Most Recent Posts

A group of hackers, allegedly from Russia, found a fundamental flaw in Microsoft Windows and exploited it to spy on Western governments, NATO, European energy companies and an academic organization in the United States.

That's according to new research from iSight Partners, a Dallas-based cybersecurity firm.

Last month, the U.S. and the U.K. were preparing to meet at a NATO summit to talk about Ukraine. Emails were flying back and forth. Different experts were offering to talk at the conference. And in the midst of all the digital traffic, hackers jumped into the conversation.

Patrick McBride, a spokesman with iSight, says the hackers targeted specific officials using a well-known kind of attack called spear-phishing. Hackers would craft a message with a PowerPoint document attached. For example, they'd say, "We'd like to be involved in the conference."

And when an unknowing recipient opened the corrupted PowerPoint, the file was exploited to load a piece of malware onto the computer that the attacker could then use later to "exfiltrate documents," McBride says.

The hacker group, dubbed the "Sandworm Team," allegedly pulled emails and documents off computers from NATO, Ukrainian government groups, Western European government officials, and energy sector and telecommunications firms.

In the mad dash to grab information, McBride says, the hackers got a little sloppy and dropped hints about their identity. He says they're Russian, "but we can't pinpoint if they work for the Russian government or work in a particular department in the government."

The Russian embassy did not immediately respond to NPR's inquiry. Microsoft says that Tuesday, it's patching the security flaw so that PowerPoint and other Office products can't be exploited again in the same way.

Lonnie Benavides, a researcher with the cybersecurity services firm DocuSign, says if the findings are true, they represent an interesting turn of events. "Typically Russians stick to making money, stick to stealing credit cards and identities as far as trends go," he says.

Federal authorities are investigating the role of Russian hackers in the major breach against JPMorgan Chase.

Benavides says Russia provides an enabling environment for cyber offenses — whether it's crime like stealing credit cards, or espionage to steal state secrets — because the country has some very talented hackers who do not get prosecuted.

"I'm certainly not seeing waves of people that are being put in jail, in order to send a message, in order for this to stop," he says.

Even though the iSight report points to code that was in the Russian language, Benavides would not jump to the conclusion that the hacker group is state-sponsored or even from Russia. "There's an attribution problem," he says.

On Tuesday in London, the judging panel for Britain's 2014 Man Booker Prize for literature announced this year's winner: The Narrow Road to the Deep North by Australian Richard Flanagan.

The novel, Flanagan's sixth, tells the story of POWs in World War II who were forced by their captors to work on the Thailand-Burma Railway, also known as the "Death Railway" for the more than 100,000 who died in the process of building it.

NPR's Lynn Neary reported that the book was inspired by Flanagan's father, who was a real-life POW made to work on the railway. She says Flanagan's father died on the same day his son told him the novel was complete.

Lynn adds:

"A.C. Grayling, who chaired the judge's committee, called it a 'magnificent novel of love and war.' It is, he said, 'the book that Richard Flanagan was born to write.' "

This was the first year the Man Booker Prize was open to American writers. NPR reported in September that two Americans were shortlisted for the award this year: Joshua Ferris for his work To Rise Again at a Decent Hour and Karen Joy Fowler for her novel We Are All Completely Beside Ourselves.

More from Lynn:

"The Man Booker Prize has always been open to writers in the U.K. and commonwealth countries. The decision to include writers from the U.S. was a controversial one, but Grayling said in the end, Americans did not 'overwhelm' the process."

NPR book critic Alan Cheuse reviewed The Narrow Road in August of this year:

"Flanagan's descriptions of the daily round of increased labor, diminishing food and nightmarish hygiene make for difficult reading. The set-pieces showing off Japanese cruelty seem almost beyond credulity, as when one Japanese officer describes in great detail how an older officer instructed him in the proper way to behead prisoners, or when we hear eyewitness testimony about the experimental live dissection of a prisoner of war, or the stark physical descriptions of prisoners in various states of sickness and dying. All this makes for a portrait of war in the Pacific that could have been rendered by Hieronymus Bosch. ...

"After setting down this eccentric masterwork of a novel, full of deep insight, afflicted love and cosmic passion alongside painful, even horrendous suffering, Flanagan's music still plays on and on in my head."

richard flanagan

Man Booker Prize

On Tuesday in London, the judging panel for Britain's 2014 Man Booker Prize for literature announced this year's winner: The Narrow Road to the Deep North by Australian Richard Flanagan.

