Time filter

Source Type

A standard method used by inspection teams of the Organisation for the Prohibition of Chemical Weapons (OPCW) for preparation of aqueous samples requires several extraction and derivatization steps. This results in tedious and time consuming on-site analysis. A simple thermal desorption-gas chromatography-mass spectrometry (TD-GC-MS) method was developed to analyse for a broad range of degradation products, impurities and precursors of chemical warfare agents (CWA) in water solutions and wet or dry organic liquid samples. The method is fast, sensitive, requires only microliter volumes of sample and enables the simultaneous determination of a wide range of compounds with widely differing polarity, volatility and reactivity. The applicability of the method was demonstrated by successful analysis of five OPCW Official Proficiency Test samples. © 2010 Elsevier B.V.

News Article | May 29, 2012
Site: www.eweek.com

The United Nations' International Telecommunication Union is issuing a warning for nations to be on guard for the newly identified Flame malware, according to a report. "This is the most serious [cyber] warning we have ever put out," Marco Obiso, cyber-security coordinator for the U.N.'s Geneva-based International Telecommunications Union, told Reuters.Also known as Skywiper and Flamer, the malware has been discovered on systems in the Middle East, and has hit Iran the hardest. The discovery prompted Iran€™s National Computer Emergency Response Team to issue an alert stating the malware was tied to multiple incidents of €œmass data loss€ in the country€™s computer networks.   Thought to be a tool for cyber-espionage, security researchers say the malware has been traced back to at least 2010, with experts at the Laboratory of Cryptography and System Security (CrySys) at the Budapest University of Technology and Economics stating it may have been operational for five years or more .   According to Kaspersky Lab , Flame is a backdoor Trojan with worm-like features that allow it to propagate itself on local networks and removable media. When a system is infected, the malware is capable of a number of operations, including taking screenshots, recording audio conversations and intercepting network traffic.   "Flame shares many characteristics with notorious cyber weapons Duqu and Stuxnet: while its features are different, the geography and careful targeting of attacks coupled with the usage of specific software vulnerabilities seems to put it alongside those familiar €˜super-weapons€™ currently deployed in the Middle East by unknown perpetrators," Alexander Gostev, head of Kaspersky Lab's Global Research and Analysis team, blogged May 28.   "Flame can easily be described as one of the most complex threats ever discovered. It€™s big and incredibly sophisticated. It pretty much redefines the notion of cyber-war and cyber-espionage."   When all of its modules are installed, the malware takes up 20 MB in data storage. It also contains code written in Lua, a programming language uncommon in the cyber underworld.   "Lua is a scripting (programming) language , which can very easily be extended and interfaced with C code," Gostev explained. "Many parts of Flame have high order logic written in LUA€”with effective attack subroutines and libraries compiled from C++€¦usage of LUA in malware is uncommon."   According to Symantec's Security Response team, the modular nature of the malware suggests its developers created it with the goal of maintaining the project over a long period of time€”most likely along with a different set of individuals using the malware.   "The complexity of the code within this threat is at par with that seen in Stuxnet and Duqu , arguably the two most complex pieces of malware we have analyzed to date," according to Symantec. "As with the previous two threats, this code was not likely to have been written by a single individual but by an organized, well-funded group of people working to a clear set of directives. Certain file names associated with the threat are identical to those described in an incident involving the Iranian Oil Ministry."   According to Gostev, there does not appear to be any overarching theme in regards to targets, indicating that Flame may have been designed for more general cyber-espionage purposes. He speculated that Flame was developed separately from Duqu and Stuxnet and noted that Flame's developers did not use the Tilded platform used for Duqu and Stuxnet. However, he noted that Flame makes use of the same print spooler vulnerability exploited by Stuxnet. It also abuses AutoRun, just like Stuxnet.   "Currently there are three known classes of players who develop malware and spyware: hacktivists, cyber-criminals and nation states," Gostev noted. "Flame is not designed to steal money from bank accounts. It is also different from rather simple hack tools and malware used by the hacktivists. So by excluding cyber-criminals and hacktivists, we come to the conclusion that it most likely belongs to the third group€¦the geography of the targets (certain states are in the Middle East) and also the complexity of the threat leaves no doubt about it being a nation state that sponsored the research that went into it."   To perform a quick manual check for Flame, users can search for the file ~DEB93D.tmp. If it is present, the computer either is or has been infected with flame, Gostev blogged today. Also, users can check the registry key HKLM_SYSTEM\CurrentControlSet\Control\Lsa\ Authentication Packages. If mssecmgr.ocx or authpack.ocx is present, this is another indication the computer is infected, he added.

