this year used decoy documents with official-looking government logos to lureAttack.Phishingunsuspecting users from targeted organizations to download infected documents and compromise their computer networks . Documents pretending to beAttack.Phishingfrom the U.S.National Security Agency , Iraqi intelligence , Russian security firm Kaspersky and the Kurdistan regional government were among those used to trickAttack.Phishingvictims , Unit 42 said in a blog post ( goo.gl/SvwrXv ) . The Unit 42 researchers said the attacksAttack.Phishinghad targeted organizations in Saudi Arabia , Iraq , the United Arab Emirates , Turkey and Israel , as well as entities outside the Middle East in Georgia , India , Pakistan and the United States . The Saudi security agency said in its own statement that the attacksAttack.Databreachsought to stealAttack.Databreachdata from computers using email phishing techniques targeting the credentials of specific users . The NCSC said they also comprised so-called “ watering hole ” attacks , which seek to trickAttack.Phishingusers to click on infected web links to seize control of their machines . The technical indicators supplied by Unit 42 are the same as those described by the NCSC as being involved in attacks against Saudi Arabia . The NCSC said the attacks appeared to be by an “ advanced persistent threat ” ( APT ) group - cyber jargon typically used to describe state-backed espionage . Saudi Arabia has been the target of frequent cyber attacks , including the “ Shamoon ” virus , which cripples computers by wiping their disks and has hit both government ministries and petrochemical firms . Saudi Aramco , the world ’ s largest oil company , was hit by an early version of the “ Shamoon ” virus in 2012 , in the country ’ s worst cyber attack to date . The NCSC declined further comment on the source of the attack or on which organizations or agencies were targeted . Unit 42 said it was unable to identify the attack group or its aims and did not have enough data to conclude that the MuddyWater group was behind the Saudi attacks as outlined by NCSC . “ We can not confirm that the NCSC posting and our MuddyWater research are in fact related , ” Christopher Budd , a Unit 42 manager told Reuters . “ There ’ s just not enough information to make that connection with an appropriate level of certainty. ” Palo Alto Networks said the files it had uncovered were almost identical to information-stealing documents disguised asAttack.PhishingMicrosoft Word files and found to be targeting the Saudi government by security firm MalwareBytes in a September report .
A lot of things can go wrong on your holidays , like losing luggage or missing a flight , forgetting your travel documents or getting sick at the worst possible time . But have you ever been locked out of your hotel room because of a cyberattack ? That ’ s just what happened to guests at a luxury hotel in Austria when they were left stranded outside of their rooms after a ransomware attackAttack.Ransomthat overrode electronic key systems . This concept , which can be summed up as “ if you don ’ t pay , your guests won ’ t be able to get into their rooms ” , underscores a strategy shift in ransomware . Instead of directly attackingAttack.Ransomthe hotel chain directly , cybercriminals are looking to increase profitability by compromisingAttack.Databreachthe well-being of paying customers . Infected computers and POS systems , credit card theftAttack.Databreach, accessAttack.Databreachto confidential information… in the age of the Internet of Things and smart homes , these attacksAttack.Databreachare becoming commonplace or even antiquated . Clearly the attacksAttack.Databreachthat this industry has been experiencing are not something casual or fleeting . Behind them lies a real economic interest and a preoccupation with stealthy operations . The hotel sector has become a major target for organized cybercriminals in possession of malware specifically designed to harm its running smoothly , not only in payment systems , but also by sealing off access to your room , turning lights on and off , or locking your blinds . This is , undoubtedly , a worrisome situation that could cause significant harm not only on an economic level , but also a PR level , sowing fear among clientele .
Last spring , hackers got intoAttack.Databreachthe system at the ministry , which was then headed by now-Prime Minister Paolo Gentiloni , and the attacksAttack.Databreachcarried on for more than four months but did not gain accessAttack.Databreachto classified information , the paper said . “ The Italian government had already informed ( the paper ) of what it is reporting today , ” the source said in response to the article , noting that security had since been stepped up . “ These were not attacks on the encrypted computer system which carries the most important and sensitive information , but the email system for staff at the foreign ministry and embassies , ” the source said . Gentiloni , who took over as premier in December , was not affected by the attack , the Guardian quoted a government official as saying . He avoided using email when he was serving as foreign minister , the paper said . According to the Guardian , two people with knowledge of the attack said the Russian state was believed to have been behind it . The source close to the ministry could not confirm this . Cyber crime has come into sharp focus since United States intelligence agencies accused Russia of interfering in last year ’ s U.S. election . The Russian foreign ministry did not immediately respond to a request for comment on Friday ’ s report . The Kremlin has described allegations of Russian interference in the U.S. election as “ fabricated ” and “ a witch hunt ” . An Italian government source told Reuters this year that the foreign ministry had been hackedAttack.Databreachin the past and that Rome suspected the perpetrators were Russian , but that it is impossible to say with certainty where such attacks came from . Last month , an Italian brother and sister were arrested on suspicion of hackingAttack.Databreachinto the emails of European Central Bank President Mario Draghi and thousands of others . The police chief who conducted the investigation said there was no evidence they had acted on behalf of foreign states