Criminal Justice & the Rule of Law Cybersecurity & Tech

Project Sauron

Paul Rosenzweig
Wednesday, August 10, 2016, 11:31 AM

Sauron malware code

Meet The Authors

Published by The Lawfare Institute
in Cooperation With
Brookings

Subscribe to Lawfare

Sauron malware code

I'm sure that co-bloggers will give you all the technical details, but for now it is worth noting that a new malware program known as "Project Sauron" has been discovered. The program is incredibly sophisticated, was undetected for five years, and may well have been developed by a nation state. According to Kaspersky: "The threat actor behind ProjectSauron commands a top-of-the-top modular cyber-espionage platform in terms of technical sophistication, designed to enable long-term campaigns through stealthy survival mechanisms coupled with multiple exfiltration methods. Technical details show how attackers learned from other extremely advanced actors in order to avoid repeating their mistakes. As such, all artifacts are customized per given target, reducing their value as indicators of compromise for any other victim."

Principal targets seemed to have been government and military systems in Russia, Iran and (oddly enough) Rwanda. I think some folks at NSA-TAO are a bit disappointed today.

Topics:
Criminal Justice & the Rule of Law Cybersecurity & Tech
Back to Top
Paul Rosenzweig

Paul Rosenzweig

@RosenzweigP
Read More
Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security. He is a Professorial Lecturer in Law at George Washington University, a Senior Fellow in the Tech, Law & Security program at American University, and a Board Member of the Journal of National Security Law and Policy.

Subscribe to Lawfare