Cyber security firm Alien Vault, has discovered a computer virus that is using service members’ network security cards to hack into government networks. How does the virus work? A service member receive an email with an official-looking PDF file connected to the virus that allows it to record keystrokes, said Jaime Blasco, lab manager for Alien Vault, a California-based cyber security firm. The virus then collects a service member’s personal identification number associated with a Common Access Card when he logs into a government computer.
“The hackers can get in pretty easily with this virus and do whatever they want on a government computer while a soldier just works on his computer,” Blasco said in a phone interview from his office in Spain.
Blasco said he suspects the cyber-attack originates from China because of the Chinese characters found within the virus’ coding.
“Since we started tracing it … we found software that’s only really used in China,” Blasco said. “We’re 99 percent sure this attack is coming from China. Not 100 percent sure, but we’re pretty sure.”
It is unknown what the Virus and the Hackers are looking for but, the DOD is aware of the issue and has been working on it. It’s targets are not just the military it appears to have gone after other government agencies including the State Department.
The virus, a new strain of the “Sykipot,” has been tracked now for 3 months by Alien Vault according to Blasco.
The only way to protect against Sykipot is to train service members not to open the PDF attachment. Hackers often disguise their poisoned email attachments as government documents.
“CAC cards” are required to log on to government computers and to access military and top-secret networks, the card doubles as an identification card for service members as well as most contractors. A computer chip is embedded into the card that also contains the owner’s photo.
Sources: Military.com