Sophisticated Cyberattack Targets German Aerospace Center
Softpedia.com reported on 14th April, 2014 stating that a foreign intelligence agency apparently targeted The German Aerospace Center (DLR), Germany's national hub for aerospace, transportation and energy research, with cyberattacks.
German publication Der Spiegel first reported the news on 13th April, 2014 and confirmed that systems used by admin workers and scientists have been infected with trojans and Spyware.
The cyberattacks seem to be sophisticated and said to be effective on all operating systems used by the DLR. In some cases, the forensic investigators, analyzing the infections did not discover the presence of malware as it was programmed for self destruction on the very moment of interception by an anti-virus.
Moreover, the attacks have been catalogued as being extremely serious because data related to armor and rocket technologies is stored by the DLR.
Rt.com published a report on 14th April, 2014 quoting an insider of Der Spiegel known to the probing as saying that the malicious code intercepted by the Germans recommended a Chinese hand. Chinese characters in comments and recurring typos characteristic of Asian programmers were also contained.
The insider said that those may be just camouflage to hide true identity of the attacker and involvement of a western intelligence organization such as the USA's NSA (National Security Agency) cannot be ruled out.
SCMagazineUK.com published a report on 14th April, 2014 quoting Graeme Batsman, Security Director of independent UK based IT Security EncSec as saying: "DLR reports prove how easily the organizations can be penetrated by attacks of spear-phishing."
He added: "Conventional singular defenses like anti-virus, anti-spam and firewalls are not successful in identifying even semi-advanced malware let alone something targeted. What is required is a multi-tiered security with modules focusing on regular loopholes like links and files which Internauts suspect less (PDF, Excel, Word etc.)."
Batsman added:"A simple tactic to have your data secured as bullet-proof is to have two screens, two desktops and two servers. Each setup is isolated and the one for core data has no links with the outer world. Several western regimes have a preset policy and if the data categorization is above 'restricted' for example, it has to be stockpiled on a closed network.
» SPAMfighter News - 24-04-2014