12th January 2012
A new strain of the malware Sykipot Trojan is been used to compromise the Department of Defense-sanctioned smart cards used to authorise network and building access at several US government agencies, according to researchers.
Smart cards are a standard means of granting military staff, reserve personnel, civilian employees and contractors access to intranets at US Army, Navy and the Air Force facilities. They can be used to get into buildings or, when used in conjunction with a password, to access networks.
Chinese hackers have adapted the Sykipot Trojan to gain card credentials from compromised systems in order to access classified military information, according to researchers at security firm AlienVault. An adapted version of the Trojan targets PCs which have attached smart card readers running ActivClient, the client application of ActivIdentity, in what's been described as a proxy attack.
The latest run of attacks also features phishing emails that attempt to trick users into clicking on a link that deposits the Sykipot malware onto their machines by using a key-logger to steal PINs associated with smart cards.
ActivIdentity said in a statement: "We are aware of the recent reports that purportedly identified a new attack method that could hijack smart card-based certificates. We take these reports very seriously and are working diligently to investigate the potential threat. At this time, we are confident that the purported threat poses no immediate risk to our customers".
Secure Encryption with Borer's FUSION Access Control System.
With Borer's Access Control System, data is read directly from the smart card to the reader controller for transmittal via the network without sending data across insecure interfaces such as Wiegand, clock and data, RS485, etc.
Supports four card technologies so that each cardholder can carry up to four cards allowing ease of migration from an old card format to a new card technology or support for different sites using different card coding formats if one type of card type has been compromised.
With Borer's Biometric Reader, cardholder data is fully encrypted using AES encryption. ISO and ANSI formatted Biometric fingerprint templates which ensure interoperability with other ISO and ANSI compliant sensors ensuring continuity of supply by eliminating dependency on any one sensor manufacturer.