Researchers identified an ongoing series of cyber attacks targeting many high profile organizations, including supervisory control and data acquisition or SCADA security companies, universities, and defense contractors. The attacks are using customized malicious files to entice targeted users into opening them and starting the compromise. The campaign is using a series of hacked servers as command and control points and researchers said the tactics and tools indicate the attackers may be located in China.

The first evidence of the campaign was an attack on Digitalbond, a company that provides security services for industrial control systems. The attack begins with a spear phishing email sent to employees of the targeted company and contains a PDF attachment. In addition to the attack on Digitalbond, researchers found the campaign also hit users at Carnegie Mellon University, Purdue University, and the University of Rhode Island. Also, the Chertoff Group, a government consultant, and NJVC, a government contractor, were targeted.

Alienvault identified similarities to the socalled Shady Rat attacks first publicized by McAfee in August 2011. The attackers are not hitting random targets with this campaign but are selecting their targets carefully. According to the information collected, the targets of these campaigns are somehow related with the U.S. government or U.S. Defense contractors directly, providing different services such as authentication software/hardware, Industrial Control Systems security, or strategic consulting, a researcher at IOActive wrote in an analysis on the attacks.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

Join our subject matter experts as they explore how the right systems can help identify, analyze and report potential incidents and help building owners sustain compliance and create safer spaces.

Security Magazine

2020 September

This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.

View More Create Account

Chinese Cyber Attacks Target U.S. Defense Contractors, Universities

Aimed at Employees with Email Attachmets

Blog Topics

Security Blog

On the Track of OSAC

Recent Comments

Insufficient information

Thankyou so much for sharing such an informative...

I just wish my mechanical lock had a...

security

Security

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog