A prolific global cyber聽espionage campaign is employing new tactics to target a broad audience, according to an investigation by both the public and private sector in the UK.
The threat actor, widely known as APT10, is believed to be behind the聽attack, targeting providers of managed outsourced IT services as a way to access to customers’ organisations around the world, gaining unprecedented access to intellectual property and sensitive data.
A close working collaboration between private sector companies, including PwC, and the UK鈥檚 National Cyber Security Centre led to identifying and disrupting the campaign.
Systemic cyber breaches demonstrate new level and maturity of targeted attacks against the supply chain, compromising outsourced IT service providers to gain widespread access to thousands of organisations.
PwC鈥檚 cyber security practice worked closely with BAE Systems and other members of the security community, to uncover and disrupt what is thought to be one of the largest ever sustained global cyber espionage campaigns.
Richard Horne, cyber security partner at PwC, commented: 鈥淭he future of cyber defence lies beyond simple intelligence sharing, but in forging true collaboration between organisations in the public and private sector with the deep technical and innovative skills required to combat this type of threat.
鈥淭his operation has demonstrated the importance of the recently established National Cyber Security Centre, set up for moments just like this.
鈥淥perating alone, none of us would have joined the dots to uncover this new campaign of indirect attacks.
鈥淭ogether we鈥檝e been working to brief the global security community, managed service providers and known end victims to help prevent, detect and respond to these attacks.
鈥淣ew forms of attack require new ways of working to defend our society. Close working collaboration is key.鈥
The scale of the threat became increasingly apparent in late 2016.
The sheer scale of the operation was only uncovered through collaboration, and is still only likely to reflect a small portion.
Kris McConkey, partner, cyber threat detection and response at PwC, will present on the findings of his firm鈥檚 joint research at the Kaspersky Security Analyst Summit in St. Maarten, said: 鈥淭he indirect approach of this attack highlights the need for organisations to have a comprehensive view of the threats they鈥檙e exposed to 鈥 including those of their supply chain.
鈥淎longside our research work, we have also notified the threat intelligence community and worked with the NCSC to notify managed service providers and known victims.
鈥淭his is a global campaign with the potential to affect a wide range of countries, so organisations around the world should work with their security teams and providers to check networks for the key warning signs of compromise and ensure they respond and protect themselves accordingly.鈥