Foreign Policy Blogs

Poisonous PDFs

acrobatPDF files exploiting a a vulnerability in Acrobat Reader were sent to a passel of defense contractors this week. A sophisticated attack, the files when opened exploited a vulnerability that had been patched in Reader just days prior, and handed control of the newly zombified computer over to master servers in Taiwan.

Most impressive was the clever social engineering of the attack – the PDF was in reference to a real conference taking place in Los Vegas, and appeared to be coming from the Department of Defense.

We all get a bit inured to the deluge of phishing messages imploring us to change our information or update our accounts with Ebay or Bank of America – “Type your passwords into this web page and SOME BIG PROBLEM will be averted!” Those are crude mass attacks that aren’t likely to convince many people – but if it gets .5%, that’s plenty. However, targeted attacks like those that hit the contractors are far more dangerous – the savviest of us are susceptible to custom designed manipulation.

The motivations, if not the identity, of the attackers are pretty clear. One of the benefits of backwardness – that is, being a country whose militarily lags behind technologically – is that you don’t have to re-invent the wheel, or even the Reaper. You just have to steal the plans for it.