International Cyber Terrorism
International Cyber Terrorism
International Cyber Terrorism
- No tags were found...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
of the cyber-collection agent in order to ensure that detection in one location will<br />
not compromise others.<br />
• Bypass Encryption: Because the malware agent operates on the target system<br />
with all the access and rights of the user account of the target or system<br />
administrator, encryption is bypassed. For example, interception of audio using<br />
the microphone and audio output devices enables the malware to capture to both<br />
sides of an encrypted Skype call.<br />
• Exfiltration: <strong>Cyber</strong>-collection agents usually exfiltrate the captured data in a<br />
discrete manner, often waiting for high web traffic and disguising the<br />
transmission as secure web browsing. USB flash drives have been used to<br />
exfiltrate information from air gap protected systems. Exfiltration systems often<br />
involve the use of reverse proxy systems that anonymize the receiver of the data.<br />
• Replicate: Agents may replicate themselves onto other media or systems, for<br />
example an agent may infect files on a writable network share or install<br />
themselves onto USB drives in order to infect computers protected by an air<br />
gap or otherwise not on the same network.<br />
• Manipulate Files and File Maintenance: Malware can be used to erase traces of<br />
itself from log files. It can also download and install modules or updates as well<br />
as data files. This function may also be used to place "evidence" on the target<br />
Page 69 of 174