Privileged Accounts – the New Espionage ‘Asset’

Discussions about the breach and infiltration of Kaspersky’s network continue to reinforce the emergence of dangerous attack patterns that are leaving no one out of attackers’ sights – not even a security company.

As we know, attribution of an attack is a difficult part of deconstructing a breach – we can see the signatures in malware, see what networks the attackers used to support the attack, but ultimately, we’re almost never 100 percent sure of attribution.

Ultimately, the question of “who” is less important than the “how.”

The motivation for the attack on Kaspersky appears to be pure espionage activity. According to sources, the malware used to execute the attack was an updated version of Duqu, which features code directly derived from Stuxnet, and was allegedly used to spy on Iran’s trade relationships and efforts to develop nuclear material.

Read more at – Privileged Accounts – the New Espionage ‘Asset’