- Joined
- Oct 7, 2014
- Messages
- 3,830
- Points
- 113
SINGAPORE: For the first time since last July, when the Government made public the cyberattack on SingHealth, a little-known hacking group has been publicly identified to be behind what is considered the most serious breach of personal data in Singapore’s history.
IT security vendor Symantec released a new study on Wednesday (Mar 6) identifying this attack group, which it dubbed Whitefly.
The group has targeted mostly Singapore organisations or multinational companies with a presence in Singapore since at least 2017, and is primarily interested in “stealing large amounts of sensitive information”, the report added.
Mr Brian Fletcher, director of Government Affairs for Australia-Pacific, Singapore, Japan and Korea, told Channel NewsAsia in a phone interview ahead of the report’s release that the group probably comprise “five to 20-odd people”, is “extremely well resourced” and, as such, is likely to be a "state-sponsored espionage group”.
He however declined to name the nation state behind Whitefly.
“Identifying who or what organisation is directing or funding that activity is not in the scope or focus of what we do,” Mr Fletcher said. “This level of attribution requires the substantial resources, time and access to information that is generally available only to law enforcement or government intelligence agencies.
The report noted that Whitefly usually attempts to remain within a targeted organisation for long periods of time, often months, in order to steal large volumes of information.
It also uses publicly available tools like Mimikatz - something Mr Fletcher said is a common tool for penetration testers to suss out an organisations’ loopholes - to obtain authentication credentials. These credentials allow Whitefly to compromise more machines, and the tactic is repeated again and again until it gains access to the desired data, it added.
“THESE GUYS ARE REALLY GOOD”
https://www.channelnewsasia.com/new...tefly-cyber-espionage-group-symantec-11317330
IT security vendor Symantec released a new study on Wednesday (Mar 6) identifying this attack group, which it dubbed Whitefly.
The group has targeted mostly Singapore organisations or multinational companies with a presence in Singapore since at least 2017, and is primarily interested in “stealing large amounts of sensitive information”, the report added.
Mr Brian Fletcher, director of Government Affairs for Australia-Pacific, Singapore, Japan and Korea, told Channel NewsAsia in a phone interview ahead of the report’s release that the group probably comprise “five to 20-odd people”, is “extremely well resourced” and, as such, is likely to be a "state-sponsored espionage group”.
He however declined to name the nation state behind Whitefly.
“Identifying who or what organisation is directing or funding that activity is not in the scope or focus of what we do,” Mr Fletcher said. “This level of attribution requires the substantial resources, time and access to information that is generally available only to law enforcement or government intelligence agencies.
The report noted that Whitefly usually attempts to remain within a targeted organisation for long periods of time, often months, in order to steal large volumes of information.
It also uses publicly available tools like Mimikatz - something Mr Fletcher said is a common tool for penetration testers to suss out an organisations’ loopholes - to obtain authentication credentials. These credentials allow Whitefly to compromise more machines, and the tactic is repeated again and again until it gains access to the desired data, it added.
“THESE GUYS ARE REALLY GOOD”
https://www.channelnewsasia.com/new...tefly-cyber-espionage-group-symantec-11317330
