View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Government agencies under attack from covert malware

Will the security of government agencies need increasing?

By Tom Ball

A new, advanced spear phishing cyber threat has been found to specifically target government agencies, with the covert advanced persistent threat (APT) looking to steal information and data.

The malware, dubbed ‘Netrepser’, is built around a legitimate, yet controversial recovery toolkit provided by Nirsoft.

Bitdefender, who uncovered the new targeted attack, said that the attack “is part of a high-level cyber-espionage campaign.”

As many as 500 infected bots were accounted for during an assessment, with Bitdefender having traced the presence of the threat back to May 2016. The threat has also been found to so far predominantly target government agencies.

The preloaded attack is armed with different options for stealing information and is able to deploy methods such as keylogging to achieve its ends.  .

The Nirsoft toolkit has been surrounded by controversy as the applications provided are made for recovering cached passwords and monitoring network traffic. These processes can also be run in a covert capacity, adding to the desirability of these tools to threat actors.

This attack stands out as it is a targeted attack, but it is constructed and deployed using public tools; usually targeted attacks such as this are custom-made and minimally equipped.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

Nation-state espionage and potential hacking has been prominent in the news, and it has gained further traction in light of recent and current election campaigns in Europe. In recent weeks there have been questions raised surrounding a potential attempt to breach the security Emmanuel Macron’s campaign.

READ MORE: French election odds favour Macron but was the campaign targeted by hackers?

The Netrepser attack represents a more formidable form of cyber-threat, but the potential nation-state action against the Macron campaign was relatively low tech, as it involved false domains attempting to capture usernames and passwords from unassuming members.

This is not a lone example, as even phishing attacks have been precursors to nation-state attacks, according to Verizon Data Breach Investigation Report statistics.

Topics in this article : , , , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU