NATO, European governments, hit by "MiniDuke" cyber attack

Wed Feb 27, 2013 3:33pm EST
 

By Jim Finkle

SAN FRANCISCO (Reuters) - Hackers targeted dozens of computer systems at government agencies across Europe through a flaw in Adobe Systems Inc's software, security researchers said on Wednesday, while NATO said it too had been attacked.

The alliance said its systems had not been compromised, although it was sharing the details of the attack with NATO member states and remained vigilant. Security experts say governments and organizations such as NATO are attacked on a daily basis - although the sophistication varies wildly.

These particular attacks appeared both widespread and innovative, the private computer security firms announcing the discovery said, with one expert saying he believed a nation-state might be responsible.

Russia's Kaspersky Lab and Hungary's Laboratory of Cryptography and System Security, or CrySyS, said the targets of the campaign included government computers in the Czech Republic, Ireland, Portugal and Romania.

They also said a think tank, a research institute and a healthcare provider in the United States, a prominent research institute in Hungary and other entities in Belgium and Ukraine were among those targeted by the malicious software, which they have dubbed "MiniDuke".

The researchers suspect MiniDuke was designed for espionage, but were still trying to figure out the attack's ultimate goal.

"This is a unique, fresh and very different type of attack," said Kurt Baumgartner, a senior security researcher with Kaspersky Lab. "The technical indicators show this is a new type of threat actor that hasn't been reported on before."

He said he would not speculate on who the hackers might be.   Continued...

 
Attacking team members work to hack into a network during a drill at a Department of Homeland Security cyber security defense lab at the Idaho National Laboratory in Idaho Falls, Idaho, September 30, 2011. REUTERS/Jim Urquhart