Connecting to LinkedIn...

W1siziisijiwmtuvmdqvmtuvmdgvntqvmzgvnzi1l01ptlrbu0hfqkxpr19vtljftkrfukvex0lnqudfx3jlc2l6zwrfyw5kx3jlbmrlcmvklmpwzyjdlfsiccisinrodw1iiiwimtkymhgxmjuwiyjdxq

Blog

State-sponsored Hackers Gear Up for G20

11/11/2014 by Sharon Shahzad

W1siziisijiwmtqvmtevmtevmtyvmduvmjmvndqvzziwlmpwzyjdlfsiccisinrodw1iiiwinjawedqwmfx1mdazzsjdxq

Security experts have warned that this weekend’s G20 Summit in Brisbane could form the backdrop to widespread cyber intrusions, web defacements and even DDoS attacks.

A new Threat Assessment report from security firm CrowdStrike claimed that events in the past have proven to be a fertile hunting ground for state-sponsored hackers, using G20 as a spear phishing lure to install Remote Access Tools (RATs) on victim machines.

They’ve also seen defacements of G20 web properties and even DDoS attacks against various parties by hacktivist collective Anonymous.

Last year in St Petersburg there were even rumors that Russian hosts had handed out free USB sticks infected with malware.

CrowdStrike said that although “Australia is well prepared in general terms” for cyber security at the summit, entities directly or indirectly interested in the event should prepare for spear phishing campaigns.

China is likely to be among the most active countries, it claimed, using social engineering to install RATs on victim PCs.

The report added:

“CrowdStrike and others have documented multiple instances of Chinese intrusion sets, including NUMBERED PANDA, TEMPER PANDA, and Ke3chang/VIXEN PANDA, using the G20 Summit as a lure in previous spear phishing efforts. These actors consistently make use of high-profile events and summits in their campaigns.”

Hacktivists may also use the event to protest about Australia's controversial surveillance laws and climate change policies, with the additional prospect of Anonymous Indonesia resurrecting a November 2013 campaign against Australia, it claimed.

The presence or otherwise of Russian president Vladimir Putin could also provide a potential flashpoint for cyber activity, given the ongoing international outrage at the downing of a Malaysian Airlines flight over east Ukraine.

CrowdStrike also warned delegates staying out of town to be doubly vigilant:

This article has been extracted from http://www.infosecurity-magazine.com, please click on this link to read the article in full http://www.infosecurity-magazine.com/news/statesponsored-hackers-gear-up-for/.

Montash is a multi-award winning, global technology recruitment business. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:

ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy & Technologies, Demand IT and Business Engagement, Digital and E-commerce, Leadership Talent, Infrastructure and Service Delivery, Project and Programme Delivery.

Montash is headquartered in Old Street, London, in the heart of the technology hub. Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid management in permanent and contract roles.

comments powered by Disqus

Social Stream

Latest News

W1siziisijiwmtcvmdkvmjkvmdgvmtmvmjkvmjgyl1vudgl0bgvkigrlc2lnbiaomjuplmpwzyjdlfsiccisinrodw1iiiwimzgwedewmcmixv0

Are PSLs a Blocker or an Enabler?

2017-10-02 11:00:00 +0100

The use of a Preferred Supplier List (PSL) was intended to support and strengthen relationships and performance between organisations and their third party suppliers. As the technical landscape continues to evolve at rapid rate recruitment and demand for new skills becomes more intense. Are PSLs still the solution or an obstacle to sourcing the right talent? The traditional PSL A dedicated list of partners intended to guarantee quality and availability ...

W1siziisijiwmtcvmdkvmjevmdgvndmvmduvmtmxl1vudgl0bgvkigrlc2lnbiaomjmplmpwzyjdlfsiccisinrodw1iiiwimzgwedewmcmixv0

Why do we punish the victims of hacking?

2017-09-21 09:00:00 +0100

Hacks occur every 39 seconds, with 95% of them targeting governments, retailers and the tech industry. If the hackers are caught, they'll face prison time under the Computer Misuse Act. More often than not, the businesses who are victims of those attacks expose themselves to punishment of their own. The laws that determine the duty of protection owed to businesses and their customers is both vague and broad, making them question just how much protection...