Kaspersky Lab’s experts identified in the first quarter of 2017 a strong increase in the sophistication of State-controlled cyber attacks. The attackers use for APTs (Advanced persistent threat) stronger on wiper, so programs with their help files can be destroyed, as well as on crime in the financial sector. Kaspersky Lab now first published these and other trends in its quarterly APT report . New trends report in the APT landscape presents the main developments in targeted attacks and informs other organizations about threats that require immediate attention. The content stems from the observation of the activities of APT actors each quarter by the Kaspersky Lab’s experts.
the security specialists according to were the first three months of this year essentially marked by three APT developments. Therefore, the actors behind targeted attacks wiper programs used for Cybersabotage and for the Elimination of traces in the wake of the attacks. So, as a new generation was used by Wipern in the Shamoon attacks . The investigation of the case led discovery of its similarities with the code of the NewsBeef Group (charming kitten) and StoneDrill to .
targeted attacks are used to steal money. In their long term observation of the Lazarus group, Kaspersky Lab’s experts encountered BlueNoroff administration claims. This player actively go financial institutions in different regions, so the experts. Probably also behind the BlueNoroff, put bank robbery in Bangladesh .
cyber criminals and especially actors who carry out targeted attacks, use dateilose (“fileless”) malware can be difficult discovered and forensically examined. Examples of this were the experts at Kaspersky Lab in the so-called lateral movement tools of Shamoon attacks attacks on banks in Eastern Europe and numerous other actors of APT.
“the targeted attacks threat landscape is changing constantly, and the attackers are always better prepared to detect new vulnerabilities and opportunities and to take advantage of,”explains Juan Andrés Guerrero-Saade, senior security researcher in the global research and analysis team (GReAT) at Kaspersky Lab. “Therefore, threat intelligence is so important: organizations gain so the necessary knowledge and realize what countermeasures need to be taken.” The threat landscape of the first quarter of 2017 shows an increased need for Speicherforensik and incident response to dateilose malware attacks. Also security solutions should be used, which can detect anomalies on all ongoing activities in the network.”
Kaspersky Lab’s experts reported to follow currently over one hundred threat actors and investigating complex malicious attacks against private and government organizations in more than 80 countries. In the first quarter of 2017 created the expert 33 reports, forensic analysis and the hunt for malware to help subscribers to the intelligence services of Kaspersky Lab. The reports include YARA rules and also compromise indicators (indicators of compromise, IOC).
get to know the building blocks of enterprise cloud platform in this audio Webinar. Learn how to achieve maximum freedom and flexibility for your applications. More outcome achieved with less input – specific application examples. [Update: the webinar has already occurred.] Register now and look at the record.