The Norwegian security company Norman Shark has discovered the first major cyber espionage attack from India.
Norwegian security firm Norman Shark has recently published a report (PDF file) undergoing what they describe as “Operation Hangover – Unveiling an Indian attack cyber-infrastructure”. The attacks appear to have originated in India, and has been operating for at least three years. It looks mostly like the purpose of the attack is to monitor the goals that are of interest to national security (including Pakistan), but it has also been conducted industrial espionage against the telecom company Telenor, and other civilian agencies.
was graded as put light on this 17th March when they wrote that Telenor Security Center had recorded abnormal Internet traffic from computers to several of the bosses in Telenor. Spies tapped computers for email, files, passwords and other personal data. The incident was also reported to NCIS.
Norman Shark basically had no access to the case, but after the Norwegian CERT (NorCERT) shared some data from the event, including some MD5 files of suspicious files, they could with this basically collect more information. It was not long before they found out that Telenor was only one of many targets in a very extensive infrastructure of targeted attacks by far unknown species. Norman Shark has discovered a surprisingly large number of attacks worldwide, from governments, military and businesses. Pakistan seems to be an over-represented countries for the attacks.
There is no clear evidence that the actors behind the attack has been awarded the contract on behalf of anyone.
It appears that the attack has been carried out with the technique “social engineering”. A security system is no more secure than its weakest link – often man. Using deception, persuasion, influence and charm has attackers gained access to the data of enterprises.
Norman Shark points out that businesses today have to realize that it is not a question of whether they will be exposed to an attack – but when , and have a plan in place for how to deal with such an attack when it occurs.
id=”report-article” class=”report-article small”> 
No comments:
Post a Comment