Cyberespionage group Suckfly targeted Indian govt, e-commerce organisations: Symantec
Security solutions provider Symantec has revealed the activities of Suckfly, an advanced cyberespionage group that conducted long term espionage campaigns against high profile targets including government and commercial organisations in India.
Security solutions provider Symantec has revealed the activities of Suckfly, an advanced cyberespionage group that conducted long term espionage campaigns against high profile targets including government and commercial organisations in India. Sharing more details in a blog, Symantec identified a number of attacks over a two-year period beginning in April 2014. These attacks occurred in several different countries, but Symantec’s investigation revealed that the primary targets were individuals and organizations primarily located in India. The Indian targets show a greater amount of post-infection activity than targets in the other regions. This suggests that these attacks were part of a planned operation against specific targets in India. The Symantec blog on the activities of Suckfly takes an in-depth look at its activities in India along with its attack lifecycle.
Many of the targets Symantec identified were well known commercial organisations located in India. These organisations include one of India's largest financial organisations, a large e-commerce company, one of India's top five IT firms and two government organisations, among others. Suckfly spent more time attacking the government networks compared to all but one of the commercial targets. Additionally, one of the two government organisations had the highest infection rate of the Indian targets.
The second Indian government organisation attacked is linked to departments of India's central government and is responsible for implementing network software for different ministries and departments. The high infection rate for this target is likely because of the organisation's access, technology, and information that it has on other Indian government organisations. Symantec adds that Suckfly's attacks on government organisations that provide information technology services to other government branches is not limited to India. They have conducted attacks on similar organisations in Saudi Arabia, likely because of the access that those organisations have.
While most of Suckfly group's attacks are focused on government organisations (32 percent), technology (29 percent), e-commerce (14 percent), financial (14 percent), shipping (7 percent) and healthcare (4 percent) were also targeted by this group. Suckfly has the resources to develop malware, purchase infrastructure, and conduct targeted attacks for years while staying off the radar of security organisations. Symantec believes that Suckfly will continue to target organisations in India, and similar organisations in other countries to provide economic insight to the organisation behind Suckfly's operations.
Find latest and upcoming tech gadgets online on Tech2 Gadgets. Get technology news, gadgets reviews & ratings. Popular gadgets including laptop, tablet and mobile specifications, features, prices, comparison.
Militant killed in encounter with security forces in Jammu and Kashmir's Pulwama; identity being ascertained, says police
A police official said security forces, acting on specific information about the presence of militants in Awantipora's Samboora, had launched a cordon and search operation
UN faces 'crisis of confidence' without comprehensive reforms, says Narendra Modi in address to world body
Modi asserted that the world needs a reformed multilateralism that reflects today's realities and gives voice to all stakeholders
Delhi Police arrests Chinese, Nepalese nationals for 'paying' journalist Rajeev Sharma for 'sensitive information'
Sharma, a resident of Pitampura, was arrested by the Special Cell of the Delhi Police on Friday under the National Security Act