News
Targeted campaign of whaling attacks - Fujitsu comment
August 2016 by Bryan Campbell, Senior Security Research for Enterprise
Over the past 24hrs, Fujitsu has observed a highly targeted campaign of whaling attacks. Please see below comments from Bryan Campbell, Senior Security Research for Enterprise & Cyber Security in UK & Ireland at Fujitsu.
“We’ve observed over the past 24hrs a highly targeted campaign of whaling attacks against a number of senior executives, including board members across sectors ranging including retail and utilities. These attempts included the delivery of a remote access Trojan which included the capability to steal keystrokes, capture screenshots and retrieve sensitive credentials.
“Once again, this highlights the dangers associated with phishing and the need to monitor for targeted campaigns. These campaigns were crafted specifically at individuals with the goal of collecting sensitive information to potentially mount further attacks. The sensitivity surrounding the targets precludes us from sharing the IOC’s presently.
“Stolen account credentials are often offered for sale on forums as a result of a breach, or a third party incident which involves data loss. The Verizon DBIR 2016 suggests that 63% of attacks it studied used stolen credentials during attacks. In addition, the use of stolen credentials are often combined with other attack methods. In February 2016, a Austrian Aircraft parts manufacturer was relieved of his position as the result of a €30.9m whaling ‘attack’ which gives credibility to the vigilance needed to prevent such attacks from happening.”
