Cybersecurity: Crime and Espionage

Project Sauron

By Paul Rosenzweig
Wednesday, August 10, 2016, 11:31 AM

Sauron malware code

I'm sure that co-bloggers will give you all the technical details, but for now it is worth noting that a new malware program known as "Project Sauron" has been discovered. The program is incredibly sophisticated, was undetected for five years, and may well have been developed by a nation state. According to Kaspersky: "The threat actor behind ProjectSauron commands a top-of-the-top modular cyber-espionage platform in terms of technical sophistication, designed to enable long-term campaigns through stealthy survival mechanisms coupled with multiple exfiltration methods. Technical details show how attackers learned from other extremely advanced actors in order to avoid repeating their mistakes. As such, all artifacts are customized per given target, reducing their value as indicators of compromise for any other victim."

Principal targets seemed to have been government and military systems in Russia, Iran and (oddly enough) Rwanda. I think some folks at NSA-TAO are a bit disappointed today.