The digital world has benefited us in hundreds and thousands of ways , enabling us to store data, search, transfer, record, analyse, communicate, buy, sell, share & do SO much more! But the more we rely on cyber space, the higher the risk we face of losing it. What if all of it were breached? What there were a security compromise? That’s a threat that’s quickly becoming a reality closer to you. In light of that, we’re launching our Security Beat, a monthly feature covering cyber threats & measures you can take to protect your data.
This month, we’re bringing you up to speed with Black Vine, a formidable, highly resourced attack group that has been carrying out cyber espionage on organisations around the world since 2012! The attacks have been on several industries- aerospace, healthcare & energy. These attacks are typically watering-hole attacks on websites with their custom-developed malware – Trojan.Sakurel and Backdoor.Mivast.
In December 2012, an attack on a gas turbine manufacturer Capstone Turbine marked their presence in the Energy industry. In 2013, an attack on a global airline made the aerospace industry a victim of the attack. It further continued with an attack on a European airline in February 2014. In February this year, the attack on U.S healthcare provider Anthem underscored the perniciousness of this group. The attack led to a the largest healthcare data breach – a theft of over 80 million patient records! In depth research & reporting has been conducted to pin the criminals. The breach is the most highly publicized & reported attacks in 2015.
Various countries have fallen prey to the group’s cyber attacks including India which is among the wort of them. Symantec identified the worst affected countries and represented it visually here:
(Source: Symantec Report)
Research suggests that some member of Black Vine may be associated with a Beijing based company, Topsec. Research also suggests that the custom-developed malware were likely created by the same author/ developer. You can read the entire report on Black Vine and the attacks here.
Despite the best anti-virus softwares and the necessary precautions, with Black Vine still on the loose, the threat of data breach is always present. Till we learn more about them or pin the attackers, let’s be on our guard when accessing suspicious websites, using foreign pendrives, downloading PDFs & opening unknown e-mails. Guard your data. A little slack of vigilance could cost you & others millions!