India's Mega Cyber Attack Infrastructure Revealed - Destructive And Spooky!
Question asked by Ankita Katdare in #Hacking and Security on May 21, 2013
Ankita Katdare · May 21, 2013
Rank A1 - PRO
When the malware analysis firm Norman Shark found out who is behind this large, sophisticated cyber attack system, it had to point a finger at India. Researchers now claim that a group of attackers based in India have got a team of developers to work on delivering specific malware for private-threat actors. As per their data, it has been revealed that this setup is not a current one. For over last three years, many attacks have been successfully made from this cyber attack infrastructure and are still on-going. Much to the country's relief, it is been reported that there is no evidence that this global command-and-control network is backed by state-sponsorship.
The goal behind such malware inducing infrastructure has largely been about gathering sensitive and intelligent information from private sector companies as well as national security targets. Destructive in nature as it is, Snorre Fagerland, head of research for Norman Shark labs, shared that, "The organisation appears to have the resources and the relationships in India to make surveillance attacks possible anywhere in the world." It is disturbing to know that the attacks have seen targets from extreme diversity - Sectors like natural resources, telecommunications, law, food and restaurants, and manufacturing have already been on their radar.
When they carried out the investigation, evidences revealed the presence of an infrastructure created using professional project management practices for designing the frameworks, modules and subcomponents. By outsourcing work to freelancers, this organisation of hackers got its work done distributed among individual malware authors and developers. Fagerland must be having strong reasons to believe that this global attack system was not used to conducti industrial espionage for just its own purposes. Quoting his own words, “Something like this has never been documented before," said Fagerland. It just goes to say that the enormity of such a project can only be imagined, because the amount of malware found by Norman analysts and their partners was surprisingly large
Currently under investigation by national and international authorities, this infrastructure discovery was a result of the team's project at investigating data breaches at Norwegian telecommunications company called Telenor. Similar large-scale attacks have been made in more than 12 countries to compromise governments and corporations. The data they've found gives analysis of IP addresses collected from criminal data stores showed that attacks targeted in government, military and business organisations on well-known vulnerabilities in Java, Word documents and web browsers.
India came on their radar when they conducted an extensive analysis of website domain registrations and text-based identifiers contained within the malicious code. “This type of activity has been associated primarily with China, but to our knowledge, this is the first time that evidence of cyber espionage has shown to be originating from India,” said Fagerland. What do the engineers here have to say about this? Share with us in comments.
Via: Computer Weekly Image Credit: JaceHallShow Posted in: #Hacking and Security
The goal behind such malware inducing infrastructure has largely been about gathering sensitive and intelligent information from private sector companies as well as national security targets. Destructive in nature as it is, Snorre Fagerland, head of research for Norman Shark labs, shared that, "The organisation appears to have the resources and the relationships in India to make surveillance attacks possible anywhere in the world." It is disturbing to know that the attacks have seen targets from extreme diversity - Sectors like natural resources, telecommunications, law, food and restaurants, and manufacturing have already been on their radar.
When they carried out the investigation, evidences revealed the presence of an infrastructure created using professional project management practices for designing the frameworks, modules and subcomponents. By outsourcing work to freelancers, this organisation of hackers got its work done distributed among individual malware authors and developers. Fagerland must be having strong reasons to believe that this global attack system was not used to conducti industrial espionage for just its own purposes. Quoting his own words, “Something like this has never been documented before," said Fagerland. It just goes to say that the enormity of such a project can only be imagined, because the amount of malware found by Norman analysts and their partners was surprisingly large
Currently under investigation by national and international authorities, this infrastructure discovery was a result of the team's project at investigating data breaches at Norwegian telecommunications company called Telenor. Similar large-scale attacks have been made in more than 12 countries to compromise governments and corporations. The data they've found gives analysis of IP addresses collected from criminal data stores showed that attacks targeted in government, military and business organisations on well-known vulnerabilities in Java, Word documents and web browsers.
India came on their radar when they conducted an extensive analysis of website domain registrations and text-based identifiers contained within the malicious code. “This type of activity has been associated primarily with China, but to our knowledge, this is the first time that evidence of cyber espionage has shown to be originating from India,” said Fagerland. What do the engineers here have to say about this? Share with us in comments.
Via: Computer Weekly Image Credit: JaceHallShow Posted in: #Hacking and Security
