F-Secure’s 2008 Security Overview

Mikko Hypponen of F-Secure is in this video below describing some of the coolest threats discovered on the Internet in the first half of 2008. Much of it has been covered on this blog before regarding phishing attacks and malware backdoors. But one of his statements near the beginning caught me way off guard and was a bit shocking.

The unrest in China over Tibet has prompted some very targeted malware attacks against Pro Tibet groups. Since many of those humanitarian and human rights groups knew that their email communication was constantly being monitored by China, they had switched to encrypted email- specifically, PGP. Mikko tells a story about how some of the tarteted malware attacks against the pro-tibet groups were designed to steal the public and private PGP keyrings! Since the Chinese can’t crack PGP on their own, but assuredly have copies of the encrypted transmissions, they targeted and stole the PGP keys to decrypt the emails of the dissidents and human rights groups.

Wow.