Experts Comments: Utility Companies Across America Targeted In New Spear-phishing Campaign

It has been reported that a mysterious state-sponsored hacking group has targeted at least 17 US utility firms with phishing emails for a five-month period between April 5 and August 29. The purpose of these attacks was to infect employees at US utility firms with LookBack, a remote access trojan with an extensive set of features. While no formal attribution has been made, the attacks are believed to be the work of Chinese hackers, and more precisely, the work of a group tracked as APT10, based on some pieces of reused code.

Full Story Here: https://www.zdnet.com/article/17-us-utility-firms-targeted-by-mysterious-state-sponsored-group/

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Lamar Bailey
Lamar Bailey , Senior Director of Security Research
InfoSec Expert
September 25, 2019 12:56 pm

US utility companies are enormous target for bad actors around the world. Being able to shutdown utilities or hold them for ransom would be a big blow to the nation that could result in outages or even deaths. Many of the critical utility systems are air-gapped from normal IT networks so remote attacks will not be successful therefore the attackers target the employees and their mobile devices in hopes that they can eventually get access to the critical networks. I hear people say all the time “I am not a target I am not CEO or anything” but this is no longer true. Any employees with access to important systems are targets, nation-state attackers want your access, not your bank account. When these reports and finding become available they should be relayed to employees with instructions on how to protect themselves and the organizations.

Last edited 3 years ago by Lamar Bailey
1
0
Would love your thoughts, please comment.x
()
x