Select Page

Cisco warns of a hacking campaign targeting the aviation industry

Posted by | Oct 25, 2021 | ,

Cisco warns of a hacking campaign targeting the aviation industry

Riyadh, KSA – 25 October 2021 – Cisco detected a targeted phishing campaign aimed at the aviation industry for two years, which was potentially organized by cyber threat actor(s) operating out of Nigeria.

The actor(s) have been targeting the aviation industry for the last two years, while managing other campaigns at the same time. Researchers found that they do not seem to be technically sophisticated as they’re using off-the-shelf malware since the beginning of their activities without developing their own malware.

The operators also bought crypters that enable the usage of such malware without being detected. Throughout the years they used several different cryptors, mostly bought on online forums and are believed to have been active since 2013. 

talos threat spotlight_ssict_239_119

The cyber attacks involve emails containing specific lure documents centered around the aviation or cargo industry that purport to be PDF files but link to a VBScript file, which ultimately leads to the delivery of remote access trojans (RATs), leaving organizations vulnerable to an array of security risks. 

Actors that perform smaller incidents can keep doing them for a long period of time under the radar. However, their activities can lead to major incidents at large organizations. These are the operators that feed the underground market of credentials and cookies, which can then be used by larger groups on activities.

Commenting on the targeted attacks, Fady Younes, Cybersecurity Director at Cisco Middle East and Africa said: “Many operators can have limited technical knowledge but still be able to operate RATs or information-stealers – posing a significant risk to large corporations given the right conditions. In this case, what appeared to be a simple campaign was, in fact, a continuous operation that has been active for years – targeting a whole industry with commodity malware hidden with different crypters.”

“Even though cybersecurity is not a threat specific to aviation, in the last few years the sector has been at the forefront of several cyber attacks. It is crucial to be careful with weak links that could lead to flawed conclusions. The weak links shouldn’t be discarded — It would be wise to view them as one more piece of information that, together with other links, can yield to a much stronger relationship between two pieces of information.” Younes added.

About The Author

Shima Zamil

Social media Marketing, Creative copywriter, Arabic- English translator, and Community management

Related Posts

SITA launches Health Protect, a secure way for airlines to share health information during the pandemic

SITA launches Health Protect, a secure way for airlines to share health information during the pandemic

February 9, 2021

The danger within: 30%of users in Saudi Arabia are under threat from malware hiding within their devices

The danger within: 30%of users in Saudi Arabia are under threat from malware hiding within their devices

April 11, 2021

How to Minimise the Risks of Geo-Location Tagging

How to Minimise the Risks of Geo-Location Tagging

May 3, 2021

Four Seasons Yachts Redefines Luxury at Sea

Four Seasons Yachts Redefines Luxury at Sea

October 4, 2023

Latest News

Categories

WP Twitter Auto Publish Powered By : XYZScripts.com