Targeted Attacks on Defense Industry
Contents
2017. 07. 12
Targeted Attacks on Defense Industry
220, Pangyoyeok-ro, Bundang-gu, Seongnam-si, Gyeonggi-do, South Korea
Tel: +82-31-722-8000 | Fax: +82-31-722-8901 | www.AhnLab.com
| © AhnLab, Inc. All rights reserved.
Targeted Attacks on Defense Industry
Table of Contents
Introduction ......................................................................................................................................................................... 3
Finding 1: Timeline of Main Attacks on the Defense Industry............................................................ 3
Findings 2: Methods of Attacks .............................................................................................................................. 5
1. Email ............................................................................................................................................................................ 5
2. Watering hole .......................................................................................................................................................... 5
3. Management System ........................................................................................................................................... 5
Findings 3: Related Hacking Groups.................................................................................................................... 6
1. Icefog........................................................................................................................................................................... 6
2. Operation Red Dot ................................................................................................................................................ 6
3. Operation Ghost Rifle .......................................................................................................................................... 7
4. Operation Anonymous Phantom .................................................................................................................... 8
Findings 4: Who is Behind the Attacks? ............................................................................................................ 9
Conclusion ..........................................................................................................................................................................10
© AhnLab, Inc. All rights reserved.
2
Targeted Attacks on Defense Industry
Introduction
Cyberattacks on the defense industry were first discovered in 2010 and has been consistently intensifying.
The defense industry is comprised of companies that manufacture defense logistics and is highly likely to
be the target of attacks from hostile countries or competing countries due to the magnitude of control
once security is breached.
Recently, …
Targeted Attacks on Defense Industry
220, Pangyoyeok-ro, Bundang-gu, Seongnam-si, Gyeonggi-do, South Korea
Tel: +82-31-722-8000 | Fax: +82-31-722-8901 | www.AhnLab.com
| © AhnLab, Inc. All rights reserved.
Targeted Attacks on Defense Industry
Table of Contents
Introduction ......................................................................................................................................................................... 3
Finding 1: Timeline of Main Attacks on the Defense Industry............................................................ 3
Findings 2: Methods of Attacks .............................................................................................................................. 5
1. Email ............................................................................................................................................................................ 5
2. Watering hole .......................................................................................................................................................... 5
3. Management System ........................................................................................................................................... 5
Findings 3: Related Hacking Groups.................................................................................................................... 6
1. Icefog........................................................................................................................................................................... 6
2. Operation Red Dot ................................................................................................................................................ 6
3. Operation Ghost Rifle .......................................................................................................................................... 7
4. Operation Anonymous Phantom .................................................................................................................... 8
Findings 4: Who is Behind the Attacks? ............................................................................................................ 9
Conclusion ..........................................................................................................................................................................10
© AhnLab, Inc. All rights reserved.
2
Targeted Attacks on Defense Industry
Introduction
Cyberattacks on the defense industry were first discovered in 2010 and has been consistently intensifying.
The defense industry is comprised of companies that manufacture defense logistics and is highly likely to
be the target of attacks from hostile countries or competing countries due to the magnitude of control
once security is breached.
Recently, …