"The tech giant's threat intelligence division said the adversarial targeting of the sector is centered around four key themes: striking defense entities deploying technologies on the battlefield in the Russia-Ukraine War, directly approaching employees and exploitation of the hiring process by North Korean and Iranian actors, use of edge devices and appliances as initial access pathways for China-nexus groups, and supply chain risk stemming from the breach of the manufacturing sector."
"Many of the chief state-sponsors of cyber espionage and hacktivist actors have shown an interest in autonomous vehicles and drones, as these platforms play an increasing role in modern warfare, GTIG said. Further, the 'evasion of detection' trend [...] continues, as actors focus on single endpoints and individuals, or carry out intrusions in a manner that seeks to avoid endpoint detection and response (EDR) tools altogether."
State-sponsored actors, hacktivists, and criminal groups from China, Iran, North Korea, and Russia have targeted the defense industrial base (DIB) sector. Targeting centers on four themes: striking defense entities deploying battlefield technologies in the Russia-Ukraine War; directly approaching employees and exploiting hiring processes; using edge devices and appliances as initial access pathways for China-nexus groups; and supply chain risk from manufacturing sector breaches. Interest in autonomous vehicles and drones has risen because of their increasing battlefield role. Adversaries increasingly seek to evade endpoint detection by focusing on single endpoints and individuals. Notable activity includes APT44's Signal and Telegram exfiltration using WAVESIGN and TEMP.Vermin's use of VERMONSTER, SPECTRUM, and FIRMACHAGENT with drone-related lure content.
#defense-industrial-base #cyber-espionage #drones--autonomous-systems #supply-chain-risk #endpoint-evasion
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]