Engineering news
IT security experts have warned about a growing wave of hacking attacks which is targeting small and medium sized engineering and industrial firms.
Some 130 companies have been successfully attacked so far in 30 different countries, said cybersecurity company Kapersky Lab, including the UK, Spain, Germany, Saudi Arabia, the UAE, India, Egypt and Pakistan.
The majority of the victims work in the industrial and engineering sectors. Others include shipping, pharmaceutical, manufacturing, trading companies, educational organisations, said Kapersky Lab.
The attacks use a “phishing” email designed to look like a communication from a bank and an attachment which appears to be a document, but is in fact malware.
Once installed the malware hunts for valuable business-related data stored in their victims’ networks. It collects data from keystrokes, clipboard data, data from browsers, messaging, email clients and from installed applications such as Microsoft Office. The collected data is sent to central command and control servers.
Kaspersky Lab researchers first spotted the phishing emails in June 2016, in messages mostly sent to the top and middle level managers of numerous companies. Further investigation showed the attack was most likely organised by a cybercriminal group which has been tracked by the company’s researchers since March 2015.
Kapersky Lab has called the hack “Operation Ghoul”.
Mohammad Amin Hasbini, a security expert from Kaspersky Lab, said: “Their main motivation is financial gain resulting either from sales of stolen intellectual property and business intelligence, or from attacks on their victim’s banking accounts.
“Unlike state-sponsored actors, which choose targets carefully, this group and similar groups might attack any company. Even though they use rather simple malicious tools, they are very effective in their attacks. Thus companies that are not prepared to spot the attacks, will sadly suffer.”
Lane Thames, software development engineer and security researcher at IT security firm Tripwire, said: “The data illustrates how much of an upper-hand cyber criminals have on the rest of us. These cyber criminals were using existing malware and phishing emails to infiltrate their victims’ networks. “
“Phishing has long been a valuable technique for cyber criminals because both trained humans and detection software have difficulty identifying a well-crafted phishing email. However, the bigger problem across the board is user awareness. Organisations should implement training programs that help their users understand aspects of spam, phishing, and malware. A little bit of training can go a long way in this area.”