Kaspersky Lab runs new campaign against supply chain attacks
VARINDIA- INDIA'S FRONTLINE IT MAGAZINE
Kaspersky Lab's security research team has published a new research paper on the discovery of "Icefog", a small yet energetic APT group that focusses on targets in South Korea and Japan, hitting the supply chain for Western companies. The operation started in 2011 and has increased in size and scope over the last few years.
"For the past few years, we have seen a number of APTs hitting pretty much all types of victims and sectors. In most cases, attackers maintain a foothold in corporate and governmental networks for years, smuggling out terabytes of sensitive information," said Costin Raiu, Director, Global Research & Analysis Team. Based on the profiles of identified targets, the attackers appear to have an interest in the following sectors - military, shipbuilding and maritime operations, computer and software development, research companies, telecom operators, satellite operators, mass media and television. Research also indicated the attackers were interested in targeting defence industry contractors such as Lig Nex1 and Selectron Industrial Company, shipbuilding companies such as DSME Tech, Hanjin Heavy Industries, telecom operators such as Korea Telecom, media companies such as Fuji TV and the Japan-China Economic Association. Kaspersky researchers have sink-holed 13 of the 70+ domains used by the attackers. This provided statistics on the number of victims worldwide. In addition, the Icefog command and control servers maintain encrypted logs of their victims together with the various operations performed on them. These logs can sometimes help to identify the targets of the attacks and, in some cases, the victims. In addition to Japan and South Korea, many sinkhole connections in several other countries were observed, including Taiwan, Hong Kong, China, the USA, Australia, Canada, the UK, Italy, Germany, Austria, Singapore, Belarus and Malaysia......See More |
Comments
Post a Comment