Could US cyberspies have moles inside Microsoft?

[grandpaflo]

Could US cyberspies have moles inside Microsoft?

"US government officials could be working under cover at Microsoft to help the country's cyber-espionage programme, according to one leading security expert.

The warning comes in the wake of the Flame virus that targeted key computers in the Middle East, and in part used confidential Microsoft certificates in order to access machines.

According to Mikko Hypponen, chief research officer at security firm F-Secure, the claim is a logical conclusion to a series of recent discoveries and disclosures linking the US government to 2010's Stuxnet attack on Iran and ties between Stuxnet and the recent Flame attack.

“The announcement that links Flame to Stuxnet and the conclusive proof that Stuxnet was a US tool means that Flame is also linked to the US government,” Hypponen said."

"“This makes you think that this breach of Microsoft's update system was done by the Americans and most likely a US agency, someone like the NSA,” Hypponen said. “That must make Microsoft mad as hell that its most critical system, used by 900 million of its customers, was breached by fellow Americans.”"

Continued:
http://www.pcpro.co.uk/news/security/375169/could-us-cyberspies-have-moles-inside-microsoft

#

US Security Services May 'Have Moles Within Microsoft,' Says Researcher
http://it.slashdot.org/story/12/06/...y-have-moles-within-microsoft-says-researcher

 

[seepy83]

Ya...or there's no mole at all, and the people running the show at Microsoft willingly helped the US government and justified it under the umbrella of national security.

 

[Dude111]

I wouldnt be surprised at anything!

 

[Slugbait]

Ya...or there's no mole at all, and the people running the show at Microsoft willingly helped the US government and justified it under the umbrella of national security.

This theory has come up repeatedly over the last 13 years. Just prior to that, it was reported that the US government approached MS about cooking a backdoor into Windows, and MS publicly refused.

Of course, the debug code sloppily left in SP5 for NT5 has a key labeled "_NSAKEY", which took on a conspiracy life all its own. MS denied it had anything to do with backdoors, but instead to meet federal export laws for cryptography, which is reasonable.

But some theorists look at the reversal of the order to split MS by Judge Jackson as a "good faith" deal for MS to cooperate with the government...which would explain that key.

It's all just rumors and theories, tho. People say "where there's smoke, there's fire", but others know how beneficial it is to use smoke as a diversion.

 

[nemesismk2]

It wouldn't surprise me if they did, just like i think there are moles in all of the social media sites esp facebook for obvious reasons.

 

[Dravic]

As a security person I'll say this.. While more attacks may come from the outside. the smaller number of internal attacks are more expensive per incident because people on the inside know where to look.

Internal moles may not be expected, but should be planned for. Especially in a bad economy, even good people can be leveraged to do things they normally wouldn't.

DLP, roles based access, and least privileged access are the tools geared toward these internal issues. I also think that corporate workstations should have no direct access to your production network. Where possible, VDI, Term servers, and Jump Boxes should all be used instead.

I also don't think that your production network should use the same authentication back end (like AD) as production so hacked or obtaiedn corp password are ineffective against your prod servers.