Slashdot Mirror

← Back to Stories (view on slashdot.org)

Espionage Campaign Targets Corporate Executives Traveling Abroad

Posted by samzenpus on from the all-your-data-are-belong-to-us dept.

An anonymous reader writes Kaspersky Lab researched the Darkhotel espionage campaign, which has lurked in the shadows for at least four years while stealing sensitive data from selected corporate executives traveling abroad. Darkhotel hits its targets while they are staying in luxury hotels. The crew never goes after the same target twice; they operate with surgical precision, obtaining all the valuable data they can from the first contact, deleting traces of their work and fading into the background to await the next high profile target. The most recent traveling targets include top executives from the USA and Asia doing business and investing in the APAC region: CEOs, senior vice presidents, sales and marketing directors and top R&D staff. This threat actor is still active.

8 of 101 comments (clear)

  1. Re:marketing by VIPERsssss · · Score: 5, Insightful

    Hah, you'd be surprised. "All that encryption stuff just gets in my way. I'm an important person. Just make it work."

    Then you have to clean off all the shit from their laptop when they get back. Or worse, they copied their files to their personal laptop and then took that because it's "easier."

    And how dare a lowly IT admin tell the VP of R&D that what they want is dangerous and stupid.

    --
    We are eternal, all this pain is an illusion.
  2. Re:marketing by Ihlosi · · Score: 5, Insightful
    And how dare a lowly IT admin tell the VP of R&D that what they want is dangerous and stupid.

    You don't. You tell them it's a huge financial risk for the company.

  3. Re:marketing by gstoddart · · Score: 4, Insightful

    Any corporate executive traveling will have encrypted communications from their company as a matter of course.

    In my experience, the more senior the executives, the more they don't think basic security and precautions apply to them.

    I'm inclined to think this kind of thing is quite real.

    --
    Lost at C:>. Found at C.
  4. Re:marketing by CaptainDork · · Score: 4, Insightful

    This has been my experience, as well.

    I have told management that it's not my job to casually suggest that they are taking risks; it's my job to jump up and down and rant and rave.

    I have also informed them that, for any best practice recommendations they choose to ignore, I need a CYA email from them that I have made the risk assessment clear and that they are making the business decision to ignore me.

    For those who will not do that, I send them an email referencing our "talk" about how they have declined to conform with best practice "as we discussed on this date."

    In my shop, system does not drive business ... business drives systems. My job is to inform, insist, and bitch and complain.

    After I apply due diligence (to the max), business evaluates risk and tells me what to do.

    --
    It little behooves the best of us to comment on the rest of us.
  5. Target, TJ Maxx, Home Depot by raymorris · · Score: 3, Insightful

    Most top level executives don't know DES from GPG or IDEA.
    What they do understand is when you send them an email with links to to three Wall Street Journal articles, Target, TJ Maxx, and Home Depot, then say "to prevent this from happening to our company, we need to have the following policies in place:".

  6. Not surprising in the least by ErichTheRed · · Score: 3, Insightful

    I'm a client systems person (yes, yes, I know, the desktop is dead and everyone is going to be writing Excel macros on their iPhones...I'm aware of it.) But, having worked for a couple of companies' IT departments doing this, and for a service provider doing this for other customers, I am absolutely not shocked that corporate execs are being targeted for this. Almost everywhere I've worked, executives have overriden the rules and required that they have full admin access to their laptops. Combining this with BYOD and users travelling onto untrusted networks is a nightmare. All it takes is one time not carefully thinking about a prompt to update something from a non-legitimate source. Once that's done, all the full-disk encryption and other good stuff goes out the window.

    The higher the rank, the less they know or care about information security. It's a losing battle too, because (a) they don't want some lowly IT guy telling them what's best for them, and (b) the heavy-handed approach doesn't work because they don't believe there's a threat.

    Hotel networks are especially interesting because the system is most likely some turnkey thing like a Cisco or Juniper appliance that gets wired up, thrown in a closet and forgotten about. That's the perfect target for compromise because it never gets updated, bugs never get fixed, and all you have to do to get physical access to the device is get a job as a cleaner or maintenance person.

  7. And who's buying the data? by Princeofcups · · Score: 3, Insightful

    The same guys who are having their data stolen are the ones buying data that was stolen from some other guy. It's a sociopath feeding frenzy, and the criminals are cashing in.

    --
    The only thing worse than a Democrat is a Republican.
  8. Re:marketing by PvtVoid · · Score: 4, Insightful

    no you tape them refusing to adhere to the encryption and if the company suffers a breach or IP is stolen digitally then you pull out that recording and CYOA

    I would suggest that clandestinely taping your boss being an idiot is a pretty good way to find yourself out of a job.

    How about, oh, I dunno, following up such conversations with a friendly, informative email summarizing the discussion and your recommendations, so there's a paper trail?