Symantec has reported that an older vulnerability is still being exploited through new malware they call Trojan.Laziok. targeting the energy sector and governments. In response to this attack, which is triggered by users opening an email attachment, cybersecurity expert Philip Lieberman, president of Lieberman Software (www.liebsoft.com) said:
“Attacks today have to be analyzed not so much from the tools and exploits used, but more from the sophistication of the targeting as well as the economics of the tools used. Just as a company looks at the ROI of their offerings, attackers attempt to use the most inexpensive tools possible to achieve the greatest ROI. This attack exploits an apparently well-known lack of investment by the oil and gas industry in keeping their Microsoft Office software up to date. The attack also exhibits sophistication in their targeting of a specific industry (good email list) as well as an inventory of secondary infection tools. The attack also points out the lack of general preparation of cyber-defense teams in many areas of the oil and gas industry worldwide.
Preceding the reduction in the price of oil worldwide, we have seen a general decrease in IT security investments within the oil and gas industry. The dismantlement of IT oil and gas defenses and underfunding was picked up by the attackers and gives them great advantage over their targets.”
About Lieberman Software Corporation
Lieberman Software provides award-winning privileged identity management products to more than 1200 enterprise customers worldwide, including nearly half of the Fortune 50. By automatically locating, securing and continuously auditing privileged accounts, both on-premises and in the cloud, Lieberman Software helps protect access to systems with sensitive data, thereby reducing internal and external security vulnerabilities, improving IT productivity and helping ensure regulatory compliance. The company developed the first solution for the privileged identity management space, and its products, including Enterprise Random Password Manager (ERPM), continue to lead the market. Lieberman Software also provides a mature line of Windows security management tools. The company is head quartered in Los Angeles, CA, with offices and channel partners located around the world. For more information, visit www.liebsoft.com
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.