Welcome to the March 2014 Newsletter.
Everywhere you turn, it seems that another malicious attack is taking place. A particularly intriguing one of late - though not if you've been hit by it, of course! - is Kaspersky Lab's discovery of 'The Mask' (aka Careto). This is an advanced Spanish-language speaking threat actor that has been involved in global cyber-espionage operations, in one guise of another, since at least 2007. The latest onslaught has been noted as one of the most advanced campaigns to date, due to the complexity of the toolset used by the attackers.
And it's the 'big boys' primarily that are the cyber-espionage program's targets, such as government institutions, diplomatic offices and embassies, energy, oil and gas companies, research organisations and activists. Several reasons lead Kaspersky Lab researchers to believe this could be a nation-state sponsored campaign, which, in terms of sophistication, puts it ahead of Duqu (a sophisticated Trojan that seems to have been written by the same people who created the infamous Stuxnet worm. Its main purpose, states Kapersky Lab expert Ryan Naraine, is to act as a backdoor into the system and facilitate the theft of private information).
Over 31 countries have been affected so far by The Mask, with 380 unique victims, according to Kapersky, with the UK experiencing 109 of these unique attacks, making it the third most targeted country globally. All of which is to say that the attack landscape has never been so threatening. While technology will help to keep you safe, it isn't the whole answer. To go with that, you need to have the right processes and policies in place - across your organisation. And they are only right when rigorously and constantly implemented.
To make sure you get your copy of the Newsletter emailed to you personally, every time, click here to register.
Brian Wall, Editor
Follow us :