cyber command center

Documents Reveal Why U.S. Military Publishes Malware Used by North Korean and Russian Hackers

CYBERCOM has created a Twitter account with thousands of followers to publicize malware samples it shares with cybersecurity companies. Internal documents explain that it’s part of a defensive (and offensive) strategy.

Ever wonder why the U.S. military has decided to consistently publish the malware and hacking methods used by countries like North Korea and Russia? Documents obtained by VICE News describes the strategy behind Cyber Command’s decision to publish samples of malware.

The government started publishing samples of malware on VirusTotal, a semi-public website for researchers and cybersecurity experts, in 2018. The site allows researchers to closely examine how the malware works and how companies and institutions might combat it.

In addition, CYBERCOM also created a Twitter account, which has earned 11,500 followers, that they use to publicize and share news of the malware samples uploaded to VirusTotal. Most of the published malware samples rare related to Russian or North Korean-linked operations.

Now, there is more insight into why CYBERCOM made the choice to start publicly sharing the knowledge it has collected on countries it considers dangerous to national security. One document states that CYBERCOM hopes publication of the hacking tools will “bring attention and awareness” by “putting pressure on malicious cyber actors, disrupting their efforts.”

Cybersecurity experts say that the documents obtained by VICE show that the release of these malware samples show that CYBERCOM is going beyond a defensive public relations campaign.

“Cyber Command deploys VirusTotal uploads for both offensive and defensive purposes at the same time—to ‘impose costs on nation state malicious cyber actors’ and to ‘enhance our shared global cybersecurity,’” Thomas Rid, a professor of strategic studies at Johns Hopkins University, told VICE.

Once CYBERCOM decides to release the malware sample, cybersecurity companies have the ability to analyze it and update their own products to detect that specific malware strain. In addition, the military wants to “impose costs” on hacking operations by “highlighting malware to the cybersecurity community for rapid integration into antivirus software.”

Rid added that this policy means that the military is hoping for the cybersecurity community to rapidly attribute the malware to a specific actor or country. That would mean that “follow-on attribution by commercial cybersecurity companies and independent researchers is part of ‘imposing costs’ on adversary states,” Rid said.

The agency did not elaborate on its strategy, but noted that its public disclosures would continue.

"We plan to continue to publicly disclose malware samples, which we believe will have the greatest impact on improving global security,” a CYBERCOM spokesperson said in a statement to VICE.

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • Mall of America Deploys AI-Powered Analytics to Enhance Parking Intelligence

    Mall of America®, the largest shopping and entertainment complex in North America, announced an expansion of its ongoing partnership with Axis Communications to deploy cutting-edge car-counting video analytics across more than a dozen locations. With this expansion, Mall of America (MOA) has boosted operational efficiency, improved safety and security, and enabled more informed decision-making around employee scheduling and streamlining transportation for large events. Read Now

  • Security Industry Association Launches New “askSIA” AI Tool

    The Security Industry Association (SIA) has unveiled a brand-new SIA member benefit – askSIA, a conversational AI agent designed to help users get the most out of their SIA membership, easily access SIA resources and find the latest information on SIA’s training and courses, reports and publications, events, certification offerings and more. SIA members can easily find askSIA by visiting the SIA homepage or looking for the askSIA icon in the top left of webpages. Read Now

    • Industry Events
  • Industry Embraces Mobile Access, Biometrics and AI

    A combination of evolving workplace dynamics, technology innovation and new user expectations is changing how people enter and interact with physical spaces. Access control is at the heart of these changes. Combined with biometrics and AI, mobile access control has become increasingly crucial for deploying entry solutions that are seamless, secure and adaptive to user needs. Read Now

  • Sustainable Video Solution Delivered for Landmark City of London Office Development

    An advanced, end-to-end video solution from IDIS, with a focus on reducing waste and costs, has helped a major office development in the City of London align its security with sustainability objectives. Read Now

  • DHS to End ‘Shoes-Off’ Travel Policy

    Homeland Security Secretary Kristi Noem announced a new policy today which will allow passengers traveling through domestic airports to keep their shoes on while passing through security screening at TSA checkpoints. Read Now

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.