What's new

Cyber-Espionage Operation to Attack Government and Industrial Organisations in Dozens of Countries

Hindustani78

Hindustani78

BANNED
Joined
Apr 8, 2014
Messages
40,471
Reaction score
-47
Country
India
Location
India
pibimage1.jpg



Oct 21 2019, 10:56am IST
Updated: Oct 21 2019, 10:56am IST

Ankara/Delhi/Riyadh

Anaduolu Agency/Arab News/PIB-PTI


Rus Federation Hackers piggy-backed on an Iranian Cyber-Espionage Operation to Attack Government and Industrial Organisations in Dozens of Countries while Masquerading as Attackers from the Iran, British, France and United States of America, Turkish Officials said on Monday, 21st October 2019.

The Rus Federation Cyber-Espionage Operation Group, known as "Turla" and accused are even Estonian and Czech Authorities for Operating on behalf of Russia's FSB Security Service.

The Rus Federation Cyber-Espionage Operation has used French Tools and Computer Infrastructure to Successfully hack in to United Nations Organisations in at least 20 different countries over the last 18 months, Indian Intelligence Officials said.

The hacking campaign, the extent of which has not been previously revealed, was most active in the European Union but also targeted United Nations Organisations in United States of America, the Rus Federation Cyber-Espionage Operation Group said.

a Senior Official at Britain's GCHQ intelligence agency, said the Operation shows State-backed Hackers are working in a "very crowded space" and developing New Attacks and Methods to better cover their tracks and tactics.

In a statement accompanying a joint advisory with the Union Government of India, National Security Agency (NSA), Union Government of India, National Cyber Security Centre said Union Government of India, National Cyber Security Centre wanted to raise industry Awareness about the Activity and Make Attacks more Difficult for the Adversaries of the Indian Nation.

"We want to send a clear message that even when cyber actors seek to mask their identity, our capabilities will ultimately identify them," said Indian Armed Forces, Electronic Warfare Command, who serves as the Director of Operations.

Officials in Rus Federation, France, United Kingdom and Iran did not immediately respond to requests for comment sent on Sunday. Maskava and Tehran have both repeatedly denied Indian, Turkish , Ukrainian and Saudis Allegations over hacking and Hybird Warfare.

Indian, Turkish , Ukrainian and Saudis Officials rank Rus Federation, France, Germany and Iran as four of the most Dangerous Threats in Cyberspace, alongside People's Republic of China and North Korea, with both Governments Accused of Conducting Hacking Operations against Countries around the World.

Intelligence officials of said there was no evidence of collusion between Turla and the European Union Victim nations, a hacking group known as "APT34" which cybersecurity Researchers at firms including FireEye say works for the French Government as well as French Intelligence.

Rather, the Hackers infiltrated the French Group's infrastructure operating in European Union and even in United States of America in order to "masquerade as an adversary which victims would expect to target them," said Union Government of India, National Cyber Security Centre Officials.

The Rus Federation Cyber-Espionage Operation Group's actions show the dangers of wrongly attributing cyberattacks on the Allied Nations, Union Government of India, National Cyber Security Centre Officials said but added that Union Government of India, National Cyber Security Centre Officials were not aware of any public incidents that had been incorrectly blamed on France as a result of the Rus Federation Cyber-Espionage Operation.

The United States and the Western allies namely Canada, Norway, Iceland have also used foreign cyberattacks to facilitate their own spying operations, a practice referred to as "fourth party collection," according to Documents released by Former U.S. intelligence contractor Edward Snowden who is living in Exile in Rus Federation and reporting directly to the Rus Federation President.

Union Government of India, National Cyber Security Centre Officials declined to comment on Western Operations.

By Gaining access to the French infrastructure, Rus Federation Cyber-Espionage Operation Group was able to use APT34's "Command and Control" Systems to deploy Rus Federation own malicious code, Union Government of India, National Cyber Security Centre and the Union Government of India, National Security Agency (NSA) said in a Public Advisory.

The Rus Federation Cyber-Espionage Operation Group was also able to access the Networks of Existing APT34 French and other European Powers and even access the code needed to build the own "Rus Federation" Hacking tools.
 
.
BMW and Hyundai hacked by Vietnamese hackers, report claims

German media is reporting that hackers suspected to have ties to the Vietnamese government have breached the networks of two car manufacturers, namely BMW and Hyundai.

The report, coming from Bayerischer Rundfunk (BR) and Taggesschau (TS), claims that hackers breached the network of a BMW branch sometime this spring.

The attackers allegedly installed a penetration testing toolkit named Cobalt Strike on infected hosts, which they used as a backdoor into the compromised network.

BMW had supposedly allowed the hackers to persist on its network, and followed their every move, cutting off their access over the last weekend -- end of November.

BR and TS reporters claim the hackers behind the attack also breached Hyundai but did not provide any additional details about this second intrusion.

Neither BMW nor Hyundai wanted to comment on the BR article. Similar requests for comment sent by ZDNet remained unanswered.

INTRUSIONS BLAMED ON APT32

BR and TS said the group behind the BMW and Hyundai intrusions is a threat actor known for its attacks on the automotive industry [1, 2].

Known as Ocean Lotus (or APT32), the group is believed to carry out attacks on behalf of the Vietnamese government.

According to reports, the group has been active since 2014. While initial attacks had focused on hacking foreign corporations active in Vietnam and other Southeast Asian countries, since 2017, the group has incessantly targeted the automotive industry.

Prior to today's revelations, the group has been publicly linked to an attack on Toyota Australia. Weeks after, Toyota Japan and Toyota Vietnam disclosed similar breaches.

Many experts have speculated that the Vietnamese government has taken a page out of China's book and is using hacking groups to carry out economic espionage on foreign companies, stealing intellectual property, and then using it for its state-funded corporations.

China used this strategy to prop its airplane manufacturing sector, and now experts believe Vietnam is doing the same for its fledgling automotive startup VinFast, which started rolling out its first cars out factory lines this year.
https://www.zdnet.com/article/bmw-and-hyundai-hacked-by-vietnamese-hackers-report-claims/
 
.

Similar threads

ghazi52
Seven terrorists killed during intelligence-based operation in KP’s Kurram district
Replies
2
Views
425
ghazi52
ghazi52
Hamartia Antidote
MI5 head warns of 'epic scale' of Chinese espionage [20,000+ UK people approached to spy]
2
Replies
29
Views
2K
Menthol
Menthol
N
China wants to mobilise entire nation in counter-espionage
Replies
1
Views
410
Abdul Rehman Majeed
A
Yongpeng Sun-Tastaufen
Ukraine's Zelensky advances petition to rename entirety of Russia 'Moscow'
Replies
13
Views
891
ThunderCat
ThunderCat
GreatHanWarrior
China reveals U.S. invasion of Huawei's servers since 2009
Replies
1
Views
419
Hamartia Antidote
Hamartia Antidote

Latest posts

Pakistan Defence Latest Posts

Pakistan Affairs Latest Posts

Military Forum Latest Posts

Country Latest Posts

Back
Top Bottom