Cyber-Espionage Group Breached Systems in 37 Nations, Security Researchers Say (msn.com) 15
An anonymous reader shared this report from Bloomberg:
An Asian cyber-espionage group has spent the past year breaking into computer systems belonging to governments and critical infrastructure organizations in more than 37 countries, according to the cybersecurity firm Palo Alto Networks, Inc. The state-aligned attackers have infiltrated networks of 70 organizations, including five national law enforcement and border control agencies, according to a new research report from the company. They have also breached three ministries of finance, one country's parliament and a senior elected official in another, the report states. The Santa Clara, California-based firm declined to identify the hackers' country of origin.
The spying operation was unusually vast and allowed the hackers to hoover up sensitive information in apparent coordination with geopolitical events, such as diplomatic missions, trade negotiations, political unrest and military actions, according to the report. They used that access to spy on emails, financial dealings and communications about military and police operations, the report states. The hackers also stole information about diplomatic issues, lurking undetected in some systems for months. "They use highly-targeted and tailored fake emails and known, unpatched security flaws to gain access to these networks," said Pete Renals, director of national security programs with Unit 42, the threat intelligence division of Palo Alto Networks....
Palo Alto Networks researchers confirmed that the group successfully accessed and exfiltrated sensitive data from some victims' email servers.
Bloomberg writes that according to the cybersecurity firm, this campaign targeted government entities in the Czech Republic and the Ministry of Mines and Energy of Brazil, and also "likely compromised" a device associated with a facility operated by a joint venture between Venezuela's government and an Asian tech firm.
The cyberattackers are "also suspected of being active in Germany, Poland, Greece, Italy, Cyprus, Indonesia, Malaysia, Mongolia, Panama, Greece and other countries, according to the report."
The spying operation was unusually vast and allowed the hackers to hoover up sensitive information in apparent coordination with geopolitical events, such as diplomatic missions, trade negotiations, political unrest and military actions, according to the report. They used that access to spy on emails, financial dealings and communications about military and police operations, the report states. The hackers also stole information about diplomatic issues, lurking undetected in some systems for months. "They use highly-targeted and tailored fake emails and known, unpatched security flaws to gain access to these networks," said Pete Renals, director of national security programs with Unit 42, the threat intelligence division of Palo Alto Networks....
Palo Alto Networks researchers confirmed that the group successfully accessed and exfiltrated sensitive data from some victims' email servers.
Bloomberg writes that according to the cybersecurity firm, this campaign targeted government entities in the Czech Republic and the Ministry of Mines and Energy of Brazil, and also "likely compromised" a device associated with a facility operated by a joint venture between Venezuela's government and an Asian tech firm.
The cyberattackers are "also suspected of being active in Germany, Poland, Greece, Italy, Cyprus, Indonesia, Malaysia, Mongolia, Panama, Greece and other countries, according to the report."
EAAS (Score:4, Insightful)
Espionage As A Service.
Industrial espionage is already a business. It's not a great leap in logic to expect that nations will outsource their efforts rather than run it in-house.
Re: (Score:2)
Re: Geography (Score:1)
Australia also participates in eurovision....
Re:Geography (Score:4, Informative)
Eurovision is not an EU organ, it is the information exchange network of the European Broadcasting Union (EBU), created in 1950, previous to any of the predecessors of the current EU. Its members are *broadcasters*, not countries; but reach to the USA, Brazil, Chile, Japan, China, Malaysia, Morocco, South Africa, New Zealand, etc. One of the achievements of the EBU was the development of technology enabling simultaneous broadcasting. As a demonstrator to their broadcast technology, the EBU started a song contest in 1954. Programs shown in Eurovision network mode start with the Anthem of the EBU, based on the first notes of Marc-Antoine Charpentier's Te Deum.
Re: Geography (Score:2)
Who said anything about EU other than his company decided jobs would go to their EU based branch?
Re: (Score:2)
The company cited by the OP associated belonging to Eurovision as a sign of association to the EU. This lead me to remind that for example Brazil and Japan have the same level of membership as Israel in Eurovision's parent organisation.
Re: (Score:2)
Critical infrastructure and the Internet (Score:2)
Re: (Score:2)
That ship has sailed long ago. But maybe use better than the "pathetic" level IT security that Microsoft and other big players provide...
Re: (Score:2)
VPNs running on embedded hardware. With multiple different hardware/software combinations. That way you wouldn't end up with a software monoculture.
CyberInsecurity: The Cost of Monopoly [ccianet.org]