set of test patterns at each test cycle by using a centralized remote test management system, which monitors all end-point devices in the same network ("Two Countermeasures Against Hardware Trojans Exploiting Non-Zero Aliasing Probability of BIST,"

Get Access