Tech giants! How do you know Jim in accounting isn't Putin moves on you
Infosec guru 'surprised' if spooks weren't embedded in top firms
BSides London "I would be surprised if all major intel agencies didn't have people embedded in Google, Amazon, Apple, Facebook and major cloud provers," infosec guru Mikko Hyppönen told a packed audience at BSides conference in London on Wednesday.
Hyppönen, chief research officer at security firm F-Secure, made the comment during a well-received opening keynote speech in which the Finn charted the progress of malware from the work of teenage pranksters in the 1980s to today's world of profit-chasing cybercrime and malicious code from state intel agencies.
Although money remains the "main motivation", snoops are getting in on the act. Hyppönen rated the US, Israeli, Russian and Chinese governments as the most active in the realm of state-sponsored espionage. "The US is the most capable," Hyppönen said. "The US has been doing it for longer and investing more in hacking tools and malware than other countries."
Although it might look like nation states are conducting most of their espionage in cyberspace, spies and moles could still have infiltrated the top tech companies of the world, Hyponnen said. "It would be a slow process" but insiders would have the access cyberspies crave.
Jobs in network and sysadmin roles would be key targets for such infiltration, Hyppönen told El Reg, adding that he knows Apple and other tech giants are hip to the threat.
In another related strand of his talk, Hyppönen described the infamous NotPetya outbreak as the biggest computer calamity ever. "It was more expensive than any hack or data leak," he said, adding that although it was aimed at Ukraine, collateral damage against Western companies was huge.
NotPetya was distributed after the systems of Ukrainian accountancy software outfit ME-DOCS were hacked in order to plant a fake update containing malicious code. Hyponnen warned that other attacks targeting software updating systems were likely.
He also said that the number of money-motivated attacks against banks using phishing, malware and other tactics meant it made sense for finance department staff to have two computers. One would be used to conduct financial transactions while the other would be used for regular work. Both machines would be internet-connected. ®