Share

Related Links

  • Lieberman Software
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Related Stories

  • US Justice Department makes an offer Congress can’t refuse
    The Department of Justice (DoJ) wants to be able to prosecute international cybercriminals under a US law originally intended to take down the Mafia, a representative told a House Judiciary panel yesterday.
  • 93% audit firewall security manually
    Research just published by Tufin Technologies claims that, while 93% of respondents to a survey said they continue to carry out their firewall audits manually, 60% also said that lack of time is their weakest link on the security front.
  • Barclay Simpson publishes first quarterly rate card for security contractors
    Barclay Simpson’s information security contract division has published its first quarterly rate card for contractors in the IT security industry, noting that technology risk consultants can earn £710 a day, ranging down to data privacy analysts who can command £475 a day.
  • US insurance firm sues after $207k cyberheist
    A growing number of businesses now have some form of IT security insurance to cover the financial losses associated with cybercrime, but a leading security researcher says that a US insurer has sued a bank over a $207,000 cyberheist involving its bank account.
  • 'Hacking the Hippies': EDF fined for hacking into Greenpeace computers
    A Paris court has fined French energy firm EDF €1.5m for hacking into Greenpeace computers to find out about the environmental group’s plans to block four planned nuclear power plants in the UK.

Top 5 Stories

News

Lieberman Software warns of more cyber-espionage cases in wake of EDF/Greenpeace saga

17 November 2011

Lieberman Software says it expects to see more case of cyber espionage after French energy giant EDF was fined €1.5m for hacking into Greenpeace computers to download the environmental group's plans to block four planned nuclear power plants in the UK.

As reported previously, EDF has also been ordered to pay €500,000 in damages to Greenpeace, with several former members of staff within the energy giant and an external security company being handed down prison sentences.

According to Philip Lieberman, president of Lieberman Software, the only surprise is not having seen this sort of trojan-assisted industrial espionage reaching the courts before.

He says that the EDF/Greenpeace court case is only notable because the saga started more than five years ago.

"According to the various newswire reports, the power generation giant - which runs more than 50 nuclear power stations in France and 8 in the UK - tasked an external company to conduct illegal surveillance on Greenpeace's then head of campaigns in France, Yannick Jadot", he said.

"Thanks to the successful infection of Jadot's computer, EDF was able to illegally obtain 1,400 documents about the environmental charity's ongoing campaign against nuclear energy", he added.

The president of the privileged identity theft specialist went on to say that, while it is good to hear that the French courts have handed down actual and suspended sentences against former EDF security staff and the detective agency employed by the energy giant, there are some significant questions that remain to be answered.

These include the possibility of incursions into the computers of other senior members of Greenpeace's staff, how long it was before the infections were detected and how they were spotted.

And then, he says, there is the confidential court testimony that was released by a French Web site - Mediapart - two years ago, that revealed that EDF had organised surveillance not only of Greenpeace in France, but broadly across Europe since 2004.

The really big question, says Lieberman, is how many other cases of trojan-assisted industrial espionage have been carried out in recent years, especially since the external company hired by EDF are said to have relatively simple techniques to infect the Greenpeace chief's computer.

And it's worth noting, he explained, that the same French court handed down a six-month prison sentence and 4,000 euro fine to the external company that EDF used - in connection with infecting computers at a French anti-doping lab - allegedly on behalf of disgraced US cycling star Floyd Landis.

"So what do these two cases tell us? Quite simply that trojan-assisted infections are almost certainly an integral part of the modern-day private detective's IT arsenal when conducting industrial espionage", he said.

"The most worrying question is whether terrorists are also using the same techniques to assist their campaigns. I suspect the answer is yes, meaning that IT security professionals now need to take action against the use of trojans to harvest information from the machines under their protection", he added.

This article is featured in:
Application Security  •  Identity and Access Management  •  Internet and Network Security  •  Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×