Ransomware hackers are like the smash and grab style of burglar. They don’t care who knows that they are here or what they are doing. Their techniques become quickly known and have to continuously evolve. They sometimes make a quick payday.
Option two is a stealthy hacker who attempts to sneak in undetected, remain inside undetected and slowly trickle out proprietary data for years, undetected.
The FBI says that business email compromise attacks cost victims about $2 billion in 2020. add to that the other categories that the FBI tracks, like romance scams, and you are up to about $3 billion a year. Source: Statista
On the other hand, the Commission on the Theft of American Intellectual Property estimates that China’s IP theft (just China) costs the U.S. between $225 billion and $600 billion each year. Source: CNBC
Which do you think is a bigger problem? $3 billion or $600 billion? Seems pretty obvious.
Researchers have discovered a stealthy espionage group that they are calling Aoqin Dragon that has been conducting espionage since 2013. They use a variety of techniques to infect the targets, in industries such as government, education and telecommunications.
The researchers believe this is a small, Chinese speaking team that continues to operate today and which continues to operate today as it enhances the back doors that it has created.
They think the group used Office bugs in the time period 2012-2015. Since 2018 the group has used a fake removable USB device shortcut as the initial point of infection.
The malware even has built in redundancy – it bundles three different command and control servers.
The fact that it took 9 years to even know that they exist is an indicator of their skill.
Would you even know if they were inside your network?
Credit: ZDNet