Kaspersky Lab has disclosed Indian organisations are facing aggressive activities in the spheres of environmental, economic and government policy. The attackers are keeping a track of the organisations for some time and are targeting them through the Windows service. With the help of Windows Management Instrumentation (WMI) they can easily accessed the sensitive and confidential information. The malicious attacks are planned with the help of the WMIGhost/Shadow Trojan.
The attackers launch the attack on the target organisations under the name of Ghost by reusing current headline news for spear phishing attacks. For instance, in a March 2014 attack, this actor used an upcoming meeting between national energy labs and the Departments of Energy as their spea rphishing lure, sending out a mis-spelled spoof file called “India US strategic dialogue press release.doc”.
Speaking about this, Kaspersky Lab Chairman and CEO Eugene Kaspersky said, “Over the past couple of years APTs have intensely targeted organizations and individuals across India. India’s developing technology base, its geographical location and size, its inclusive and riotous political energy, and its growing economic weight makes it a special place of interest for ill-intentioned cyber attackers. Unfortunately there is quite a long list of APT groups targeting Indian organizations”.
He further highlighted, “We are seeing more of these current attacks occurring throughout the country, targeting government and military agencies, NGOs, subcontractors and technology developers. The scope of these attacks is getting broader all the time. Meanwhile, other actors are currently working to exfiltrate more data from India. Indian organizations are being bombarded with spearphishing and webserver attacks on multiple levels – and there is no end in sight.”
There are many campaigns which are running in order to harm the Indian organisations. The list of malicious campaigns include Gh0stNet, Shadownet, an Enfal, Red October, NetTraveler, the LuckyCat, the Turla APT, a Mirage, and the Naikon.