Schneier on Security
A blog covering security and security technology.
« Holding Computer Files Hostage |
| Eric Schmidt on Secrecy and Security »
May 31, 2005
Major Israeli Computer Espionage Case
This is a fascinating story of computer espionage.
Dozens of leading companies and top private investigators were named yesterday as suspects in a massive industrial espionage investigation that local police have been conducting for the past six months.
The companies suspected of commissioning the espionage, which was carried out by planting Trojan horse software in their competitors' computers, include the satellite television company Yes, which is suspected of spying on cable television company HOT; cell-phone companies Pelephone and Cellcom, suspected of spying on their mutual rival Partner; and Mayer, which imports Volvos and Hondas to Israel and is suspected of spying on Champion Motors, importer of Audis and Volkswagens. Spy programs were also located in the computers of major companies such as Strauss-Elite, Shekem Electric and the business daily Globes.
Read the whole story; it's filled with interesting details. To me, the most interesting is that even though the Trojan was installed on computers at dozens of Israel's top companies, it was discovered only because the Trojan writer also used it to spy after his ex-in-laws.
There's a lesson here for all computer criminals.
Edited to add: Much more information here.
Posted on May 31, 2005 at 7:17 AM
• 9 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
"Trojan horse software"
I like that the article actually used the proper phrase. Although it's technically and historically very incorrect, I often find people prefer to say "Trojan software" and, even more ironically, to warn us about "Trojans" or describe people as "Trojan writers".
"it was discovered only because the Trojan writer also used it to spy after his ex-in-laws."
Sort of. It was actually discovered because someone posted the contents of an unpublished book to the web. If I remember correctly, this is also how the T-Mobile case was discovered -- someone posted highly classified documents to the web.
"even anti-virus programs cannot detect Haephrati's malware, because each is unique"
Poor choice of words by the story writer. Anti-virus programs are more like the very first defence, to deter all the generic and well-known exploits, and certainly not something that could provide the last stand against someone with motive and opportunity.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.