Are a team of US students the answer to our malware woes?
A crack team of US students are to look into an online security headache that has threatened over a hundred American businesses since 2006.
The team is led by Mississippi State University’s Wesley McGrew, and his computer science and engineering students specialise in malicious software. Part of their new curriculum requires them to study a recent report, published by American cyber-security firm Mandiant, that identifies a division of China's People's Liberation Army as the likely perpetrators of years of cyber espionage.
According to Mandiant, the IP addresses behind a slew of cyber attacks can be traced to a 'secret' department of the Chinese army named Unit 61398, located on the outskirts of Shanghai's financial district. They believe the unit has been in operation since 2006, affecting 141 businesses, mostly in America. Of course, the Chinese government has been quick to rebuke Mandiant’s claims, pointing out that “hacking attacks occur almost every day by using stolen IP addresses”.
Is there any truth to the ministry’s response? Possibly, although the sheer amount of activity in the area casts a shadow over their argument. The fact that the Chinese government takes a hard line on online activity, openly blocking many American organisations and businesses, and restricting internet freedom, hasn't exactly helped their cause. In recent years, many living in China have been forced to rely upon a VPN service to access the myriad of censored sites.
With each revelation of global cyber crime, businesses across the world are becoming increasingly anxious, and increasingly reliant on the use of services like a vpn google chrome store
to help protect them from threats. Unlike many, McGrew is rather excited by the news. He sees the report as a fantastic opportunity for this students to analyse malware and to develop the tools to potentially combat threats in the future.
"We have a room with highly motivated students absolutely looking to get into this field. [Studying reports like this] puts them in positions that the country is desperately trying to fill right now,” McGrew explains. Indeed, the university is also part of US Department of Defense's Information Assurance Scholarship Program that requires students to spend a year in government service for each year they receive financial assistance - the idea being to boost US expertise in an area that sorely needs it.
FireEye warns that this newest flaw is being used to install a remote-access Trojan called McRat and says that it’s a different exploit to the one that caused major security breaches at Facebook, Apple and Twitter recently.
In case you're reading this now on a Java-enabled browser, the current advice is to uninstall or disable Java or set your security settings to ‘High’ when you need to use it. If you’re concerned about online security more generally, then investing in a VPN service will give you an extra level of protection. If your VPN is enabled while you browse the internet, your system is less likely to be exploited by hackers.
HideIPVPN VPN application for OS X & Windows – updated!
iOS & Android developers wanted