When we think of an “arms race” we usually think of advances in weaponry that cause death and destruction. It seems that there is a very different type of arms race underway that deals with bits and bytes instead of bombs and bullets. The security firm FireEye believes that an IE vulnerability has been recently exploited by a Chinese hacker group and that it has been the subject of much activity on a booming international “Cyber Arms” market.
Websites being hacked and companies being targeted by organized cyber criminals and foreign governments has becomes so common that it is scarcely news these days. It should not be surprising that a talented global cyber arms division has emerged,uncontrolled by governments. In most cases, the hackers goals are financial, like any other common criminal. However, when actual warfare is considered too destructive, digital war has become a popular fallback. Without having to be physically present in a country, a group of criminals or surrogates for a country can hack important website, steal valuable secrets and disrupt a country’s infrastructure.
Security firms have deduced that there are specialists whose only job is to build malware and distribute them. This reveals a trend of industrialized malware development and another find reveals, once the group takes control of a computer, it will be used as a host to further distribute it to more networks at the same time. One of the issue with regards to it is that, there are different roles played by multiple people which increases the efficiency of the malware that they develop. Named as the digital quartermaster, such teams play an integral role in changing the face of Internet security and forcing companies to take drastic measures to safeguard themselves. Besides, the team also works to change its codes every time so that antivirus software and other security tools can’t detect them.
Security firms are working together to curb illegal websites and hackers forming teams in the deep web. Earlier, the Silk website was shut down and now after discovering that a bigger industry exists behind malware, drastic steps are being taken. Majority of the attacks and trojans initiated by this group is an attempt to steal credentials. Internet security measures are now focused towards securing identities than money because when attacks hit the banking sector, they usually steal credit card information and bank details so as to deploy digital heists. It makes it much easier to hack users than going for the bank’s server to steal money. Intellectual property is at dire risk at them moment.