The intruder in your computer

If you get a legitimate-looking PDF attachment in your email — especially if you work in the Building or anywhere in the government — think twice before you open it.

As our colleague Mike Hoffman reports this morning for Military​.com, that attachment could contain a virus that could, among other things, capture the passcode or other information associated with your Common Access Card, leaving your machine and network vulnerable to who knows what.

It’s the latest calling card from the Hacker Kingdom, according to one cyber-analyst. Wrote Hoffman:

“The hackers can get in pretty easily with this virus and do whatever they want on a government computer while a soldier just works on his computer,” [lab manager Jaime] Blasco said in a phone interview from his office in Spain.

Blasco said he suspects the cyber attack originates from China because of the Chinese characters found within the virus’ coding. “Since we started tracing it … we found software that’s only really used in China,” Blasco said. “We’re 99 percent sure this attack is coming from China. Not 100 percent sure, but we’re pretty sure.”

The Defense Department is aware of the virus strain called “Sykipot,” according to multiple news reports. Pentagon officials didn’t respond to a request for comment.

Blasco said he has spoken to cyber-experts working for the U.S. government about the virus strain.

“They know about it and are working on it,” Blasco said.

It’s a new twist on the old “spear phishing” scheme, part of what appears to be China’s attempt to steal examine nearly everything stored anywhere on any U.S. computer. Only this malware is designed specifically to circumvent DoD’s ubiquitous “CAC cards,” which were supposed to make DoD computers and networks more secure. But apparently the only thing you can rely on to keep networks safe these days is the oldest technology of them all — the human user. So be careful.