The novel, Flanagan's sixth, tells the story of POWs in World War II who were forced by their captors to work on the Thailand-Burma Railway, also known as the "Death Railway" for the more than 100,000 who died in the process of building it.

NPR's Lynn Neary reported that the book was inspired by Flanagan's father, who was a real-life POW made to work on the railway. She says Flanagan's father died on the same day his son told him the novel was complete.

Lynn adds:

"A.C. Grayling who chaired the judge's committee called it a 'magnificent novel of love and war.' It is, he said, 'the book that Richard Flanagan was born to write.' "

This was the first year the Man Booker Prize was open to American writers. NPR reported in September that two Americans were shortlisted for the award this year: Joshua Ferris for his work To Rise Again at a Decent Hour and Karen Joy Fowler for her novel We Are All Completely Beside Ourselves.

More from Lynn:

"The Man Booker Prize has always been open to writers in the U.K. and commonwealth countries. The decision to include writers from the U.S. was a controversial one but Grayling said in the end, Americans did not 'overwhelm' the process."

NPR book critic Alan Cheuse reviewed The Narrow Road in August of this year:

"Flanagan's descriptions of the daily round of increased labor, diminishing food and nightmarish hygiene make for difficult reading. The set-pieces showing off Japanese cruelty seem almost beyond credulity, as when one Japanese officer describes in great detail how an older officer instructed him in the proper way to behead prisoners, or when we hear eyewitness testimony about the experimental live dissection of a prisoner of war, or the stark physical descriptions of prisoners in various states of sickness and dying. All this makes for a portrait of war in the Pacific that could have been rendered by Hieronymus Bosch....

"After setting down this eccentric masterwork of a novel, full of deep insight, afflicted love and cosmic passion alongside painful, even horrendous suffering, Flanagan's music still plays on and on in my head."

richard flanagan

Man Booker Prize

A group of hackers, allegedly from Russia, found a fundamental flaw in Microsoft Windows and exploited it to spy on Western governments, NATO, European energy companies and an academic organization in the United States.

That's according to new research from iSight Partners, a Dallas-based cybersecurity firm.

Last month, the U.S. and the U.K. were preparing to meet at a NATO summit to talk about Ukraine. Emails were flying back and forth. Different experts were offering to talk at the conference. And in the midst of all the digital traffic, hackers jumped into the conversation.

Patrick McBride, a spokesman with iSight, says the hackers targeted specific officials using a well-known kind of attack called spear-phishing. Hackers would craft a message with a PowerPoint document attached. For example, they'd say, "We'd like to be involved in the conference."

And when an unknowing recipient opened the corrupted PowerPoint, the file was exploited to load a piece of malware onto the computer that the attacker could then use later to "exfiltrate documents," McBride says.

The hacker group, dubbed the "Sandworm Team," allegedly pulled emails and documents off computers from NATO, Ukrainian government groups, Western European government officials, and energy sector and telecommunications firms.

In the mad dash to grab information, McBride says, the hackers got a little sloppy and dropped hints about their identity. He says they're Russian, "but we can't pinpoint if they work for the Russian government or work in a particular department in the government."

The Russian embassy did not immediately respond to NPR's inquiry. Microsoft says that Tuesday, it's patching the security flaw so that PowerPoint and other Office products can't be exploited again in the same way.

Lonnie Benavides, a researcher with the cybersecurity services firm DocuSign, says if the findings are true, they represent an interesting turn of events. "Typically Russians stick to making money, stick to stealing credit cards and identities as far as trends go," he says.

Federal authorities are investigating the role of Russian hackers in the major breach against JPMorgan Chase.

Benavides says Russia provides an enabling environment for cyber offenses — whether it's crime like stealing credit cards, or espionage to steal state secrets — because the country has some very talented hackers who do not get prosecuted.

"I'm certainly not seeing waves of people that are being put in jail, in order to send a message, in order for this to stop," he says.

Even though the iSight report points to code that was in the Russian language, Benavides would not jump to the conclusion that the hacker group is state-sponsored or even from Russia. "There's an attribution problem," he says.