Experts Reaction On Cyber-Espionage Campaign Targets Hundreds Of Companies

Hundreds of industrial companies are currently the targets of cyber-espionage activity from an advanced threat actor. The adversary uses a new version of an older info-stealer to extract sensitive data and files. The attacker uses spear-phishing emails with malicious attachments often disguised as PDF files. Separ is the malware of choice, which steals login data from browsers and email clients, also hunting for various types of documents and images.

Subscribe
Notify of
guest

2 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Nigel Stanley
InfoSec Expert
December 18, 2019 7:44 pm

The attacks on critical infrastructure and OT (operational technology) systems is relentless. I hope that a New Year’s resolution from plant owners and operators will be to embrace this risk and address it in a proportionate way before then end of 2020.

Last edited 2 years ago by Nigel Stanley
Corin Imai
Corin Imai , Senior Security Advisor
InfoSec Expert
December 18, 2019 7:42 pm

This kind of activity, likely perpetuated by a nation-state or serious organised crime group with the funds and man power to undergo such an operation, is an example of how enterprises need to protect themselves in ways unimaginable in the past; Industrial companies which fall under the remit of critical national infrastructure are just as valuable targets to a hostile nation state or an organised cybercriminal group as a government agency, and should defend themselves as such, employing the most sophisticated email filtering systems possible and focusing on cybersecurity awareness training at every level of the organisation.

Last edited 2 years ago by Corin Imai
Information Security Buzz
2
0
Would love your thoughts, please comment.x
()
x