After disrupting IT, healthcare, and retail industries, real estate is the new target of cyber threat actors. The recent August 2020 cyber-spying incident against a renowned architectural and video production company is proof. The attack points were similar to an advanced persistent threat (APT) mercenary group. In this article at Security Intelligence, David Bisson elaborates on the malicious acts and tips to protect your organization.
A Case of Digital Spying
Cybersecurity attackers are eyeing the real-estate developers high-profile architects, and interior decorators. According to the findings of a security company Bitdefender, the APT-styled cyber espionage is trending right now. Leading companies keep a close watch over their competitors by using these mercenary groups. The attackers first gather details of their target and then infiltrate their business network.
Tools Used
The threat actors used a plugin for the software Autodesk 3ds Max for the cyber espionage attack. The plugin enabled a “Max Script Encrypted script” to download the codebase from the campaign’s command-and-control (C&C) framework. These actions helped cyber attackers move sensitive data from the organization’s database. Thus, the victims suffered a security breach, reputation and business loss. The three active groups of digital espionage include StrongPity, Dark Basin, and Deceptikons. Follow these suggestions to defend your enterprise against the Against APT data breaches:
- Invest in advanced monitoring tools to detect the signs of suspicious attacks and infiltration in your company network.
- You may also use network segmentation to protect confidential details of clients and architectural designs.
- Keep your staff aware of digital spying and discuss past incidents to maintain vigilance and secure employees’ access to official assets.
- Always protect your work with a password and never share sensitive details with anyone.
- One of the fundamental ways to protect confidential work is to ensure you have a security team to identify, investigate, and respond to potential threats.
Click on the following link to learn more about the mercenary groups and past attacks: https://securityintelligence.com/news/digital-espionage-mercenary-group-targets-real-estate/
