|
 The attacks, which go well beyond typical cybercriminal operations,
have claimed thousands of victims dating back to 2009 and continue
to do so, Kaspersky Lab, the world's largest private security firm,
shows in a report published on Monday.
Executives from the auto, outsourced manufacturing, cosmetic and
chemical industries have been hit, the security firm said. Others
targeted include military services and contractors.
In 2012, the FBI issued a general warning to U.S. government
officials, businessmen and academics, advising them to use caution
when updating computer software via hotel Internet connections when
traveling abroad.
Kaspersky's report goes further in detailing the scale, methods and
precise targeting of these attacks on top business travelers.
The movements of executives appear to be tracked as they travel,
allowing attackers to pounce once a victim logs on to a hotel Wi-Fi
network. Hackers cover their tracks by deleting these tools off
hotel networks afterward.
"These attackers are going after a very specific set of individuals
who should be very aware of the value of their information and be
taking strong measures to protect it," said Kurt Baumgartner,
principal security researcher for Kaspersky, the world's largest
privately held cybersecurity firm.
Unsuspecting executives who submit their room number and surname
while logging on to their hotel room's wireless network are tricked
into downloading an update to legitimate software such as Adobe
Flash, Google Toolbar or Microsoft Messenger, Kaspersky said.
Because attacks happen at sign-on, encrypted communications set up
later offer no defense against attack.
[to top of second column] |
The same elite spying crew has used advanced keystroke-logging
software and encryption-breaking at multiple hotel chains across
Asia, it said.
Kaspersky declined to name the executives involved or the luxury
destinations targeted but said it had informed the hotels as well as
law enforcement officials in affected locations.
Ninety percent of the victims came from five countries -- Japan,
Taiwan, China, Russia and South Korea. Business travelers to Asia
from Germany, Hong Kong, Ireland and the United States have also
been duped, Baumgartner said.
The Kaspersky report said a key mystery remains how attackers appear
to know the precise travel itinerary of each victim, which points to
a larger compromise of hotel business networks that researchers say
they are continuing to probe.
(Reporting By Eric Auchard; Editing by Clara Ferreira Marques)
[© 2014 Thomson Reuters. All rights
reserved.] Copyright 2014 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
