The Most Famous Advanced Persistent Threats in History
|
 |
|
The Gozi virus, named by the security experts who first discovered it in 2007, was a banking virus that infected more than one million computers in the U.S., UK, Germany, Poland, France, Finland, Italy, Turkey and elsewhere, causing tens of millions of dollars in damages. Systems at NASA were also penetrated by the attacks. The malware was rented or sold to criminal gangs by Nikita Kuzmin, a Russian national who created the Gozi virus with the support of accomplices from neighboring countries.
Initially designed simply to capture and transmit personal banking information, later versions contained a capability to intercept browser traffic and modify Web communications. Gozi was controlled through a so-called “bulletproof hosting” service that helped cyber criminals distribute the Gozi virus in a manner designed to enable them to preserve their anonymity. Gozi was disseminated to its victims through various methods, most commonly disguised as a benign PDF document.
Nikita Kuzmin was arrested in the U.S. in November 2010 and pled guilty to computer intrusion and fraud charges, but banks have continued to experience attacks from Gozi, which continues to be enhanced. A new variant of Gozi, which appeared in early 2013, infects the hard disk master boot record — an attack that cannot be easily eradicated even by reformatting and reinstalling the operating system
Many of today’s most destructive advanced persistent threats (APTs) were conceived a decade ago, so enterprises that rely on most traditional approaches to cybersecurity are unlikely to succeed against the next generation of attacks. This is one of the cautions in a new book published by global IT association ISACA in cybersecurity awareness month.
Advanced Persistent Threats: How to Manage the Risk to Your Business advises that traditional defenses such as firewalls and anti-malware are not up to the challenge of today’s APTs and that organizations need to add skills, processes and technology to their cybersecurity arsenal.
While new tools are needed to combat ever changing security threats, it is helpful to examine the history of the APT, because it is possible to derive many important lessons for defending against them in the future. The earliest use of the term “advanced persistent threat” emerged from the U.S. government sector in 2005, describing a new, deceptive form of attack that targeted selected employees and tricked them into downloading a file or accessing a website infected with Trojan horse software. This slideshow summarizes known facts, anecdotal evidence and reported claims behind some of the most well known attacks experienced over the last 15 years.
Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance
PAM Solutions: Critical to Securing Privileged Access
To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ... More >>
How Can We Fix the Fake News Problem?
Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ... More >>
The World According to Blockchain
Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ... More >>
