“Without change something sleeps inside us, and seldom awakens”

A reported breach of the White House’s unclassified networks has apparently been in the works for several years and appears to be related to the same Russian hacking organization that has exploited a Microsoft software flaw to target other U.S. entities, the North Atlantic Treaty Organization (NATO) and some Eastern European governments.

The level of detail and information sharing involved with these attacks, along with other cyber espionage events originating in China, go far in emphasizing the threat inherent in digital attacks against national security.

Cyber attacks can and do go well beyond stolen credit card numbers and the costs and inconveniences created by retail data breaches. While these affect individuals, banks, and businesses to no small degree, the possibility presented by hacking into government, academic, and other organizations demand further threat-information sharing and action.

“Even though these are the organizations we’re aware of, we’re not able to identify all of the targets this group has hit,” a representive of iSight, the security firm that has been researching the Russian-based hackers purportedly behind the attacks since 2009, said during a recent conference call.

The firm’s investigative team is called “Sandworm,” which refers to the use of code that references Frank Herbert’s sci-fi epic “Dune.” Sandworms are known for burrowing under the sand and tracking down spice mélange, the prominent substance in the novel.

According to iSight, the hackers intrude upon systems by accessing a weak spot in Microsoft programs on any supported version of Windows. The malicious code embeds itself in a program, typically Microsoft Powerpoint, and run every time the program starts up.

“There’s no indication that there’s something going wrong in your system,” iSight’s Steve Ward said. Microsoft issued a patch for the problem on Oct. 14. However, that is after several years and many hacked systems.

“It’s indicative of their sophistication that they’ve managed to stay under the radar for so long,” commented iSight’s Ward.

iSight calls the Microsoft flaw a “zero-day vulnerability,” which for the vast majority of the public means nothing substantive. The key part of the message is the fact that the problem couldn’t easily be detected. If intelligent individuals can be nearly or actually fooled by the type of phishing scams that regularly appear in our inboxes, then we are no match for the increasingly sophisticated tactics of actual criminals.

iSight is one of several security firms that have banded together, led by a firm called Novetta to coordinate the fight against malware creators and cyber intruders. The coalition will focus on attackers such as these tracked by iSight and others.

“We felt it was important to take action proactively in coordination with our coalition security industry partners. The cumulative effect of such coordinated approaches could prove quite disruptive to the adversaries in question and mitigate some of the threat activity that plagues the joint customer base of this coalition,” said Novetta CEO Peter B. LaMontagne, in a statement on the new effort.

To borrow a well-known quote from the hacking Dune fans, “he who controls the spice controls the universe.” “The spice,” in the world of Dune, is the primary currency, favorite hallucinogenic drug, and all-around valuable stuff.

“Without change something sleeps inside us, and seldom awakens” is also a quote from Dune (motifs are fabulously useful) and offers a significant lesson for those fighting against misuse of data. If we aren’t solving the problem now, it’s much more likely to become overwhelming.

In the hacking world, information and data has become the spice of much of our lives – those who can protect it from the wrongdoers can offer much-needed expertise to all those for whom data encompasses the difference between safety and the dangerous alternatives.