We are pleased to announce that the T-Eye Threat Intelligence Report for the month of March has been published. Each month, the T-Eye Threat Intelligence Report is compiled to enable Pakistan based organizations to proactively fortify their defenses. These reports not only provide awareness to organizations on the latest set of threats being faced in Pakistan cyberspace but also provide key information for prevention as well. The major threats that have been discovered recently in Pakistan by global and TISS' research and IR teams are summarized as follows:
Equation Group is the most advanced APT group found so far and is called the Crown Creator of Cyber Espionage. According to Kaspersky Lab researchers the group is unique almost in every aspect of their activities. They use tools that are very complicated and expensive to develop, in order to infect victims, retrieve data and hide activity in an outstandingly professional way. They utilize classic spying techniques to deliver malicious payloads to the victims.
Ransomware malware is constantly affecting Pakistan based organizations with the key motive of encrypting data of targeted organizations and individuals and rendering it useless until a hefty ransom is paid for decryption. There has been exponential increase in number of Ransomware attacks since 2015 and prevention from this threat is highly recommended at all layers. In recent Ransomware attacks, it has been noted that the malware also steals personal information of affectee.
The Threat Intelligence Report for the month of March 2016 can be downloaded by visiting: http://www.triam.com.pk/resources/threat-intelligence-services/march-2016. It has been compiled with the help of our advanced threat intelligence gathering platform consisting of sensors like honeypots, web crawlers and aggregators which are deployed through-out Pakistan. The information obtained using these sensors is then enriched by extensive correlation from different sources.
Our aim for releasing these monthly reports is to enable all stakeholders in Pakistan to keep abreast with the on-going threats and remain vigilant in protecting their networks from potential attacks. TISS will soon make these threat feeds available to Pakistan based organizations so that their Security Information and Event Management (SIEM) systems, Firewalls and Intrusion Detection / Prevention Systems can be fed to provide protection against Pakistan specific attacks.
If you require more details on these threats or are facing one of these or a different malware, please reach out to us for a focused and quick response.