Mobile Security & Enterprise Mobility Blog

Cutting through the Weekly Mobile Security Noise: The Kaspersky Lab Disclosure

This week we’ve been monitoring reactions to a report released on Monday by Kaspersky, the Moscow-based internet security company. The firm claims it has uncovered spying software inside the hard drives of several institutions across thirty different countries, making it “the most sophisticated attack the world has seen to date.” Events from this week serve as a healthy reminder that cyber security is a global responsibility and we need to work together to protect individuals and organizations. Here’s a look at what we have been following:

Hackers steal directly from banks in ‘new era’ of cyber crime

Kaja Whitehouse explores what experts are calling a “new era” of cyber hacking, where criminals steal directly from institutions instead of their customers. According to Kaspersky’s report, a group of cyber hackers, nicknamed the “Equation Group,” gained control of several bank’s internal systems stealing 1 billion from 100 banks across 30 countries. Michael Daly, chief technology officer for Raytheon’s cyber-security business warns that the level of sophistication of these attacks means the malware could easily spread to other industries. “It’s definitely not limited to banks, says Daly, it could happen with any company with business-to-business transactions.”

Newly Discovered ‘Master’ Cyber Espionage Group Trumps Stuxnet

Security experts say the Equation Group’s malware may be closely related to other powerful threats created by the NSA. The Kaspersky report claims the group malware is linked to Stuxnet and Flame, but dominates those attacks. This suggests the group has ties to Stuxnet — the NSA-led cyberweapon that was used to sabotage the Iran’s uranium enrichment facility.” Costin Raiu, head of Kaspersky’s global research and analysis team says the Equation Group has basically gone dark since 2014, “All of their command-and-control servers were moved to the US in 2014, according to Raiu, who says his team has found about 300 of their servers worldwide.”

Desert Falcon Group Swooped on One Million Files

Kaspersky Lab also claims to have discovered Desert Falcons, the first cyber-criminal group targeting high profile individuals and organizations from counties in the Middle East. The report states that these individuals attacked “3,000 victims in 50+ countries, with more than one million files stolen.” The Falcon’s method is to deliver malicious files via e-mails, social media and chat messages. Kaspersky Lab principal security researcher, David Emm, told Infosecurity that staff awareness raising and education is also vital. “The Desert Falcons attacks make heavy use of social engineering – tricking people into loading malicious code. So it’s important that organizations in the region take account of this when developing their security strategy,” he added.

Forget who’s behind Equation malware, just focus on the threat

According to experts within the security community, businesses need to concentrate on “upgrading their defenses against the Equation malware, rather than worry about whether the NSA is its author.” Malware expert at Tenable Network Security Ken Bechtel says attribution is getting in the way of what businesses can learn from the Equation group. “There will always be new and novel malware. More important is the processes of working out which threat actors are your primary concerns, and putting together a coherent strategy to deal with those, he said.”