Security experts have warned that this weekend’s G20 Summit in Brisbane could form the backdrop to widespread cyber intrusions, web defacements and even DDoS attacks.
A new Threat Assessment report from security firm CrowdStrike claimed that events in the past have proven to be a fertile hunting ground for state-sponsored hackers, using G20 as a spear phishing lure to install Remote Access Tools (RATs) on victim machines.
They’ve also seen defacements of G20 web properties and even DDoS attacks against various parties by hacktivist collective Anonymous.
Last year in St Petersburg there were even rumors that Russian hosts had handed out free USB sticks infected with malware.
CrowdStrike said that although “Australia is well prepared in general terms” for cyber security at the summit, entities directly or indirectly interested in the event should prepare for spear phishing campaigns.
China is likely to be among the most active countries, it claimed, using social engineering to install RATs on victim PCs.
The report added:
“CrowdStrike and others have documented multiple instances of Chinese intrusion sets, including NUMBERED PANDA, TEMPER PANDA, and Ke3chang/VIXEN PANDA, using the G20 Summit as a lure in previous spear phishing efforts. These actors consistently make use of high-profile events and summits in their campaigns.”
Hacktivists may also use the event to protest about Australia's controversial surveillance laws and climate change policies, with the additional prospect of Anonymous Indonesia resurrecting a November 2013 campaign against Australia, it claimed.
The presence or otherwise of Russian president Vladimir Putin could also provide a potential flashpoint for cyber activity, given the ongoing international outrage at the downing of a Malaysian Airlines flight over east Ukraine.
CrowdStrike also warned delegates staying out of town to be doubly vigilant:
This article has been extracted from http://www.infosecurity-magazine.com, please click on this link to read the article in full http://www.infosecurity-magazine.com/news/statesponsored-hackers-gear-up-for/.
Montash is a multi-award winning, global technology recruitment business. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy & Technologies, Demand IT and Business Engagement, Digital and E-commerce, Leadership Talent, Infrastructure and Service Delivery, Project and Programme Delivery.
Montash is headquartered in Old Street, London, in the heart of the technology hub. Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid management in permanent and contract roles.