![]() These cutting-edge technologies ended up in the hands of other nation-state threat actors. It did it before a similar feature was integrated into Stuxnet. ![]() The group also created a USB-based command and control mechanism that allowed the mapping of air-gapped networks. One of Equation Group’s most powerful tools is a module that can reprogram the hard drive firmware of various manufacturers, including Seagate, Western Digital, Toshiba and IBM, to create a secret storage vault that survives wiping and reformatting. They also noticed that several flaws in Microsoft and VMware products were exploited. Researchers found another supply chain attack, this time on Microsoft cloud services. ![]() The supply chain attack on SolarWinds Orion software was just one entrance channel used by the attacker. This hack proved more extensive than initially thought. The cyberespionage operation had gone unnoticed for at least nine months before it was discovered on December 8, 2020, when security company FireEye announced it was a victim of a state-sponsored attacker that stole several of its red team tools. The Pentagon, the UK government, the European Parliament, and several governmental agencies and companies across the world fell victims to this supply chain attack. In 2020, thousands of organizations downloaded a tainted software update of the SolarWinds Orion software, giving the attacker a point of entry into their systems. “This group is careful, calculated, and has demonstrated a desire to maintain access to victim environments for as long as necessary to understand the network layout, required permissions, and system technologies to achieve its goals.” UNC2452 (a.k.a Dark Halo, Nobelium, SilverFish, StellarParticle) “APT38 is unique in that they are not afraid to aggressively destroy evidence or victim networks as part of their operations,” according to Mandiant Threat Intelligence (FireEye). It spares no effort in its relentless campaigns. Lazarus uses a variety of custom malware families, including backdoors, tunnelers, data miners, and destructive malware, sometimes developed in-house. Hidden Cobra, Guardians of Peace, APT38, Whois Team, Zinc)Ī group associated with North Korea, Lazarus is known for perhaps the biggest cyber heist of all time: the attack on the Bangladesh Bank, which led to the theft of more than $100 million in February 2016. Moreover, once a malicious tool is released, it is often recycled and reused by competing threat actors.įollowing are some of the most creative and dangerous cyberespionage and cybercriminal groups, listed in no particular order: Lazarus (a.k.a. Nation-states sometimes partner with each other for a common goal, and sometimes they even appear to be working in tandem with cybercriminal gangs. At times, drawing clear lines between different kinds of activities is a challenging task. Today, nation-state actors are developing increasingly sophisticated cyberespionage tools, while cybercriminals are cashing in millions of dollars targeting everything from Fortune 500 companies to hospitals.Ĭyberattacks have never been more complex, more profitable, and perhaps even more baffling. When hacking began many decades ago, it was mostly the work of enthusiasts fueled by their passion for learning everything they could about computers and networks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |