Cyber Espionage Room Service - DarkHotel Hackers Target High Ranking Business Executives and Agency Officials
Don't give hackers the combination to your digital treasures
Business executives and government officials are being targeted by a hacker group dubbed DarkHotel, who use hotel Wi-Fi networks to orchestrate sophisticated cyber espionage campaigns, according to a recent report. GDF’s founder discusses how advanced threats like these can bring a compromise right to the doorstep of a corporate network and the importance of regular assessments and testing to keep long-term, highly advanced threats like these at bay.
When it comes to cyber threats, it doesn’t get much scarier for IT security departments than the thought of facing a sophisticated and well-crafted APT (Advanced Persistent Threat), and the level of sophistication, planning and patience detailed in this exposé on DarkHotel published on Wired’s website on November 10th, 2014 certainly would qualify. From advanced kernel-level keyloggers rarely seen in the wild, to selective targeting for malicious payload deployment, it’s clearly not a band of amateurs at work.
Joe Caruso, founder and CEO/CTO of Global Digital Forensics (GDF), a premier national provider of cyber security solutions headquartered in New York, summed it up by saying, “It’s just another recent example of the dangers that abound on the cyber front, and any business that doesn't take the threat of cyber attack seriously is not only playing with fire, they’re doing it while being doused in gasoline. In this day and age, unfortunately, maintaining a pristine network forever safe from cyber threats, outside of completely severing it from the outside world, is a pipe dream. More realistically, every company should approach cyber security from a perspective that not only have they probably already been attacked, but that an attacker could be enjoying free reign on their network right now. Technology alone will never be able to achieve perfect perfection, especially as long as “the human element” is involved anywhere in the security chain. Even with DarkHotel, all the sophistication and planning that went into it all boils down to one thing to make it all work, a human being deciding to click their mouse just once on what an attacker wants them to, that’s it. Welcome to today’s cyber attackers’ favorite weapon, social engineering.”
Advantage: Hackers
“Just think about the playing field IT security professionals have to deal with, and why they need all the help they can get,” says Caruso. “There are mobile devices like smartphones and tablets being used more than ever before, all with seemingly endless choices of software and applications, and all providing a potential threat vector for cross-platform intrusions and attacks. There is the increasingly blurred line between business and personal computing, which make a successful attack on just one employee, even an attack suffered at home, or in a hotel, a potential intrusion threat thanks to things like shared media, reusing passwords across multiple accounts for both work and play, divulging personal information on social media sites which attackers can use to their advantage when crafting social engineering campaigns like spear phishing and other targeted attacks, and a whole host of other bad cyber habits that play right into hackers’ hands. From there the only limitation for an attacker is their imagination. And that’s what tips the scales in their favor. You can plug every technology hole known to exist, and tomorrow some attacker thinks up a new clever way to get some human being to make a bad decision and they’re off and running again. That’s where regular professional threat assessments and penetration testing come in, they are the biggest keys to keeping attackers stretching on the sideline, or at least limiting them to a quick, fairly harmless jog, rather than a potentially devastating marathon.”
“Our assessment and testing solutions are designed to cover the most important bases needed for effectively managing today’s cyber threat landscape and significantly improving the safety of any cyber environment and/or digital assets,” says Caruso. "With our perfected and proven process, we’ll not only find and eradicate any existing threat on a client’s network, we’ll also help minimize the threat of future intrusion by making sure any and all security policies and procedures are up to date and up to snuff, and perhaps most importantly, we help our clients raise social engineering awareness enterprise-wide. We’ll even go as far as crafting realistic social engineering campaigns designed to trick personnel into divulging their credentials, and to date, we’ve never failed. The deer-in-the-headlights moment when we call out the 10, 20 or even 50% of staff that fell for our social engineering tactics is a more powerful awareness raising tool than just about any you can imagine. And if we can help strengthen that human link in the chain, our client’s network will be a whole lot safer going forward. But assessment and testing are not a once and done deal, they need to be done regularly. Threats evolve, personnel changes and compromises do happen, but regularly assessing and testing any organization’s unique digital environment will keep both the danger of a successful compromise, and the potentially costly aftermath, to a bare minimum.”
Real solutions for real threats
*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a cost-effective plan which will meet your unique needs, without wasting resources on solutions you simply don’t need. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit our cyber security page.