government Trojan
Home > Security Definitions - Government Trojan
SearchSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

government Trojan

Show me everything on Malware, Viruses, Trojans and Spyware


Word of the Day


DEFINITION - A government Trojan is spyware installed on a computer or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation. Depending on the program, government Trojan horses may intercept email or VoIP traffic, scan hard drives for relevant digital media or even record conversations and videoconferences. As this type of software captures data and then sends it back to a central server for processing and analysis without a user's knowledge, it is generally classified as a back door Trojan horse virus.

Governments have approached implementing Trojan horses in different ways. Swiss government agencies have been reported to be working with Internet service providers (ISPs) to record speech on an infected PC's microphone, as opposed to of intercepting encrypted voice packets. German agencies have sought authority to plant Trojan horses on the hard drives of suspected criminals using email that would install keyloggers, record webcams and microphones and scan infected hard drives for for documents, diagrams and photography. These email messages would be tailored to each unique target, similar to the method used in spear phishing attacks.

The German government received widespread attention in 2007 when its Interior Minister disclosed a plan to install Trojan horses. Switzerland and Austria have been reported to have similar programs in development. Romania, Cyprus, Latvia and Spain already have laws that allow "online searches." Chinese covert intelligence bodies have also been associated with Trojan horse activity against both other governments and private industry. The Federal Bureau of Investigation (FBI) is known to use a tool called CIPAV (computer and Internet Protocol address verifier) that can record IP addresses and send the data back to government computers. Given recent disclosures of warrantless wiretapping, the FBI may well be conducting covert surveillance of hard drives. Although no official U.S. government Trojan program is known to exist, past revelations regarding the NSA's Total Information Awareness (TIA) project and Echelon, a signals intelligence (SIGINT) collection and analysis network operated by the U.S. government in cooperation with several other nations, make the existence of such a program credible.

For many years, hackers and crackers have been attacking government networks and computers to try to gain access to classified information, financial or personal data, or to simply embarrass agencies that fail to take appropriate measures. Government Trojans represent a step in turning the tables on cybercriminals by using a proven mechanism for capturing data covertly. As Al Queda, organized crime and rogue states increasingly turn to modern information technology tools for planning, organization and even so-called "cyberwars," the development of more robust information gathering mechanisms by government agencies is a natural and important step in combating malicious activity.

As with other forms of electronic surveillance, however, the potential for governmental abuse of the techology is significant. If government agencies are able to establish partnerships with hardware manufacturers similar to the assistance in the past provided by telecommunications companies to government agencies requesting phone records, even informed consumers may be able to do little to detect or defuse back door malware. As laws and controls on new ways of monitoring citizens have typically lagged technological innovation, the best protection concerned citizens have against unwanted surveillance may be to use spyware scanners and watch activity logs for unexpected network activity.

Learn more about Malware, Viruses, Trojans and Spyware
Built-in Windows commands to determine if a system has been hacked: Ed Skoudis identifies five useful Windows command-line tools for machine analysis and discusses how they can assist administrators in determining if a machine has been hacked.
More built-in Windows commands for system analysis: Ed Skoudis defines five more useful Windows commands that can provide new insight into the realm of Windows analysis.
Mini guide: How to remove and prevent Trojans, malware and spyware: Organizations need to learn how to implement proper protections and understand best practices for malware defense in order to keep their network environments secure. In this mini guide you will learn ...
Hacker attack techniques and tactics: Understanding hacking strategies: This guide provides you with a plethora of tips, expert advice and Web resources that offer more in-depth information about hacker techniques and various tactics you can employ to protect your ...
Spyware Protection and Removal Tutorial: This spyware protection and removal tutorial is a compilation of free resources that explain what spyware is, how it attacks and what you can to do to win the war on spyware.
Information security book excerpts and reviews: Visit the Information Security Bookshelf for book reviews and free chapter downloads.
Googling Security: How Much Does Google Know About You?: In an excerpt from Googling Security: How Much Does Google Know About You?, author Greg Conti explains how attackers exploit advertising networks to compromise end-user machines.

LAST UPDATED: 10 Mar 2008

Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com

More resources from around the web:
- Infoworld reported on the debate raging over the German government's spyware plan.
- The LA Times also reported on Germany's proposed implementation of government Trojan horses.
- EMSI Software issued a statement explaining their stance on government Trojans.





FILE EXTENSION AND FILE FORMAT LIST
File Extension and File Format List:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #


RELATED CONTENT
New Zeus spam poses as Social Security statements
Trojan steals banking credentials at small and midsize businesses.
Increase in Gumblar backdoors poses FTP credential problems
Security Researcher explains how to detect the Trojan, but many victimized website owners don't have the technical expertise to fix the problem.
Hackers to sharpen malware, malicious software in 2010
Symantec researchers predict an increase in attacks using social network architectures, third-party applications and URL shortening services.

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
bot worm  (SearchSecurity.com)
A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself...
directory traversal  (SearchSecurity.com)
Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the...




Get More government Trojan Answers