Symantec now claims that the company's own networks were in fact breached back in 2006, leading to the loss of proprietary product data: "...an investigation into the matter had revealed that the company's networks had indeed been compromised"...
* * *
"YamaTough, spokesperson for the hacktivist group “The Lords of Dharmaraja”, informed Infosec Island of plans to release source code for Symantec's PCAnywhere. The release is to be made prior to the threatened exposure of the full source code for the Norton antivirus..."
* * *
There have been so many examples of cyber espionage that it is now the norm to just accept that it is rampant.
MI5 in the UK, the German Chancellery, Titan Rain, GhostNet, the Pentagon email hack, Google Aurora – all are examples of cyber espionage, most on the part of China. But to date no evidence has been put forth other than claims from the injured parties.
Thanks to reporting from Anthony M. Freed of Infosec Island, we have learned that a group of Indian hackers that align themselves with Anonymous (the catch all movement for hackers these days) have breached several Indian government servers and uncovered gold. If taken at face value their hacking has revealed:
1. The Indian government has source code for Symantec’s AV software, albeit of 2006 vintage.
2. The Indian government is strong arming cell phone manufacturers to provide back doors into their handsets.
3. The Indian government is in possession of confidential internal communications from the US-China Economic and Security Review Commission (USCC).
And now in a new development we learn from Freed:
“Now YamaTough has provided potentially damning evidence that the Indian government is actively engaged in espionage efforts targeting not only the USCC, but potentially thousands of US government networks, ranging from those of federal agencies to systems used by state and municipal entities.”
YamaTough is part of The Lords of Dharmaraja hacking group in India.
You can see the difference between these unfolding events and previous claims of cyber espionage. The exfiltration of terabytes of data on the US Joint Strike Fighter or last March’s theft of “24,000 documents” has never been proved. They are just claims from admittedly credible sources.
Thanks to a hacker group in India, Infosec Island has source material that demonstrates wide spread cyber espionage on the part of the Indian Government which the hackers may publish.
This is a historically significant development for those of us who track cyber espionage.
Cross-posted from IT-Harvest