Rabitə və İnformasiya Texnologiyaları Nazirliyinin elektron xəbər xidməti

Hackers target intelligence agency contractors


Hackers, likely working for foreign governments, are actively trying to steal classified government data by breaking into the computer networks of contractors that work for U.S. intelligence agencies.
Through a targeted "spear phishing" campaign, hackers are sending emails tainted with malicious software to contractors, according to two security firms, which heard about the attacks after an executive at one contractor sent them a copy of the email. Researchers at the security firms would not identify the contractor on Thursday. Recent targets of cyber attacks have included defense contractor Lockheed Martin Corp and three publicly funded research laboratories. In spear phishing attacks, hackers target a small number of victims with emails containing detailed information related to their lives in an effort to persuade them to let their guard down and click on infected links. The researchers said these malicious emails falsely claimed to be from the U.S. government's Intelligence Advanced Research Projects Activity, or IARPA.
So far, the researchers have identified only one victim, but they said early analysis of the code contained in that email links it to malware submitted by other security experts over the past 10 days."It appears to be from a persistent adversary that is trying multiple attempts to get in," said Anup Ghosh, the chief executive of Invincea, one of two firms that analyzed the tainted email. He said the hackers were likely backed by a "foreign actor," based on the fact that they were targeting a government contractor.
The malware was designed to be downloaded when the victim clicked on a link to a spreadsheet with the names and contact information of 163 high-level officials with contractors who had attended a recent "project day" conference at IARPA, according to Ghosh.




22/07/11    Çap et