About mid-August this year, the hospitality sector throughout Europe and the Middle East was subjected to a cyber security threat by cyber espionage group known as advanced persistent threat group number 28 (APT28).
Beginning in early July 2017, a spearfishing hack victimized travelers in these areas via email with an attachment document sent to targeted hotels. If the travelers opened the attachment, the macro executed, which installed GAMEFISH malware, thus allowing APT28 access to a hotel’s guest and internal Wi-Fi networks. This time, no guest credentials were reportedly stolen, however, in Fall 2016 APT28 did gain accessibility to individual networks in a separate attack. It is likely this access was stolen from a hotel Wi-Fi network.
APT28 gained access in part through EternalBlue, the NSA’s security exploit leaked earlier this year by Shadow Brokers. This exploit was subsequently used by the WannaCry ransomware, as well as the NotPetya attacks in May and June, respectively.
Who is APT28?
APT28, aka Pawn Storm or Sofacy, is thought to be sponsored by the Russian government. Security experts credit APT28 with sophisticated jobs, including being suspected of interfering with the U.S. 2016 election. APT28 is also known as Fancy Bear; its latest moniker stemming from the code used to ID the hackers.
Typically, their targets include government, military, and security organizations; this was the first reported time APT28 attacked a different sector. However, their modus operandi is not necessarily to secure information for personal gain, but to use as leverage or collateral against a government or another authoritative entity.
How Does This Affect You?
With people’s personal lives and information intersecting more with the online sphere and hackers continually refining their techniques, the threat of a cyber security breach is always on the horizon.
Just recently, the disastrous Equifax breach proves still how vulnerable not only individuals are but even major companies. What’s worse is that even when security patches are offered, they are not always implemented immediately, also seen in the Equifax case.
Another attack just reported by Reuters on Monday, September 25th details a data breach involving Deloitte. They state that only a small portion of their clients were affected, but it’s worth noting that its customers make up 80% of the Fortune 500 list. Additionally, details about the breach indicate that Deloitte’s internal email was hacked. Though Deloitte is a global accounting firm, only U.S. operations were targeted. The breach was discovered in March of this year, but could possibly have gone back to October 2016.
How Does RCS Fit into the Picture?
Despite attacks and frequency on the rise, cyber security is still not taken as seriously as it should be. RCS can help individuals and businesses take a responsible and proactive approach to mitigating online security threats.
Risk Control Strategies (RCS) offers a full range of services to secure your company’s online data and communications, before or after a breach has occurred. As effective crisis managers, we specialize in three different areas proven to be high in demand over the nearly 15 years of our existence: cyber services, security consulting, and investigation services.
We perform security assessments and audits to find out the level of security already in place for your system initially, but we continue audits and assessments after the initial implementation is in place to ensure the long-term safety of your data.
If a breach has already occurred, we work quickly to strategize and mitigate the situation and reduce the impact of the breach. Utilizing our team’s extensive law enforcement experience, we perform effective yet fully legal and forensic investigations to work in identifying the source of the threat.
Leading the information security team are our Chief Information Security Officers (CISO), who are executive level security and privacy professionals. They assess the trends and evolving challenges in cyber security to anticipate susceptibilities in current security systems. CISOs also analyze the most effective level of security your business requires within the allowed budget to provide the best coverage possible.
We work closely with your business, the executive management teams, and IT service providers to ensure the appropriate level of security is in place for your company’s data and communications. Our methods are comprehensive in nature; we conduct technical assessments, interviews, and thorough reviews of IT-related policy to identify any vulnerabilities and to help strategize the right approach in tightening your company’s security measures.
_____
Risk Control Strategies (RCS) specializes in investigative, security, and business intelligence for legal, corporate, and private sectors. Our team of seasoned professionals are backed by decades with federal and state law enforcement agencies, conferring unparalleled expertise and care with each assignment. Explore our website, or visit our contact page and reach us directly to learn more.