Chinese Cyber Attacks Target U.S. Defense Contractors, Universities

Aimed at Employees with Email Attachmets

Researchers identified an ongoing series of cyber attacks targeting many high profile organizations, including supervisory control and data acquisition or SCADA security companies, universities, and defense contractors. The attacks are using customized malicious files to entice targeted users into opening them and starting the compromise. The campaign is using a series of hacked servers as command and control points and researchers said the tactics and tools indicate the attackers may be located in China.

The first evidence of the campaign was an attack on Digitalbond, a company that provides security services for industrial control systems. The attack begins with a spear phishing email sent to employees of the targeted company and contains a PDF attachment. In addition to the attack on Digitalbond, researchers found the campaign also hit users at Carnegie Mellon University, Purdue University, and the University of Rhode Island. Also, the Chertoff Group, a government consultant, and NJVC, a government contractor, were targeted.

Alienvault identified similarities to the socalled Shady Rat attacks first publicized by McAfee in August 2011. The attackers are not hitting random targets with this campaign but are selecting their targets carefully. According to the information collected, the targets of these campaigns are somehow related with the U.S. government or U.S. Defense contractors directly, providing different services such as authentication software/hardware, Industrial Control Systems security, or strategic consulting, a researcher at IOActive wrote in an analysis on the attacks.

Pandemics, Recessions and Disasters: Insider Threats During Troubling Times

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Industrial Cybersecurity: What Every Food & Bev Executive Needs to Know

ON DEMAND: There's a lot at stake when it comes to cybersecurity. Reputation, productivity, quality. Join us to discuss the future of your global security strategy and a path forward with trusted partners Cisco and Rockwell Automation, and turn your Food & Bev security challenges into strategic advantages that drive business value.

Poll

Who has ownership or primary responsibility of video surveillance at your enterprise?

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Chinese Cyber Attacks Target U.S. Defense Contractors, Universities

Aimed at Employees with Email Attachmets

Blog Topics

Security Blog

On the Track of OSAC

Recent Comments

Insufficient information

Thankyou so much for sharing such an informative...

I just wish my mechanical lock had a...

security

Security

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.