Trend
Micro Incorporated, a global leader in cybersecurity solutions, today
released its latest research
report on the
activity of Pawn Storm (aka APT28 and Fancy Bear), an active cyber espionage
group that targets the global defense industry and politicians, among others.
Trend Micro’s researchers have found and continue to find phishing domains
created in March and April connected to political campaigns in France and
Germany. Konrad Adenauer Stiftung, a political organization in Germany, and
Emmanuel Macron’s campaign in France have both been targeted this year.
The Pawn Storm group has been operating for
years and Trend Micro first took note of their activities way back in 2004.
But Pawn Storm has
become increasingly relevant over the past two years, particularly because the
group has been found to be doing more than espionage alone. In 2016, Pawn Storm
attempted to influence public opinion, influence elections, and attempted to
sway the mainstream media with stolen data. Today the impact can be felt by
various industries and enterprises operating throughout the world. Even the
average citizen might be impacted as Pawn Storm tries to manipulate people’s
opinions about domestic and international affairs.
The research paper by Trend Micro takes a look at Pawn Storm's operations within the last two
years which also has compiled data on targets and campaigns conducted by the
group, as well as details on the specific attacks used to compromise victims.
The paper also provides some guidelines on how to defend against this
increasingly relevant threat, as well as solutions that can protect organizations from Pawn Storm's tactics.
“Our researchers have observed activity going
back seven years targeting government, military, media, and political
organizations around the world. In this report our researchers document
the group’s shift to focus on cyber propaganda over the past two years and
their 400 percent increase in targeting activity in 2016 alone,”said Ed Cabrera, Chief Cybersecurity
Officer, Trend Micro.
Following the extensive headlines made in 2016
related to their impact on the U.S. election, Trend Micro’s 2017
predictions report states that cyber
propaganda will become a norm. The report even references the elections in
France and Germany where we now see Pawn Storm meddling.
To defend against an attacker like Pawn Storm,
Trend Micro provides Trend
Micro™ InterScan™ Web Security, which is a virtual appliance or a cloud-based
service that protects
against cyber threats at the internet gateway with Advanced Persistent Threat
(APT) detection, real-time web reputation, and URL filtering. This tool blocks
user access to malicious URLs that are part of elaborate phishing scams. Pawn
Storm uses command-and-control (CnC) servers across multiple countries to
communicate with compromised systems, relay information, and deploy their
attacks. Trend Micro Deep Discovery Inspector prevents these scenarios from taking
place by monitoring network traffic, C&C communications, encryption
behaviors, and zero-day exploitation.
No comments:
Post a Comment