Several security researchers have uncovered a sophisticated industrial espionage campaign that targets business executives in luxury hotels across Asia once they sign on to computers using in-room wireless connections they consider private and secure.
The attacks, which go well beyond typical cyber-criminal operations, have claimed thousands of victims dating back to 2009 and continue to do so, Kaspersky Lab, the world's largest private security firm, shows in a report published a few months ago.
Executives from the auto, outsourced manufacturing, cosmetic and chemical industries have been hit, the security firm said. Others targeted include military services and contractors.
In 2012, the FBI issued a general warning to U.S. government officials, businessmen and academics, advising them to use caution when updating computer software via hotel Internet connections when traveling abroad.
Kaspersky's report goes further in detailing the scale, methods and precise targeting of these attacks on top business travelers.
The movements of executives appear to be tracked as they travel, allowing attackers to pounce once a victim logs on to a hotel Wi-Fi network. Hackers cover their tracks by deleting these tools off hotel networks afterward.
"These attackers are going after a very specific set of individuals who should be very aware of the value of their information and be taking strong measures to protect it," said Kurt Baumgartner, principal security researcher for Kaspersky, the world's largest privately held cybersecurity firm.
Unsuspecting executives who submit their room number and surname while logging on to their hotel room's wireless network are tricked into downloading an update to legitimate software such as Adobe Flash, Google Toolbar or Microsoft Messenger, Kaspersky said. Because attacks happen at sign-on, encrypted communications set up later offer no defense against attack.
The attacks, which go well beyond typical cyber-criminal operations, have claimed thousands of victims dating back to 2009 and continue to do so, Kaspersky Lab, the world's largest private security firm, shows in a report published a few months ago.
Executives from the auto, outsourced manufacturing, cosmetic and chemical industries have been hit, the security firm said. Others targeted include military services and contractors.
In 2012, the FBI issued a general warning to U.S. government officials, businessmen and academics, advising them to use caution when updating computer software via hotel Internet connections when traveling abroad.
Kaspersky's report goes further in detailing the scale, methods and precise targeting of these attacks on top business travelers.
The movements of executives appear to be tracked as they travel, allowing attackers to pounce once a victim logs on to a hotel Wi-Fi network. Hackers cover their tracks by deleting these tools off hotel networks afterward.
"These attackers are going after a very specific set of individuals who should be very aware of the value of their information and be taking strong measures to protect it," said Kurt Baumgartner, principal security researcher for Kaspersky, the world's largest privately held cybersecurity firm.
Unsuspecting executives who submit their room number and surname while logging on to their hotel room's wireless network are tricked into downloading an update to legitimate software such as Adobe Flash, Google Toolbar or Microsoft Messenger, Kaspersky said. Because attacks happen at sign-on, encrypted communications set up later offer no defense against attack.
No comments:
Post a Comment