An extensive international cyberattack has been put to light. The Cyber attack has been named ”Cloud Hopper” and the actor is named ”APT10”. The attacks has been via infrastructure service companies, and spread on to their customers. Therefor a large number of clients and companies are likely suffered. Sweden is one of the countries where this has been identified and TrueSec is one of the players involved in the forensic investigations.
The attack has been going on at least since 2016 but likely started already back in 2014. One MSP (Managed service provider) has been attacked that are managing services for their customers, and are connected to their infrastructure. Via that, access were given to their internal networks…
https://www.cert.se/2017/04/omfattande-cyberangrepp-hos-driftleverantorer
What happend? How did it happen? What is going on now? How often do we see this?
Mikael Månsson Lagström
25 years of IT & Telecom experience in Telco-operator, infrastructure and consultancy, but also leader of large extensive infrastructure outsourcing in Telco. Last 6 years focus on international and national Cyber security and hacker organizations, and now being one of the leaders of IT security company TrueSec. When I’m not working, I prefer to spend my time on my boat in the archipelago. Fun/odd fact: I was one of the advisors in author David Lagercrantz research for his bestseller book in the Millenium serie about the hacker Lisbeth Salander.