14 DAY TRIAL // A few days ago, Kaspersky revealed the existence of a major cyber espionage campaign that has targeted hundreds of organizations across 31 countries. Experts warn that the real impact of The Mask group’s operations is yet to come.
The Mask group, which appears to be comprised of Spanish-speaking individuals, has been operating since at least 2007. They’ve managed to steal sensitive information – including digital certificates, encryption keys and SSH keys – from the systems of more than 380 victims with the aid of malware.
“While their collection efforts have just now been identified and stopped after 7 years, the real impact is yet to come,” Kevin Bocek, vice president of security strategy and threat intelligence at Venafi, told Softpedia in an emailed statement.
“The attackers now own thousands of keys and certificates and as result own the networks, servers, and applications of the breached. They can impersonate websites with stolen keys and certificates and have root-level access with SSH keys. Game over for these breach organizations. If they don’t fight back and change all of their keys and certificates immediately,” he added.
Bocek highlights the fact that if these all-important elements of trust, namely digital certificates, are compromised, it could have a massive impact on data centers.
“If businesses and governments don’t get a handle on the ways they are using certificate and can’t respond to these attacks, we all might as well be investing in bulldozers. Our data centers are worthless when the basic, foundational element of trust on the Internet – digital certificates – are compromised,” the expert explained.
“We can’t tell the good from the bad and so just need to bulldoze and start new. But, we don’t have a replacement technology for digital certificates so we have to stand and fight. Otherwise, the reality Gartner painted of living in a world without trust will come true.”