Experts Reaction On Cyber-Espionage Campaign Targets Hundreds Of Companies

Hundreds of industrial companies are currently the targets of cyber-espionage activity from an advanced threat actor. The adversary uses a new version of an older info-stealer to extract sensitive data and files. The attacker uses spear-phishing emails with malicious attachments often disguised as PDF files. Separ is the malware of choice, which steals login data from browsers and email clients, also hunting for various types of documents and images.

Experts Comments

December 18, 2019
Nigel Stanley
CTO
TUV Rheinland
The attacks on critical infrastructure and OT (operational technology) systems is relentless. I hope that a New Year’s resolution from plant owners and operators will be to embrace this risk and address it in a proportionate way before then end of 2020.
December 18, 2019
Corin Imai
Senior Security Advisor
DomainTools
This kind of activity, likely perpetuated by a nation-state or serious organised crime group with the funds and man power to undergo such an operation, is an example of how enterprises need to protect themselves in ways unimaginable in the past; Industrial companies which fall under the remit of critical national infrastructure are just as valuable targets to a hostile nation state or an organised cybercriminal group as a government agency, and should defend themselves as such, employing the.....Read More
This kind of activity, likely perpetuated by a nation-state or serious organised crime group with the funds and man power to undergo such an operation, is an example of how enterprises need to protect themselves in ways unimaginable in the past; Industrial companies which fall under the remit of critical national infrastructure are just as valuable targets to a hostile nation state or an organised cybercriminal group as a government agency, and should defend themselves as such, employing the most sophisticated email filtering systems possible and focusing on cybersecurity awareness training at every level of the organisation.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.