It has been reported that the U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. According to the MAR AR19-100A advisory published on the US-CERT website, the new Trojan was detected while tracking the malicious cyber activity of the North Korean-backed hacking group HIDDEN COBRA (also known as Lazarus, Guardians of Peace, ZINC, and NICKEL ACADEMY).
Officials at the DHS have issued another warning about North Korean #malware concerning a new variant dubbed #Hoplight 🇺🇸 https://t.co/HlagNesLWK #Cybersecurity @InfosecurityMag
— Stormshield (@Stormshield) April 11, 2019
Experts Comments:
Satnam Narang, Senior Research Engineer at Tenable:
John Sheehy, VP of Strategy at IOActive:
“Where possible, designers should use orthogonal safety controls such as mechanical pressure relief values or mechanical governors, that have zero coincidence with the control systems and therefore cannot be affected by them. Today’s operational technology implementations should focus on managing the consequences of a cybersecurity attack through layered protections and mitigations using non-cybersecurity engineering controls. This should be done with a focus on providing operational resiliency to the process and overall operations.”
“As a cybersecurity strategy defenders should be focusing on two primary strategic objectives. First, raising the cost to the threat actors through a layered defensive model and non-cybersecurity consequences. Second, lowering the payoff to the threat actor by reducing the consequences and impact to the defenders of any successful attack. The recent attacks on SIS environments demonstrates there’s an unmet need to focus on the second.”
Bob Noel, VP of Strategic Partnerships at Plixer:
The opinions expressed in this article belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.