November 07, 2017 Alert (TA17-293A)
Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors
On 20th October of this year a Statement was realeased about a joint Technical Alert as a result of the findings found in the analytic efforts between the Department of Homeland Security and the Federal Bureau of Investigation.
The alert provides information on advanced persistent threat actions targeting government entities and organizations in the energy, nuclear, water, aviation, and critical manufacturing sectors. Working with U.S. and international partners, the two Organistations identified victims in these sectors. The report contains indicators of compromise and technical details on the tactics, techniques, and procedures used by APT actors on compromised victims’ networks.
The Department of Homeland Security assesses this activity as a multi-stage intrusion campaign by threat actors targeting low security and small networks to gain access and move laterally to networks of major, high value asset owners within the energy sector. Based on malware analysis and observed IOCs, Department of Homeland Security has confidence that this campaign is still ongoing, and threat actors are actively pursuing their ultimate objectives over a long-term campaign. The intent of this product is to educate network defenders and enable them to identify and reduce exposure to malicious activity.
To read the full report please click on the link below:
To discuss any aspects of the report and how Countersnipe would be able to help protect your organization from such threats, please click on the link below and fill in your details.
Copyright: CounterSnipe Systems LLC