Cyber criminals targeted 400 industrial groups

 

 

By Rose de la Cruz

 

By sending out legitimate looking emails, cyber criminals have targeted 400 industrial groups in an attempt to earn money.

 

Kaspersky Lab researchers detected the new wave of financial spear-phishing emails disguised as legitimate procurement and accounting letters that started in autumn 2017 targeting the companies’ PCs of industries from oil and gas, to metallurgy, energy, construction and logistics.

 

In the detected wave the criminals not only attacked industrial companies together with other organizations, they were predominantly focused on them. They sent out emails containing malicious attachments and try to lure unsuspecting victims into giving away confidential data, which they could then use to make money.

 

According to Kaspersky Lab data, this wave of emails targeted around 800 employee PCs, with the goal of stealing money and confidential data from the organizations, which can then be used in new attacks.

 

The emails were disguised as legitimate procurement and accounting letters, containing content that corresponded to the profile of the attacked organizations and took into account the identity of the employee – the recipient of the letter.

 

Of note, the attackers even addressed the targeted victims by name. This suggests that the attacks were carefully prepared and that criminals took the time to develop an individual letter for each user.

 

When the recipient clicked on the malicious attachments, modified legitimate software was discreetly installed on the computer so that criminals could connect to it, examine documents and software related to the procurement, financial and accounting operations.

 

Furthermore, the attackers were looking for different ways to commit financial fraud, such as changing requisites in payment bills in order to withdraw money for their benefit.

 

Moreover, whenever criminals needed additional data or capabilities, such as obtaining local administrator rights or stealing user authentication data and Windows accounts to spread within the enterprise network, the attackers uploaded additional sets of malware, prepared individually for an attack on each victim.

 

This included spyware, additional remote administration tools that extend the control of attackers on infected systems and malware to exploit vulnerabilities in the operating system, as well as the Mimikatz tool that allows users to obtain data from Windows accounts.

 

“The attackers demonstrated a clear interest in targeting industrial companies. Based on our experiences, this is likely to be due to the fact that their level of cybersecurity awareness is not as high as it is in other markets such as financial services. That makes industrial companies a lucrative target for cybercriminals,” said Vyacheslav Kopeytsev, security expert at Kaspersky Lab.

 

Kaspersky Lab researchers advise users to follow these key measures in order to be protected against spear-phishing attacks:

* use security solutions with dedicated functionality aimed at detecting and blocking phishing attempts. Businesses can protect their on-premise email systems with targeted applications inside the Kaspersky Endpoint Security for Business suite. Kaspersky Security for Microsoft Office 365 helps to protect the cloud-based mail service Exchange Online inside the Microsoft Office 365 suite.

* introduce security awareness initiatives, including gamified training with skills assessments and reinforcement through the repetition of simulated phishing attacks. Kaspersky Lab customers would benefit from using the Kaspersky Security Awareness Training services.

 

Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them.

 

 

Like us in Facebook

Features

Latest News

NEDA wants stronger push for exports

    By Rose de la Cruz     The National Economic and Development Authority wants a stronger and more aggressive push for Philippine exports to... Read More...
Japan remains top ODA source

    By Rose de la Cruz   Japan continues to be the main source of official development assistance of the Philippine government, where... Read More...
Bong still unsure of Senate run

Should he stay or should he go?  This is the question that Special Assistant to the President Christopher “Bong” Go is trying to answer and... Read More...
IMAGE In the know: Solar Philippines

Solar Philippines is currently the country’s – and Southeast Asia’s – largest solar-energy company. Founded in August 2013 by Leandro... Read More...
Wrong Dream Girl and Other Laughs

Wrong Dream GirlA FROG telephones the Psychic Hotline. His Personal Psychic Advisor tells him, "You are going to meet a beautiful young girl who will... Read More...
Confession Code and other laughs

Confession Code AN old priest who became sick of all the people in his parish who kept confessing to adultery said one Sunday, in the pulpit,"If I... Read More...
IMAGE PAGIGING MAKABAYAN

KAMAKAILAN ay tumawag ng atensyon ang plano ni Sen. Manny Pacquiao na maghain ng panukalang batas na naglalayon na isama bilang bahagi ng curriculum... Read More...
IMAGE PUTULIN ANG MONOPOLYO NG MERALCO!

SUPORTADO nang ibat-ibang consumer group kabilang na ang Institute for Consumer Research and Empowerment (ICORE) ang panukalang dapat putulin na ang... Read More...

Our Guests

Today292
Yesterday755
This week1047
This month15120
Total1029724

Visitor Info

  • Your IP: 54.225.57.230

Who Is Online

23
Online

Monday, 20 August 2018
© 2016 OpinYon News Magazine Online. All Rights Reserved.

Please publish modules in offcanvas position.