A report by Kaspersky Lab has uncovered a series of “invisible” targeted attacks that don't use malware, just legitimate software already on your system.
So-called invisible attacks use 'penetration-testing' software, such as Meterpreter, as well as the PowerShell framework for task automation in Windows, according to Kaspersky Lab. The attacks can go undetected and traces of the hackers are wiped when the system is rebooted.
The study found that banks, telecommunication companies and government organisations in the US, South America, Europe and Africa were among the top targets.
Ultimate goal is to control financial processes
Kaspersky Lab showed that the 'invisible attack' code is able to hide in the system's memory and can collect system administration passwords, enabling attackers to gain remote access to systems, with the goal of being able to control the company's financial processes.
These attacks are happening on a massive scale, according to the cybersecurity company, affecting more than 140 enterprise networks in a range of business sectors in 40 countries, with most victims located in the US, France, Ecuador, Kenya, the UK and Russia – see graph below:
Source: Kaspersky Lab
Using legitimate software that hides within the system's memory makes the security breach very difficult to detect. “The determination of attackers to hide their activity and make detection and incident response increasingly difficult explains the latest trend of anti-forensic techniques and memory-based malware,” said Kaspersky Lab's Sergey Golovanov.
Cybersecurity: the only solution that works + “striking right balance” when hacked
Holistic approach across whole company and supply chains + integrated behavioural systems TO REALLY TACKLE FRAUD
Cyber risk a bigger threat to economy than Trump presidency
A survey has shown that the top systemic threat to the global financial system is cyber risk, while the outcome of today's presidential election in the US came second.
Cybersecurity requires simple legislative action, not just grand gestures
Common sense is the missing ingredient in countries’ cybersecurity strategy