The attacks make use of social engineering techniques and legitimate documents, such as memos and documents detailing equipment settings or other industrial process information, which have apparently been stolen from the company under attack or its business partners.From 2018 to at least the early fall of 2020, attackers sent phishing emails laced with malware.
#Administration Server Was Improperly Installed Kaspersky software
We reported these attacks in 2018 in an article entitled “ Attacks on industrial enterprises using RMS and TeamViewer”, but recent data shows that the attackers have modified their attack techniques and that the number of enterprises facing the threat of infection is growing.īefore publishing this report, we waited for the vendor of the RMS software to make changes to its services to ensure that the results of this research could not be used to exploit vulnerabilities. The emails target companies and organizations from different sectors of the economy that are associated with industrial production in one way or another.
In summer 2019, Kaspersky ICS CERT identified a new wave of phishing emails containing various malicious attachments.
0 kommentar(er)
