Cyber attack campaign targets India, SEA nationsSeemingly from China, a hacker group has been targeting India and Southeast Asian nations in a bid to extract information about ongoing border disputes and other diplomatic issues.
The hacker group would send spearphishing emails attached with Microsoft Word documents containing a script called "Watermain" and embed it into Microsoft Word documents to create backdoors into infected machines, as per cyber security vendor FireEye. Describing the hackers as part of an APT (Advanced Persistent Threat) group, the attack campaign had been ongoing since 2011 and targeted victims mostly in India.
"... According to FireEye, the hackers had used Watermain to attack Tibetan activists and other targets in Southeast Asia, focusing on organizations across the government, science, and education sectors. Its Asia-Pacific CTO Bryce Boland said: "Collecting intelligence on India remains a key strategic goal for China-based APT groups, and these attacks on India and its neighbouring countries reflect growing interest in its foreign affairs."
The FireEye spokesperson added: "To defend against such targeted attacks, organisations should be patching their systems and need to be able to detect advanced attacks not seen before. When intrusions do occur, they need to be able to detect them and respond quickly to prevent data breaches. This takes a combination of technology, expertise and threat intelligence. These kinds of attacks aren't detected by legacy security systems." "
Find this at http://www.zdnet.com/article/cyberattack-campaign-targets-india-sea-nations .