• Contact Us
  • Login
Upgrade
Tech News Hero
Advertisement
  • Home
  • News
  • Gadgets
  • Social
  • Gaming
  • Mobile
  • PC
  • Internet
  • Security
  • Apps
No Result
View All Result
  • Home
  • News
  • Gadgets
  • Social
  • Gaming
  • Mobile
  • PC
  • Internet
  • Security
  • Apps
No Result
View All Result
Tech News Hero
No Result
View All Result
Home Security

This Map Shows the Global Spread of Zero-Day Hacking Techniques

by technewshero
April 7, 2020
in Security
0
Share on FacebookShare on Twitter

So-called zero-day exploits—hacking techniques that take advantage of secret software flaws—were once the calling card of only the most sophisticated hackers. But today, the global map of zero-day hacking has expanded far beyond the United States, Russia, and China, as more countries than ever buy themselves a spot on it.

The security and intelligence firm FireEye today released a sweeping analysis of how zero-days have been exploited worldwide over the past seven years, drawing in data from other research organizations’ reporting as well as Google Project Zero’s database of active zero-days. FireEye was able to link the use of 55 of those secret hacking techniques to state-sponsored operations, going so far as to name which country’s government it believes to be responsible in each case.

The resulting map and timeline, with a tally of which countries have used the most zero-days over the past decade, are far from comprehensive. Countries like the US almost certainly have used zero-days that remain undetected, FireEye acknowledges, and many others couldn’t be pinned with certainty on any particular country. But it does show how the collection of countries using those hacking techniques now includes less expected players like the United Arab Emirates and Uzbekistan.

That proliferation, FireEye argues, is due at least in part to a rising industry of hackers-for-hire that develop zero-day tools and sell them to intelligence agencies around the world. Any nation with money can buy, rather than build, relatively sophisticated hacking abilities. “Since about 2017 the field has really diversified. We think that this is at least partially due to the role of vendors offering offensive cyberthreat capabilities,” says Kelli Vanderlee, the manager of FireEye’s Intelligence Analysis group. “The biggest barrier between an attacker and a zero-day is not skill, but cash.”

Specifically, FireEye points to NSO Group, Gamma Group, and Hacking Team as the sort of contractors that have enabled a new cadre of countries to buy their way into the zero-day hacking field. NSO Group’s zero-days, for instance, have shown up in the hands of espionage-focused hacking groups believed to be associated with the United Arab Emirates, like Stealth Falcon and FruityArmor. Three of those same NSO-linked zero-days were also used by a group called SandCat, associated with Uzbekistan’s intelligence agency known as the SSS. (The notoriously repressive SSS proved to be so inexperienced that agents installed Kaspersky antivirus on some of the same machines they used for malware development, exposing their own operations.)

From 2012 to 2015, by contrast, FireEye tied all but three of the 26 zero-days it could attribute to Russia and China. The firm linked North Korea, France, and Israel to one other zero-day apiece during that time period.

As smaller players gain more access to zero-day exploits, the top-tier cyberpowers are actually using fewer of them, FireEye’s analysis seems to show. Its timeline lists only two zero-days associated with China in the past two years and none linked to Russia. FireEye’s Vanderlee argues that China and Russia have largely opted to use other techniques in their hacking operation that are often more efficient and deniable: phishing and commodity hacking tools, stolen credentials, and other “living off the land” tactics that abuse existing features to move through victim networks, and so-called “one-day” exploits. Sophisticated hackers can often reverse engineer software updates to quickly develop attacks before the fixes are widespread. It’s a less expensive and time-consuming process than searching out vulnerabilities from scratch.

“Within hours of disclosure of a vulnerability, they’re able to create an exploit and use it,” Vanderlee says. “Waiting for vulnerabilities to be disclosed like this might be a more-bang-for-your-buck strategy for these actors, because they don’t have to put in the resources to find a zero-day by sifting through software code.”

Previous Post

5 Photo Apps to Save Your Memories in the Cloud for Free

Next Post

This Leather Holder Keeps Your Keys Snug as a Bug

technewshero

technewshero

Related Posts

2020 Shows the Danger of a Decapitated Cyber Regime
Security

2020 Shows the Danger of a Decapitated Cyber Regime

by technewshero
January 13, 2021
A ‘Bulletproof’ Criminal VPN Was Taken Down in a Global Sting
Security

A ‘Bulletproof’ Criminal VPN Was Taken Down in a Global Sting

by technewshero
January 14, 2021
The Worst Hacks of 2020, a Surreal Pandemic Year
Security

The Worst Hacks of 2020, a Surreal Pandemic Year

by technewshero
January 15, 2021
Security

How Your Digital Trails Wind Up in the Police’s Hands

by technewshero
December 31, 2020
How to Understand the Russia Hack Fallout
Security

How to Understand the Russia Hack Fallout

by technewshero
December 22, 2020
Next Post

This Leather Holder Keeps Your Keys Snug as a Bug

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Most Popular

Corsair takes on the popular Logitech G305 with the $40 Katar Pro wireless gaming mouse

Corsair takes on the popular Logitech G305 with the $40 Katar Pro wireless gaming mouse

January 15, 2021

Bidet startup Tushy scales up to meet demand amid toilet paper shortage – TechNewHero

April 7, 2020
It’s Time to Stop Sharing Your Passwords With Your Partner

It’s Time to Stop Sharing Your Passwords With Your Partner

December 13, 2020

Browse by Category

  • Apps
  • Gadgets
  • Gaming
  • Internet
  • Mobile
  • News
  • PC & Laptops
  • Security
  • Social
Tech News Hero

© 2020 Tech News Hero.

No Result
View All Result
  • Home
  • Landing Page
  • Buy JNews
  • Support Forum
  • Contact Us

© 2020 Tech News Hero.

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?