Skip to main content

Security Roundup: UK cybersecurity body established, Shamoon creators made "silly" errors, US digital vigilantes target al-Qaeda

£3.8 million grant gives birth to UK cybersecurity research body

On Thursday, the British government and spy officials announced the formation of the Research Institute in the Science of Cyber Security, which will operate for the next three and a half years from October.

The academic body will be hosted at University College London and is funded by a £3.8 million government grant, reports ZDNet (opens in new tab). GCHQ, a number of research councils and seven universities are involved in the project, which aims to get "social scientists, mathematicians and computer scientists from across the UK" working together.

(opens in new tab)The project comes as cyber security across the continent is scaled up, with the European Commission announcing that its Computer Emergency Response Team (CERT) will now become a permanent fixture, after a year of pilot operations.

Commenting on the UK’s new institute, cybersecurity minister Francis Maude said, "The UK is one of the most secure places in the world to do business — already eight per cent of our GDP is generated from the cyber-world and that trend is set to grow.

"But we are not complacent,” he added. “Through the National Cyber Security Programme we are putting serious investment into the best UK expertise to lead thought in the science of [cybersecurity]."

Shamoon creators made “silly errors”

It’s easy to assume that widespread malware, especially those that gain notoriety, are sophisticated, carefully-prepared weapons. But in the last roundup we revealed the “less professional” nature of the well-known Mahdi malware, and now the skills of Shamoon’s creators have been questioned by experts.

Never from the crime scene is Kaspersky Lab, and company researcher Dmitry Tarakov says Shamoon, which has been linked to the recent Saudi Aramco attack, is the work of amateurs. Computer World (opens in new tab) reports the “silly” errors in the programming, as well as a fragment of a Wikipedia-sourced JPEG of a burning US flag being found in the disk-overwriting routine, which is also used to overwrite the master boot record of targeted hard drives. Computer World describes it as “an almost comic device to use in such a serious attack.”

“By all appearances, the clue was intentionally put there for the photo to be found,” says Tarakov. “The fact that they used a picture of a fragment of a burning US flag possibly shows that the motive of Shamoon’s authors is to create and use malware in a politically driven way.”

US digital vigilantes take fight to al-Qaeda

Over in the States, the LA Times (opens in new tab) reports on the “digital vigilantes” who seek to aid the US government’s fight against Al-Qaeda and its affiliates by hacking and spying on chat rooms of the enemy.

“Barefoot in his bedroom”, we meet Jeff Bardin, who has given the FBI and US military hundreds of phone numbers and other data belonging to alleged militants in the Middle East. Bardin is currently posing as 20-something Canadian who wants to train at a specialist camp in Pakistan, the latest of over two dozen aliases that have seen him penetrate social networks and chat sites over the last seven years.

"You have to look and smell like them," he says. The former is aided my his fluent Arabic and regular uploading of Jihadist material, but how he achieves the latter is unexplained. "You have to contribute to the cause so there's trust built," Bardin adds.

Bardin is one of a number of civilian hacktivists who target the online infrastructure of Islamist groups, and their contribution is valued in some quarters. T.J. O'Connor, a signal officer with Army Special Forces, told a conference in Washington this year that "This is a domain of warfare where an individual can make a difference."

Unfortunately for Bardin, he has never had any feedback from the FBI for his efforts. "It's a one-way street," he admits.

Stories aggregated by Team Cymru (opens in new tab), which runs a private Security News mailing list called 'Dragon News Bytes', covering the most important and interesting news items of the day.

Will began working life as a technology journalist at ITProPortal as Senior Staff Writer. He's worked as a Copywriter, then Creative Lead across video, social, email, web and print. He is currently a Senior Content Strategist at Zone.