Even though James Bond’s latest saga, called Spectre, is set for release later this year, the world’s most well-known secret agent might have to retire soon. Secret services are rapidly changing and those agents who used to sabotage infrastructures, steal documents, seduce high-ranking officials or deploy secret microphones are no longer needed.
The written and broadcast media talk every day about armed conflicts around the globe, thanks to public announcements of some kind or other. This is how the public get to know about how what’s going on in the world, along with media’s reports that are based on information sent by insider sources, who are basically officials that strategically provide filtered and oriented information.
However, with the rise of electronic communications over the last 20 years or so, the classic spying techniques used by secret services are rapidly changing because states and private organisations have been investing heavily in something called cyber warfare, far away from the prying eyes of the media. This has led to a drastic rise in cyberattacks that rarely get noticed by the media, no matter how massive they are, except if some official calls them up to share some information.
There has been a massive and well-coordinated attack that recently took place in some unusual places… hotels. At this point, you might wonder if these hotels were located in some war area or conflict zone. Nope, the attacks took place in some very luxury hotels in Switzerland, as well as elsewhere. This staggering information came from a specialised company called Kaspersky, one of the world’s top security vendors, who identified a brand new malware that they identified within their systems (as they got infected too). They called the malware Duqu 2.0, as some of it looked like something they had discovered in 2011. It is composed of 19 modules and its intentions are mostly unknown.
No matter what these modules were supposed to do, the malware’s authors noticed that they had got caught and within hours started deleting everything, leaving Kaspersky sceptical about their chances of discovering what exactly Duqu 2.0 was capable of. Whatever it was able or supposed to do, the malware had multiple targets across the world, but almost all of them were related to Iran’s nuclear program. In particular, every hotel that hosted the negotiations got attacked up to 3 weeks before the meeting and was infected while the negotiations occurred.
Now, due to the attack’s sophistication and the amount of modules that were deployed, it is unlikely that the people behind this manoeuvre were just looking to snoop on or hijack communications. But this attack was no doubt launched by a state that wasn’t invited to the negotiations or, alternatively, one that was part of the meeting, but wanted to know what everyone was saying outside of the main negotiations table.
In the olden days, states would have sent their best agents, including James Bond, on site and around the area to spy with long-range microphones and copy sensitive documents, thanks to micro cameras, as well as sneak into rooms and compromise devices like computers and hijack the internal telephone system of the hotel, and listen to any conversations over the phone.
But those were the olden days. Nowadays, all you need is a bunch of 10 to 20 highly qualified hackers sat thousands of miles was from the location but are able to get access to everything connected to a network. That means the attackers got to know everyone who was meeting there, as they probably hacked the hotel’s booking system, which meant they were able to see all of the devices, from computers to smartphones connected to the hotel’s networks. They then, most likely, infected the most interesting ones. Beside these “common” tasks, they might also have been able to hack the hotel’s phone system and not only hear what people might say over the phone… As those systems work over IP and are equipped with an operating system (no matter what vendor they use), they can be hacked too. This means that theoretically, nothing can stop it if you have the right guys on your team. Any phone or video conferencing system can be turned on silently, and the built-in microphone and camera will eventually transmit everything they catch without anyone in the room noticing it.
This is not science fiction as everything described was done on computers and the other strategic elements of a network. Cyber warfare is a reality and this example is probably only the tip of the iceberg as the malware only got discovered by chance. At the moment, as negotiations are ongoing with Iran, the people behind Duqu are probably left with no idea of what’s going on. However, that doesn’t mean it is time to send 007 and his fellow in again. It just means that cyber warriors are hard at work, trying to get a plan B or even a Duqu 3.0 in place.
And as for you, how is your sensitive electronic information protected? Do you have the right tools to ensure that you have a secure conversation with your employees or partners?