Published by The Lawfare Institute
in Cooperation With

Sauron malware code

I'm sure that co-bloggers will give you all the technical details, but for now it is worth noting that a new malware program known as "Project Sauron" has been discovered. The program is incredibly sophisticated, was undetected for five years, and may well have been developed by a nation state. According to Kaspersky: "The threat actor behind ProjectSauron commands a top-of-the-top modular cyber-espionage platform in terms of technical sophistication, designed to enable long-term campaigns through stealthy survival mechanisms coupled with multiple exfiltration methods. Technical details show how attackers learned from other extremely advanced actors in order to avoid repeating their mistakes. As such, all artifacts are customized per given target, reducing their value as indicators of compromise for any other victim."

Principal targets seemed to have been government and military systems in Russia, Iran and (oddly enough) Rwanda. I think some folks at NSA-TAO are a bit disappointed today.

Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security. He is a Professorial Lecturer in Law at George Washington University, a Senior Fellow in the Tech, Law & Security program at American University, and a Board Member of the Journal of National Security Law and Policy.

Subscribe to Lawfare