government Trojan

Governments have approached implementing Trojan horses in different ways. Swiss government agencies have been reported to be working with Internet service providers (ISPs) to record speech on an infected PC's microphone, as opposed to of intercepting encrypted voice packets. German agencies have sought authority to plant Trojan horses on the hard drives of suspected criminals using email that would install keyloggers, record webcams and microphones and scan infected hard drives for for documents, diagrams and photography. These email messages would be tailored to each unique target, similar to the method used in spear phishing attacks.

The German government received widespread attention in 2007 when its Interior Minister disclosed a plan to install Trojan horses. Switzerland and Austria have been reported to have similar programs in development. Romania, Cyprus, Latvia and Spain already have laws that allow "online searches." Chinese covert intelligence bodies have also been associated with Trojan horse activity against both other governments and private industry. The Federal Bureau of Investigation (FBI) is known to use a tool called CIPAV (computer and Internet Protocol address verifier) that can record IP addresses and send the data back to government computers. Given recent disclosures of warrantless wiretapping, the FBI may well be conducting covert surveillance of hard drives. Although no official U.S. government Trojan program is known to exist, past revelations regarding the NSA's Total Information Awareness (TIA) project and Echelon, a signals intelligence (SIGINT) collection and analysis network operated by the U.S. government in cooperation with several other nations, make the existence of such a program credible.

For many years, hackers and crackers have been attacking government networks and computers to try to gain access to classified information, financial or personal data, or to simply embarrass agencies that fail to take appropriate measures. Government Trojans represent a step in turning the tables on cybercriminals by using a proven mechanism for capturing data covertly. As Al Queda, organized crime and rogue states increasingly turn to modern information technology tools for planning, organization and even so-called "cyberwars," the development of more robust information gathering mechanisms by government agencies is a natural and important step in combating malicious activity.

As with other forms of electronic surveillance, however, the potential for governmental abuse of the techology is significant. If government agencies are able to establish partnerships with hardware manufacturers similar to the assistance in the past provided by telecommunications companies to government agencies requesting phone records, even informed consumers may be able to do little to detect or defuse back door malware. As laws and controls on new ways of monitoring citizens have typically lagged technological innovation, the best protection concerned citizens have against unwanted surveillance may be to use spyware scanners and watch activity logs for unexpected network activity.

Read more about government Trojan: - Infoworld reported on the debate raging over the German government's spyware plan. - The LA Times also reported on Germany's proposed implementation of government Trojan horses. - EMSI Software issued a statement explaining their stance on government Trojans.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Clickjacking details released after attack proof-of-concept emerges Security researchers released details of the clickjacking attacks, warning of the seriousness of the problem because they have discovered multiple... Product Review: Sophos Endpoint Security and Control 8.0 Sophos Endpoint Security and Control 8.0 is a comprehensive endpoint security product, offering antivirus, antispyware, host intrusion prevention,... Researchers develop cloud-based antivirus New cloud-based approach uses multiple antivirus engines, offers better malware detection and beats traditional antivirus software in tests.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary barnacle  (SearchSecurity.com) botnet  (SearchSecurity.com) A zombie army (also known as a botnet) is a number of Internet computers that, although their owners are unaware of it, have been set up to forward...