Digital Espionage in the Middle East

Kaspersky lab announced the discovery of new sophisticated malware targeting Middle East. The new malware is called “Gauss” and infected over 1660 machines in Lebanon alone. Kaspersky reported that this new malware developed around 2011to 2012 and was distributed along the Middle East for at least 10 months.  The malware is designed to collect sensitive information from infected machines then send it to command and control servers (c & c). Information collected includes:

–          Information about the computer’s network connections

–          Information about processes and folders

–          Information about BIOS, CMOS RAM

–          Infecting USB drives with a spy module

Kaspersky revealed that banks are the most infected organizations and this malware was built to spy on financial dealings of specific groups and key figures in the Middle East. Its main purpose is to spy on banking transactions, email, social networking activity, steal login usernames and passwords!

Researchers mentioned that there are significant similarities in code and architecture between Gauss and Flame. In fact, it is largely due to these similarities that Gauss was discovered. Previously, security experts identified Stuxnet similar to Duqu and Flame with Stuxnet. Similarly, Gauss is linked with Stuxnet, the malware that sabotaged Iran’s nuclear fuel enrichment program.

Frankly, I can think of this malware as a new digital espionage tool…!

Gauss is not the only espionage tool that was discovered in the Middle East and it is not also the only incident.  Most sophisticated infections were discovered in MENA including Stuxnet, Flame, and Duqu. Countries like Iran and Israel are hot sites for cyber espionage but it doesn’t mean that other countries are safe. Once the malware spreads through the Internet, other countries will be affected. Cybercrime, digital espionage, cyber intelligence and warfare are among the great challenges of this century. Middle East countries might be the biggest losers in this arena due to many reasons including but not limited to poor security awareness at all levels. Read my report “21st century cyber threats and Middle East Dilemma” to understand more about cyber espionage in the Middle East. As we believe in Cyber War, we should understand the importance of cyber weapons, cyber intelligence, and cyber defense or we will be part of a game we can’t play.

If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”
Sun Tzu, The Art of War