INTELDROP 27 Feb 2016 [Cyber Threats]

DustStorm

IO General Correspondent – Sam Rosenthal

“Dust Storm” Attackers Target Japanese Critical Infrastructure

23 February 2016

An unknown group is responsible for attacks against Japanese critical infrastructure since 2010 called “Operation Dust Storm”.  The group uses several common methods to carry out their attacks and researchers identified several attacks in 2011 involving zero-day exploits that targeted US defense organizations and others.  The group uses these exploits to distribute malware to devices.  In 2014 and 2015 the hackers attacked several companies and individuals in Japan. Source: http://www.securityweek.com/dust-storm-attackers-target-japanese-critical-infrastructure (Reliability: High)

Sony Hackers Active Since at Least 2009

24 February 2016

Researchers tracked the hackers responsible for the 2014 Sony attack, nicknamed the “Lazarus Group”, to attacks carried out as early as 2009.  Researchers discovered no evidence linking the group to North Korea.  Lazarus Group uses 45 families of malware in attacks and has a high level of technical skill that matches skills of state-sponsored groups in the US, China, and Russia.  The group is responsible for attacks against individuals and commercial companies as well as government and military in multiple countries including the United States, Taiwan, China, Japan and Italy. Source: http://www.wired.com/2016/02/sony-hackers-causing-mayhem-years-hit-company/ (Reliability: High)

South Africa’s Department of Water Affairs Under Attack

19 February 2016

The World Hacker Team, a hacking group under Anonymous, attacked the South African Department of Water Affairs.  The group infiltrated the agency’s databases and released the information of 5,800 government personnel and collaborators.  This attack is part of the hacking group’s campaigns named #OpAfrica and #OpMonsanto aimed at fighting social and corruption issues in African states.  South Africa has no current framework for investigation or prosecution of hacking attacks.  Source: http://www.itweb.co.za/index.php?option=com_content&view=article&id=149955  (Reliability: High)

Hackers Target BAE Systems 100 Times a Year

22 February 2016

BAE identified the profile types of hackers that attempt to penetrate their systems.  These hackers range in their reasons and methods for hacking and each pose their own risks.  BAE Systems claims that hackers create “serious and persistent” threats for their networks as often as twice a week.  The company claims that the most serious threats are from state-sponsored hackers trying to steal secret information.  Serious threats also come from hacking professionals who sell their skills to other parties. Source: http://www.telegraph.co.uk/business/2016/02/22/hackers-target-bae-systems-100-times-a-year/  (Reliability: Very High)

Anonymous Attacks Italian Government Portals Because of Gas Pipeline Project

25 February 2016

Anonymous hackers attacked local government portals in Apulia and Basilicata regions.  The attackers gained access to government databases and caused disruptions.  The hackers posted screenshots of contents of the government databases on twitter proving their success.  The breach shut down the sites for several days following the attack.  The hackers carried out the attack as part of #OperationGreeenRights aimed at protesting the construction of the Trans Adriatic Pipeline project which they believe will cause serious environmental issues and would affect historical sites.  Source: http://news.softpedia.com/news/anonymous-attacks-italian-government-site-because-of-gas-pipeline-project-500977.shtml (Reliability: High)

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s