Spy Spotting: Careless mistakes about cyber-espionage attempts
With constantly evolving technology, cyber attacks have become more frequent. Hackers with malicious intentions are finding new ways to hold people’s data at ransom in exchange for money. Cybersecurity teams around the world are working constantly to track the source and eradicate the root of the problem. However, despite all sorts of attempts, hackers often end up leaving some sort of clue for cybersecurity experts to pick up.
Kaspersky Labs in one of their press releases has mentioned the following incident — a threat actor called Dropping Elephant, likely operating from India, reported by Kaspersky Lab in July 2016, targeted high profile diplomatic and economic entities in countries including China, Australia, Bangladesh, Taiwan, and more. Clues revealed traces of three individuals where one in particular carelessly disclosed a personal document that led Kaspersky Lab researchers to find the faces behind Dropping Elephant.
Kaspersky Lab also published a report on Naikon APT in 2015. This cyberespionage campaign has been tracking geopolitical intelligence
Hackers with malicious intentions are finding new ways to hold people’s data at ransom for money
in countries around the South China Sea for over half a decade, Later that year, an alleged connection discovered by ThreatConnect researchers showed a domain name used in Naikon APT, was also found across several social media accounts. These social media accounts carried more than 700 posts and 500 photos which enabled researchers to track down an official’s real location and work address.
Noushin Shabab, Senior Security Researcher says, “Cybersecurity researchers examine cyberespionage campaigns by chasing trails of clues and careless mistakes. Once we have all the necessary pieces of the puzzle, we share evidences with fellow experts to be able to know the spies behind an attack, their main objectives and techniques, All the historical information gathered through investigating targeted attacks, helps us discover the truths and the myths of cyberespionage in the Asia Pacific region,” says Shabab. campaigns that consist of a variety of people with different skilled roles and responsibilities.
In order to protect your personal or business data from cyber attacks, Kaspersky Lab advises the following:
1) Implement an advanced, multi-layered security solution covering all networks, systems and endpoints.
2) Educate and train your personnel on social engineering as this method is often used to make a victim open a malicious document or click on an infected link.
3) Conduct regular security assessments of the organisations IT infrastructure.
4) Use Kaspersky’s Threat Intelligence that tracks cyber attacks, incident or threats and provides customers with up-to-date relevant information that they are unaware of.