Lazarus targets European Aerospace and defence companies

The Lazarus group have been identified as the primary candidate for targeting European and Middle East aerospace and military businesses.  Targeting employees through LinkedIn, for espionage. The attacks are well thought through and orchestrated (you’d expect as much if you’re targeting the employees of aerospace and military companies), and what better platform to use for phase 1 of an attack. Sending innocuous friend invites from fake accounts which include links loaded with malicious content.  The attacks are complex and the different stages of the attack use various techniques to hide code, avoid AV and use ‘living of the land’ (a great phrase) techniques to reduce the foot print of the malicious code.

This appears to be a sophisticated threat targeting the aerospace and military sector.  Organisations who develop, deliver, maintain and use weapon systems at and for state level clients.  A threat which maybe difficult to identify and manage even for the most mature cyber complaint organisations.  I wonder how many are US defence contractors and where appropriate DFARS 48 CFR § 252.204-7012 compliant?

Full article from: We live security

About CMMC Europe

Experienced cyber security professional with 20 years experience as CISO and global head of cyber risk. Advising boards of Engineering and Manufacturing, Publish and Media and Financial Services meet and maintain cyber risk management and regulatory compliance.

Leave a Comment

Your email address will not be published. Required fields are marked *

I accept the Privacy Policy