Operation Sharpshooter Global Cyber Attacks Still Active

Indira Datta - Mar 20, 2019


Operation Sharpshooter Global Cyber Attacks Still Active

A global cyber attack campaign has been deployed for over a year and is still active. Researchers believe there is a group of hackers from North Korean behind the campaign.

A global cyber attack campaign has been deployed for over a year and is currently active. Researchers believe there is a group of hackers from North Korean behind this campaign.

The Lazarus Group, also known as the Hidden Cobra by network users, launched a cyber espionage campaign called "Operation Sharpshooter". McAfee, the US private cybersecurity company, discovered the campaign first in December last year.

North Korea Shutterstock 498172096
The group of hackers is believed to be linked to North Korea

McAfee discovered this campaign through a rare chance to test data and code from a server was in charge of controlling and managing the activities of this global network attack campaign. At the same time, they also discovered the tools and long traditions of this campaign, so they learned that it began to deploy and operate from September 2017.

Researchers from McAfee also said the server's control code and commands were given by a government organization.

20181210 Sharpshooter 1
Images provided by McAfee show that the Sharpshooter campaign attacks nearly the entire world.

Christiaan Beek, McAfee Senior Principal Engineer and Lead Scientist said that researchers do not have many opportunities to gain access to hackers' servers. Often, the assets and tools of captured network attackers are often kept in law enforcement agencies, so private companies do not have the opportunity to research and explore the system in order to understand their work.

McAfee also said that recent evidence found similarities in network attack techniques and other attacks conducted by the Lazarus Group.

Researchers believe the Lazarus Group is related to North Korea. Meanwhile, among many cyber attacks on businesses around the globe, North Korea is believed to be the outbreak of WannaCry virus in 2017 and Sony hacked in 2016.

According to McAfee, Sharpshooter campaign attacks target financial services, critical infrastructure and governments, including recent attacks on Britain, the United States, Turkey and Germany.

Meanwhile, previous cyber attacks often target various industries including the telecommunications, financial and government sectors in the US, Israel and Switzerland.

Comments

Sort by Newest | Popular

Next Story