Researchers at security company Cylance have uncovered an ongoing, evolving cyber-attack campaign, which has targeted companies across Asia, Europe, and the United States. The campaign, dubbed Operation Dust Storm, began in 2010 and has been a long-term espionage operation. Recently, the focus of Operation Dust Storm has shifted to target solely Japanese companies, both public and private, in the oil/gas, power, transportation, and finance industries. Although this operation has yet to be destructive or disruptive, something alarming is that, according to Cylance’s CMO Greg Fitzgerald, this campaign is “significantly financed, significantly resourced in terms of personnel and skillset, with a sustained presence…” The group has managed to stay undetected for so long by registering new domain names, using a variety of unique backdoors, and by using dynamic DNS.
References: Japanese Infrastructure Targeted In Operation Dust Storm | Operation Dust Storm Hackers Set Sights on Japan's Critical Infrastructure | Japan's Critical Infrastructure Under 'Escalating' Cyber Attack, Says Report
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.