![]() ![]() Proof-of-concept? Developmental article intended for use against real targets? Security testing tool? Whatever it’s up to, Irongate is evasive. There’s still no sign that it’s been used in the wild, but observers differ over what this Son-of-Stuxnet might actually be up to. The threat group is thought to be the same one that’s been active for several years against the Indian government and Pakistani dissidents.ĭave Bittner: Analysts continue to investigate Irongate, the Siemens-PLC-targeting malware FireEye described last week. What the interested civil servants swallowed with it was a backdoor, specifically the BreachRAT payload.ĭave Bittner: The goal of the campaign seems to be espionage. Since the Pay Commission will have a direct effect on government salaries, the bait was snapped up. The bait was well-chosen: news articles referencing India’s Seventh Pay Commission. ![]() FireEye reported late last week that hackers operating from Pakistan successfully posed as journalists - complete with a registered but quite bogus news site - to mount a spearphishing campaign against Indian civil servants. ![]() So, the argument goes, you can reduce your risk by taking steps to decrease the attackers’ return-on-investment.ĭave Bittner: Cyber conflict in South Asia is attracting much attention in the Indian press. An op-ed in CSO argues that the hackers threatening businesses - mostly organized criminal gangs and rogue nation-states - are themselves best understood as business motivated, to find soft targets and reduce the time spent on attacks to the minimum. Observers see the DPRK as increasingly dependent upon traditional organized crime methods to fund itself-the Diplomat, for example, describes North Korea as “a sovereign ‘mafia’ state.” If so, expect more anti-racketeering measures to be deployed against it.ĭave Bittner: Carbon Black, for one, thinks such an economic approach to cyber defense might be applicable to businesses as well. The US Treasury Department last week tightened sanctions against North Korea. The DPRK’s spoor appears in malicious code linked to the Lazarus Group, widely held to be a cut-out for Pyongyang. The New York Fed, SWIFT, and Bangladesh Bank continue to dispute where the primary responsibility for the theft lies.ĭave Bittner: More observers find themselves convinced by evidence developed by Symantec that the North Korean government was involved in the fraudulent transfers. They were only later discovered to be fraudulent. The remaining 30, interestingly, were flagged and held pending review for potential economic sanctions violations. The thieves then resubmitted them with the missing information provided, at which point the New York Fed released five of them. The first time the requests appeared, they were rejected for improper formatting: no corresponding bank was listed. Sign up today at /webinar.ĭave Bittner: I'm Dave Bittner in Baltimore with your CyberWire summary for Monday, June 6th, 2016.ĭave Bittner: As investigation into the SWIFT-linked Bangladesh Bank fraud continues, sources close to the inquiry tell Reuters that the New York Federal Reserve Bank blocked thirty-five transfer requests before approving the five that resulted in an $81 million loss. Join their free webinar and learn how security incidents happen at the seams between tools and teams, and how you can unite your people, processes and technologies behind an intelligence-driven defense. And who in the world would use "dadada" as a password?ĭave Bittner: Today's podcast is made possible by ThreatConnect. Pakistan-based threat actors target Indian government officials. Irongate's ultimate purpose remains obscure: it's not in the wild, yet, but some variant of the Son of Stuxnet may wind up there. Android in malware developers' crosshairs. Anti-racketeering and cyber criminals' return-on-investment. Dave Bittner: Money-laundering, fraudulent wire transfers, and the possible emergence of a "sovereign mafia state" with no connection to the actual Cosa Nostra. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |