A year into the pandemic, ESET reveals new research into activities of the LuckyMouse APT group and considers how governments can rise to the cybersecurity challenges of the accelerated shift to digital
Earlier this year, a well-known APT group dubbed LuckyMouse (aka Emissary Panda, APT27) began exploiting several zero-day Microsoft Exchange Server vulnerabilities. Its end goal? Cyberespionage across multiple government networks in the Middle East and wider organizations in Central Asia. The group used this email server access, and the compromise of Microsoft SharePoint, to deploy a newly updated modular toolkit known as SysUpdate. As ESET explains in a new report, it has been designed to provide on-demand malicious capabilities, while taking great care to resist analysis.
If you were in any doubt about the scale of the cyberthreat facing global governments, then look no further. Fortunately, cybersecurity companies are in a unique position to advise the public sector. Not only does ESET have the requisite technical skills to support cyber-defense, but as no less a target for sophisticated threat actors it can share first-hand its learnings about what works and what doesn’t.
A year of firsts
This LuckyMouse campaign, dubbed EmissarySoldier by ESET and conducted across much of 2020 and into early 2021, is just the tip of the iceberg. It’s been a year like no other for governments, and the threat landscape in general. Unfortunately for the former, events in the latter have had a major impact on the consumers, societies and critical infrastructure sectors that governments are meant to steward and shield. In this respect, the pandemic may have set 2020 apart from any other year before it. But ..
Support the originator by clicking the read the rest link below.
