Google and other U.S. firms, mostly manufacturers in the defense sector, had their computers and networks attacked over the past three years by malware created by what appears to be the same organized group, the “Elderwood gang,” according to a new anaylsis from cyber security firm Symantec.
Further, Symantec says that the malware — which was “focused on wholesale theft of intellectual property,” — could only have been created by attackers with substantial resources, either an organized criminal gang, a nation state or someone with the backing of a nation state. Symantec offers protection against the types of malware released by this group, but advises caution, writing:
“Any manufacturers who are in the defense supply chain need to be wary of attacks emanating from subsidiaries,business partners, and associated companies…Companies andindividuals should prepare themselves for a new round of attacks in 2013 utilizing both Adobe Flash and InternetExplorer zero-day exploits. This is particularly the case for companies who have been compromised in the pastand managed to evict the attackers. The knowledge that the attackers gained in their previous compromise willassist them in any future attacks.”
Wired Threat Level has more on Symantec’s investigation and the malware itself.
