Information Security News mailing list archives
Anthem Breach Evidence Points to China, Security Researchers Say
From: InfoSec News <alerts () infosecnews org>
Date: Mon, 2 Mar 2015 09:20:29 +0000 (UTC)
http://www.eweek.com/security/anthem-breach-evidence-points-to-china-security-researchers-say.html By Robert Lemos eWEEK.com 2015-02-28A new open-source intelligence analysis of the breach of health insurer Anthem has reinforced theories that the data theft leads back to a Chinese espionage program, security firm ThreatConnect stated on Feb. 27.
In the report, which is based on public sources or "open-source" intelligence, security researchers at ThreatConnect and other companies found technical evidence that linked the malware reportedly used in the Anthem attack to a Chinese espionage group and a professor at Southeast University, which works with a government contractor, Beijing Topsec Technology Co.
A variety of evidence—including email addresses, domains registered for the command-and-control servers and the certificate used to sign the malware—led back to the trio of actors, Rich Barger, chief intelligence officer for ThreatConnect, told eWEEK.
"All of this evidence, from the technical aspect, pointed back to China in numerous ways despite the actors' best efforts to shroud their origins," Barger said. "They made an effort to hide, but they messed up."
[...]
-- Evident.io - Continuous Cloud Security for AWS. Identify and mitigate risks in 5 minutes or less. Sign up for a free trial @ https://evident.io/
Current thread:
- Anthem Breach Evidence Points to China, Security Researchers Say InfoSec News (Mar 02)