This press release has been published as it is without any editing. This Website has not verified claims, if any, made it in.
Modiin, Israel, 2nd September, 2014: CYBERTINEL, the Israel-based developer of a signature-less endpoint security platform, has uncovered a massive cybercrime network which has already penetrated hundreds of blue-chip companies, government institutions, research laboratories and critical infrastructure facilities throughout the DACH (Germany, Austria, Switzerland) region, with further revelations in other European countries expected to follow. The network was facilitated for 12 years by the incorporation of over 800 false companies registered in the UK.
CYBERTINEL discovered the ‘Harkonnen Operation’ at one of the network’s targets when it implemented its endpoint security platform across the organization, a prominent, well established German company which holds sensitive data on behalf of its international clients. Trojans siphoning critical information were detected immediately and further investigation, led to the source of the breach revealing that the original domain was registered by a UK company and that a further 833 companies were also registered in the UK.
This specific attack has proven to be just the tip of an international cybercrime iceberg. CYBERTINEL has since found records of ‘Harkonnen Operation’ on more than 300 additional organisations in Germany, Austria and Switzerland, targeting key executives. Further investigations are expected to reveal that the security mechanisms of companies in other European countries, including the UK, will have also been breached.
The attack was initiated using a ‘spear phishing’ penetration and executed by running two system Trojans created in Germany. Once planted in workstations at targeted companies, the Trojans were able to deliver sensitive and confidential data to the cybercrime network.
“The network exploited the UK’s relatively tolerant requirements for purchasing SSL security certificates, and established British front companies so they could emulate legitimate web services,” said Jonathan Gad of Elite Cyber Solutions, CYBERTINEL’s UK partner. “The German attackers behind the network then had total control over the targeted computers and were able to carry out their espionage undisturbed for many years.”
CYBERTINEL’s forensic analysis has been able to follow the digital traces all the way back to the individuals behind the operation and has provided these details to its customer, which is now working with German police investigators.
“At this point, we are aware of the extent of the ‘Harkonnen Operation’ , but the damage to the organisations who have been victims in terms of loss of valuable data, income or the exposure of information related to employees and customers is immeasurable, “ Added Jonathan Gad.
Companies across Europe who suspect they may have been targeted or are concerned can contact CYBERTINEL, which is providing a rapid detection service through its local teams. Companies suspecting they have been breached can check suspect IP addresses and domain names against a reference list at (include URL) or register on a special SOS form- http://www.cybertinel.com/sos/ for help from CYBERTINEL.
Click to view the ‘Harkonnen Operation’ report.
Click here for a list of hazardous addresses.
About CYBERTINEL
CYBERTINEL protects organisations against advanced persistent threats and zero-day attacks. Its multi-layer, signature-less endpoint security platform automatically uncovers sophisticated cyber-attacks and provides immediate countermeasures. CYBERTINEL’s endpoint security platform is used by leading homeland security, government and public agencies, infrastructure and utility service providers and industrial and financial organisations. www.cybertinel.com