Terzic O.,Organisation for the Prohibition of Chemical Weapons | Bartenbach S.,Organisation for the Prohibition of Chemical Weapons | de Voogt P.,University of Amsterdam | de Voogt P.,KWR Watercycle Research Institute
Journal of Chromatography A | Year: 2013

A rapid, sensitive and robust method for determining the chemical warfare agents Lewisites and their hydrolysis products in aqueous and multiphase sample matrices has been developed as an extension of the previous work (Terzic, 2010 [32]). In the new method, the acidification of the sample and use of 1-butanethiol derivatisation instead of trimethylsilylation significantly improved both, qualitative and quantitative aspects of targeted analysis of Lewisite species. The limit of detection was ≤100. ng/ml in full scan MS, with sample volume of 10. μl only. The whole sample preparation procedure took 9. min, while the gas chromatography (GC)-mass spectrometry (MS) analysis cycle was under 22. min. The method deals efficiently with the multiphase sample matrices offering a fast and simple alternative to the conventional approach of liquid-liquid extraction combined with derivatisation. Multiphase sample matrices can be encountered or formed when preparing environmental, industrial, waste or decontamination waste samples for a GC-MS analysis. The applicability and robustness of the method were demonstrated by the successful analysis of 11 years old OPCW Official Proficiency Test sample and a triphase liquid sample. The same equipment set-up, tubes and derivatising agent have been used for collection, preparation and analysis of Lewisites in air samples (Terzic et al., 2012 [35]). The minimal logistic requirements, ease of operation, versatility and other features aforementioned, make this method an excellent choice for an environmental or forensic field laboratory. © 2013 Elsevier B.V.

Terzic O.,Organisation for the Prohibition of Chemical Weapons | Swahn I.,Organisation for the Prohibition of Chemical Weapons | Cretu G.,Organisation for the Prohibition of Chemical Weapons | Palit M.,Organisation for the Prohibition of Chemical Weapons | Mallard G.,Organisation for the Prohibition of Chemical Weapons
Journal of Chromatography A | Year: 2012

A sensitive gas chromatography-mass spectrometry (GC-MS) based analytical method was developed for detection of the chemical warfare agents (CWA) and related compounds in air/vapor samples. The method uses a Tenax TA packed GC liner as an air/vapor sampling tube and Programmable Temperature-Vaporization (PTV) GC inlet as the thermal desorber. This approach eliminates secondary focusing step and allows transfer of desorbed analytes as sharp bands directly to the head of GC column. Use of a Peltier element for rapid cooling eliminates need for an external coolant. Minimal logistic and hardware needs make the method relatively inexpensive and especially suitable for a mobile laboratory. The limits of detection (LODs) of 0.8-2.9. ng on tube for selected nerve and blister agents were achieved in the full scan MS mode. Simple derivatization method applied for detection of Lewisites 1 and 2 did not affect simultaneous analysis of other agents. The method was extensively evaluated with authentic CWA during the field trainings of the inspectors from the Organization for the Prohibition of Chemical Weapons (OPCW). The environmental area and personal samples were collected for a semi-quantitative determination of averaged airborne CWA concentration levels. © 2012 Elsevier B.V..

Discover hidden collaborations