Cyber Espionage Report: APT at RUAG
During a meeting last week in Belgium with Koen Van Impe, a security analyst with federal cyber emergency team, CERT.be, he recommended I look at a report involving a cyber espionage case involving the firm RUAG. “From a tech point-of-view… the persistence (and patience) of the attacker to get and maintain access and do lateral movement is an interesting read,” said Van Impe.
Two years ago, CERT.be security analysts discovered an Advanced Persistent Threat (APT) at RUAG rm, a Swiss government-owned defense technology company. For over a year, the analysts detected and cracked the layers of software, encryption, and reconnaissance techniques used by the attackers.
The cat and mouse game of cyber espionage and counterespionage came to an end in March 2016 when several reports appeared in the press about the incident. The leaked reports brought enough exposure to end the investigation (and, presumably, the infiltration) at RUAG.
No comments:
Post a Comment