Information Security News mailing list archives
The Globalization Of Cyberespionage
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 13 Nov 2012 04:07:18 -0600 (CST)
http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/240115353/the-globalization-of-cyberespionage.html By Kelly Jackson Higgins Dark Reading Nov 12, 2012A recently discovered targeted cyberespionage campaign targeting Israeli and Palestinian organizations in operation for more than a year serves as chilling evidence that cyberspying is a global phenomenon and no longer mostly the domain of massive nation-states like China.
While much of the attention has been trained on China as the source of cyberespionage, the discovery of this latest operation highlights just how popular and easy it has become to execute cyberspying. Thanks to ease of access and use of remote access Trojan (RAT) tools and reliability of social engineering, you don't need nation-state backing to conduct these types of targeted attacks. RATs traditionally had been associated with Chinese-based attackers, but that conventional wisdom is shifting as other nations and politically motivated attackers move to cyberspying via these tools to more efficiently gather intelligence on their marks.
Researchers at Norman Security today revealed that they recently analyzed malware used in phishing emails targeting Israeli and Palestinian targets and found that attackers used malware based on the widely available Xtreme RAT crimeware kit. The attacks, which first hit Palestinian targets, this year began going after Israeli targets, including Israeli law enforcement agencies and embassies around the world. Norman says the same attacker is behind the attacks because the attacks use the same command-and-control (C&C) infrastructure, as well as the same phony digital certificates.
This attack campaign just scratches the surface of the breadth and spread of these types of attacks around the world as more players have been turning to cyberspying. "We're just seeing the tip of the iceberg," says Einar Oftedal, deputy CTO at Norman.
[...] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More!http://www.shopinfosecnews.org
Current thread:
- The Globalization Of Cyberespionage InfoSec News (Nov 13)