DROP US AN ENQUIRY / FEEDBACK

  • Name

  • Email

  • Company

  • Contact no.

Message

CAPTCHA Image   Reload Image
Enter Code*:

Thank you for your enquiry, we will get back to you shortly

Latest news 16 Aug 2016 - ACA Pacific Appointed by Autodesk as Regional Value Added Distributor
Latest news 14 Jul 2016 - Progress Named a Visionary in Gartner 2016 Magic Quadrant for Mobile App Development Platforms
Latest news 10 Aug 2016 - Autodesk Industry Collections Now Available Worldwide
Latest news 10 Aug 2016 - Ten Big Reasons to Scan Wirelessly in Pharmaceuticals & Healthcare
Latest news 09 Aug 2016 - Eaton’s Expanded Series of FD85 Thread to Connect Couplings Provides Additional Sizes for Reliable Connections in Oil and Gas A
Latest news 12 Jan 2017 - ACA Pacific Technology launches Alcatel-Lucent Enterprise Solutions across Asia Pacific

Anonymous Hacker Group Plans Targeted Attack on Oil Industry

Trend Micro Urges Enterprises to Embrace Advanced Threat Detection Security Solutions

Leading global security company Trend Micro Incorporated (TYO:4704) has documented anomalous malicious activity that indicates the hacktivist group Anonymous has launched its attacks on the oil industry – June 20, 2013.

Anonymous claim that they intend to launch a series of attacks on the world's oil industry, under the operation codename #OpPetrol, as a response to the fact that oil is traded with the US dollar instead of the currency of the country where it was harvested. While June 20th is the day that most attacks are expected to occur and be made public, the group has already begun mobilising since last month.

According to Anonymous, approximately 1,000 websites, 35,000 email credentials, and more than 100,000 Facebook accounts have been compromised as a part of the #OpPetrol operation. In addition, Trend Micro has found that compromised systems (botnets) are already hitting websites of the intended targets, possibly as part of a distributed denial-of-service (DDoS) attack.

The particular malware being used to direct infected systems to attack the intended targets is a backdoor trojan known as CYCBOT, which allows attackers unauthorized access and control of an affected computer. After a computer is infected, the trojan connects to a specific remote servers – also known as Command & Control (C&C) servers, to receive commands from attackers. The trojan allows attackers to perform backdoor functions such as launching a DDoS attack or retrieve information from the infected computer. Most importantly, the trojan can disable security-related processes that are running on the system.

Trend Micro researchers have found a significant number of government websites in Kuwait, Qatar, and Saudi Arabia – sites that were in the #OpPetrol target list -- have already gone offline. Trend Micro recommends that organizations should partner with local telecommunication service provider to monitor and mitigate a DDoS attacks, and look for any sign of a breach or network compromised by monitoring for C&C communications inside their network.

"The IT threat landscape has evolved – cyber- attacks are now targeted, customized and persistent," according to Richard Sheng, Sr. Director of Enterprise Security, Trend Micro Asia Pacific. "While hacktivist makes announcements of their attack campaign, most cyber-crimes and espionages goes undetected by conventional security controls such as firewall, antivirus or intrusion detection systems. Organizations need to assume they will be compromise, and redefine their IT security with that mental model."

Gaps and Challenges with Conventional Security Controls

Traditional perimeter security defense are insufficient. Coupled with social engineering techniques, spear-phishing attacks are penetrating perimeters and injecting backdoor trojans inside your network.

Signature-based anti-virus solutions are useless against customized malware that are tested before putting into actions.

Exploitation of known or zero-day system vulnerabilities will continue, as attackers bet on the fact that organizations can't patch systems fast enough.

Once inside your network, backdoor agents evade detection, steal credentials, establish additional footholds, and perform network reconnaissance to locate assets of interest.

Best Practices Against Targeted Cyber Attacks

Under the assumption that we will be compromised, organizations must improve detection capabilities that provide visibility of a breach, and establish an incident response process/plan that can quickly mitigate and minimize the impact.

People:
- Educate employee around the risk of sharing too much information on social networking and how it relates to spear-phishing attacks tactics.
- Improve forensic and threat analysis capability within IT security team

Process:
- Remove administrative privilege for most end-users
- Shutting down vulnerabilities early
- Establish incident response plan and team
- Centralize monitoring of security events and logs

Technology:
- Detect & block spear-phishing attempts at the perimeter
- Increase visibility of C&C communication on the network
- Add vulnerability shielding capability to mission critical systems to
- Employ customizable sand-boxing capability to analyze zero-day customized malware
- Monitor critical systems for unauthorized changes with file integrity monitoring

Trend Micro Deep Discovery provides visibility, insight, and control over networks to defend against targeted threats. Deep Discovery uniquely detects and identifies evasive threats in real-time and provides customizable sandbox analysis and actionable intelligence to prevent, discover, and reduce risks.

For further information on this threat, please see the following Trend Micro blog posts:
- Anonymous' #OpPetrol: What is it, What to Expect, Why Care?
- Anonymous' #OpPetrol: Leading into June 20

To learn about targeted attacks and recommendations for corporate IT, please see: http://apac.trendmicro.com/apt

About Trend Micro
Trend Micro Incorporated (TYO: 4704;TSE: 4704), a global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers. A pioneer in server security with over 20 years' experience, we deliver top-ranked client, server and cloud-based security that fits our customers' and partners' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro Smart Protection Network cloud computing security infrastructure, our products and services stop threats where they emerge – from the Internet. They are supported by 1,000+ threat intelligence experts around the globe.

Additional information about Trend Micro Incorporated and its products and services are available at Trend Micro.com. This Trend Micro news release and other announcements are available at http://NewsRoom.TrendMicro.com and as part of an RSS feed at www.trendmicro.com/rss. Or follow our news on Twitter at @TrendMicro.

Link: http://apac.trendmicro.com/apac/about-us/newsroom/releases/articles/20130620073335.html

For more details you may contact:
Chan Yuen Wei  |  03-7803 4600  |  yuenwei.chan@acapacific.com.my

Product Search

 

Contact Us

  • ACA Pacific Technology (M) Sdn Bhd
  • + 60 (3) 7803 4600
  • + 60 (3) 7804 6017
  • Penang Office
  • + 60 (4) 619 2593
  • + 60 (4) 619 2693

Our Vendor Profile

vendorprofile