Malware Used By Cyber-Criminals To Attack Airlines

 Malware Used by Cyber Thefts

Worrying news has emerged this week concerning cyber-attacks against energy companies, telecoms firms, government agencies and even airlines. Iranian hackers are accused of a two year campaign using malware to target the systems of airlines, hospitals, education facilities, energy companies, defence contractors and other agencies all around the world. The apparent aim of the attacks is theft of confidential security documentation.

Cylance Report

The revelations by cyber-security company Cylance state that compromised information includes employee details (ID card data and schedules) and even more concerning, PDFs of airport security systems. The hackers have infiltrated over 50 organisations in 16 countries including: the United States, Canada, Britain, China, France, India, Germany, South Korea, Pakistan, Qatar, the UAE, Turkey, Mexico, Israel, Kuwait and Saudi Arabia. A Cylance spokesman reported that ten of the hackers’ victims had their headquarters in the US and included a major airline, an energy company focussed on the production of natural gas, a medical university, a military installation and a large defence contractor.

It’s believed that if the operation is allowed to continue unchecked, the cyber-criminals’ activities will impact on the physical safety of the whole world.

Iranian Denial

The attacks have been blamed on a Tehran-based group that is responsible for cyber-attacks on the US Navy’s network over the last 12 months, although Iranian officials have denied that their country is in any way culpable for the hacks. The Iranian press office has told Reuters that the allegations are mere “fabrications” designed to tarnish the image of the Iranian government and are “baseless and unfounded”. It is further alleged that the accusations are just a smokescreen designed to hamper current nuclear talks.

Cylance have not revealed exactly how the attackers were able to hack into systems although it’s thought that they used malware to gain access to employee record data before then using the stolen identities to steal other confidential documents.

In conclusion

Reports like these are particularly worrying given the current instability in the Middle East and this should come as a wake-up call to those organisations that have yet to put in place adequate and robust security measures to protect their systems from such attacks.

Image Source: beliefsoftheheart

Recommended Posts | IT News

Metacloud Acquisition

Cisco Systems Expands Cloud Business with Metacloud Acquisition

Cisco Systems acquire Metacloud, which specializes in private clouds based on the OpenStack-based cloud computing platform. Metacloud provides private cloud solutions to large organizations with a OpenStack-as-a-Service model, delivering ready-to-use private clouds in customer's own data centers ...
Mac Security Flaw

Mac Security Flaw “Rootpipe” puts Your Company's Data at Risk

The Rootpipe vulnerability will give hackers access to any Mac computer without knowing the person’s password. Therefore, any hacker can circumvent the existing security measures to gain administrator-level privileges. According to Kvarnhammar this security flaw has existed since 2011 ...
Samsung Acquires Proximal Data

Samsung Acquires Proximal Data: Server-Side Caching Software Company

Samsung acquired Proximal Data, a flash software caching company, to boost SSD business in the server and data center market. The acquisition move will help bring server storage software expertise to Samsung's upcoming solid-state drive (SSD) solutions and boost Samsung's presence in the SSD market ...
IBM Acquires StrongLoop to Get Node.Js

IBM StrongLoop to Get Node.Js Expertise and Boost Its Software

IBM is once again bolstering its software portfolio with a strategic acquisition, this time it's the Node.js specialist StrongLoop. IBM has acquired StrongLoop, a startup that builds application development software for enterprises using open source JavaScript programming language Node.js ...