The black market for malware is far from settled beyond any prosecution because it is ruled by the military and police of Western democracies.
Two weeks after an extensive program package had arrived for attacking firewalls from leading companies, came on Friday the so far most dangerous malware for iPhones to the public. Although the circumstances that they become known are completely different, both cases have one thing in common. Neither against Apple's iOS nor that against the operating systems of all firewalls directed package has a criminal background.
In both cases, the malicious files from the public sector and there just not from the usual suspects "Cyber rogues" Russia or China. For the attack tools on firewalls from Cisco to Fortinet, the NSA was at least the client. The iPhone malware got developed by the Israeli company NSO, a supplier for the Mossad.
We'll find additional at the Wall Street Journal article "Smartphones Become Next Frontier in Cybersecurity" from Jul 31, 2014 the information:
Private-equity firm Francisco Partners Management LLC earlier this year paid $110 million to acquire NSO Group, an Israeli startup that aims to help governments spy on individual mobile phones
The same company also has the firewall vendor Barracuda and specialized on Network Monitoring company Blue Coat in their portfolio.
Pandora's Box
Why the black market is settled for such malware far beyond any prosecution? This market would be interfering at least since 2000, no longer criminals, but military and police authorities. This Pandora's Box was open since 2000 and criminals were to distinguish more difficult by the authorities.
The US has begun and just tried once, whether they can enforce the use of malware in their country. This has at least according to its laws and works. After that, more and more Western democracies have been taking their right to use malware, first only in the intelligence field; afterwards they used it also in law enforcement. The so-called 'police Trojans' are nothing than malicious software.
Legalization of criminal activities
Since almost not one country had the necessary know-how and resources to develop all these attack tools themselves, they outsourced the production and maintenance to private companies. What was still considered criminal in the 90s, got step by step legalized. The black market for malware was therefore created by government agencies. Their demand fueled the market for malicious software continue running on, which is reflected in rapidly growing sales of commercial operators. The increasing sales in this sector are the sole reason why more and more new companies emerge in this market.
All Cisco Firewalls are affected
All versions of the operating systems from the Cisco product series PIX and ASA within the last 15 years are clearly concerned with very few exceptions. The development of attacking tools therefore launched shortly after the first PIX were delivered in 1996, the very last specimens of this product range reached just the end of their lifetime.
The so-called "Equation Group", of which the as yet unknown "Shadow Broker" these files allegedly stolen has, so the firewalls alone systematically attacked by Cisco for at least 15 years and their malicious code obviously adapted to every major update of the operating system. For the newer firewalls from the type ASA were hitherto found two so called "0-Day exploits", the name for attacking software for previously undiscovered vulnerabilities in an operating system. Cisco has indeed already ruled with a security update for its ASA operating system, but it is questionable whether it also against modified versions of the attack software helps.
Three "0 day exploits" against iPhone
The intruder tool for iPhone consists of three of these "0-day exploits" that contaminate the device via a single link in a text message, which had resulted in an investigation into the security firm "Lookout" with Canadian "Citizen Lab". The human rights activist Ahmed Mansoor from the United Arab Emirates had received an SMS with an embedded link what allegedly referred to a website with new information on torture in the dictatorial Emirates.
Mansoor did not click the link, but forwarded the SMS to the Canadian Citizen Lab for examination. Together with the dedicated security company for smartphones and tablets the company Lookout tested the consequences of a click on this link. The result has been the installation of a "completely invisible" spying software from the Israeli "cyber war" company NSO. Apparently for "security reasons" NSO even does not maintain a website.
The human rights activist Ahmed Mansoor was attacked for the third time since 2011. The company FinFisher (aka "Gamma Group") comes from Germany, "Hacking Team" is Italian origin.
The powerlessness of prosecutors
Although both cases are mounted quite different, and the circumstances are particularly in the case of firewall hacks in the darkness, but can draw some conclusions without overusing speculations. In both cases, the military intelligence services from Western democracies (US and Israel) are the principal for this high-quality malicious software. The anti-malware iPhones was sold to an alliance with the West dictatorship in the Persian Gulf, which thus spied the democratic opposition in his own country.
The malicious software to firewalls was commissioned by the US secret service NSA in order to attack the products for network security of the leading US companies Cisco, Fortinet and Juniper. Of particular interest in this case is that of all the world’s leading firewall manufacturers, the Israeli-American company Checkpoint, is missing from the recent publications from the until now unknown "Shadow Broker".
Schizophrenia, black market, cyber crime - a conclusion
From these two paradoxes is it not difficult to deduce, use what schizophrenic situation the Western democracies by the decision, methods and tools of criminals, have conjured up. The States thus have even created a global black market for "cyber weapons" and made large, parallel rise offenses of "cyber crime" range exponentially in higher spheres.
The prosecutors are faced with an almost impossible task because they can never take the backers, so the producers, namely because the own military or even the police authorities themselves their clients. The authorities of Western democracies can save their warnings against "Russian hackers" or "the Chinese" therefore, because these accusations are just embarrassing. It is quite comparable to that scene from the "last days of humanity" where one prostitute insulted another one with the words "Such a whore!".