• Latest
Austrian foreign ministry: ‘State actor’ hacked government IT systems is over

Austrian foreign ministry: ‘State actor’ hacked government IT systems is over

March 14, 2020
Bavaria plans coronavirus curfews in some hotspots — even at New Year

Bavaria plans coronavirus curfews in some hotspots — even at New Year

December 24, 2020
Germany’s Strategic Gray Zone With China

Germany’s Strategic Gray Zone With China

December 24, 2020
‘Good riddance,’ says China as Germany leaves UN Security Council

‘Good riddance,’ says China as Germany leaves UN Security Council

December 24, 2020
Defense stocks top performers regardless of U.S. elections

Defense stocks top performers regardless of U.S. elections

October 13, 2020
How the federal system hampers the fight against pandemic

How the federal system hampers the fight against pandemic

October 13, 2020
Silver Generation Penny Stocks equities in October

Silver Generation Penny Stocks equities in October

October 13, 2020
Activists to launch legal battle to protect ‘Statue of Peace’ in Berlin

Activists to launch legal battle to protect ‘Statue of Peace’ in Berlin

October 13, 2020
Luftwaffe’s ‘Merkel One’ Airbus arrives in Germany

Luftwaffe’s ‘Merkel One’ Airbus arrives in Germany

October 12, 2020
Coronavirus and market crash: Why many first-time investors may turn to new Trader

Coronavirus and market crash: Why many first-time investors may turn to new Trader

October 12, 2020
EU Leaders to Insist on Tough Enforcement Powers in Brexit Deal

EU Leaders to Insist on Tough Enforcement Powers in Brexit Deal

October 12, 2020
Top 10 Traders to Follow on Twitter

Top 10 Traders to Follow on Twitter

October 12, 2020
Where Does Russian Stealth Su-57 Fighters Stand Against US’ F-22 Raptors & F-35 Jets?

Where Does Russian Stealth Su-57 Fighters Stand Against US’ F-22 Raptors & F-35 Jets?

October 12, 2020
Sunday, January 17, 2021
Passauerbote.com
No Result
View All Result
  • World News
    • Africa
    • Asia
      • China
      • North Korea
    • Canada
    • Europe
    • Latin America
    • Middle East
    • Russia
    • United Kingdom
      • Brexit
    • United States
  • National Security
    • Cyber Security
    • Immigration
    • Military
    • NATO
    • Refugee Crisis
    • Terrorism
  • Politics
    • Democracy
    • Free Speech
  • Business
    • Economy
    • Free Market
  • Science
    • Technology
  • Culture
    • Art
    • Books & Literature
    • Food & Drink
    • Health
    • History
    • Movies & TV
    • Music
    • Privacy
    • Religion
    • Travel
    • Women & Children
  • Environment
    • Climate Change
    • Endangered Species
    • Wildlife
  • Sports
    • Auto Racing
    • Baseball
    • Basketball
    • Cycling
    • Football
    • Golf
    • Olympics
    • Soccer
    • Tennis
    • Water Sports
  • World News
    • Africa
    • Asia
      • China
      • North Korea
    • Canada
    • Europe
    • Latin America
    • Middle East
    • Russia
    • United Kingdom
      • Brexit
    • United States
  • National Security
    • Cyber Security
    • Immigration
    • Military
    • NATO
    • Refugee Crisis
    • Terrorism
  • Politics
    • Democracy
    • Free Speech
  • Business
    • Economy
    • Free Market
  • Science
    • Technology
  • Culture
    • Art
    • Books & Literature
    • Food & Drink
    • Health
    • History
    • Movies & TV
    • Music
    • Privacy
    • Religion
    • Travel
    • Women & Children
  • Environment
    • Climate Change
    • Endangered Species
    • Wildlife
  • Sports
    • Auto Racing
    • Baseball
    • Basketball
    • Cycling
    • Football
    • Golf
    • Olympics
    • Soccer
    • Tennis
    • Water Sports
No Result
View All Result
Passauerbote.com
No Result
View All Result

Austrian foreign ministry: ‘State actor’ hacked government IT systems is over

Russia denies claims that it was homegrown Turla malware

pass163 by pass163
March 14, 2020
in Uncategorized
0
Home Uncategorized
Post Views: 400

 

Vienna/Austria/UK (14/3).    Austria’s foreign ministry has said a weeks-long cyber attack from a “state actor” against its systems has ended – amid local reports that pin the blame on a Russian hacking crew and its initial four-byte payload. Or so it seems. But key questions remain unanswered. Who and why?

The attack, which was announced to burghers of the state on a 4th January, was aimed at the ministry’s IT infrastructure, according to local reports.

Foreign minister Alexander Schallenberg said the attack had been ended, adding: “We managed to clean up our IT systems.” He claimed that “no damage to the IT equipment could be detected”.

The ministry said in a statement: “According to current knowledge, this was a targeted attack against the Foreign Ministry with the intention of gathering information. However, due to the dimension and the high complexity, it cannot yet be said beyond doubt who is behind the attack.”

It is unclear whether the attack itself ended yesterday or whether yesterday marked the end of the cleanup and repair period.

Local newspaper Der Standard said that despite news reports blaming usual suspects – Russia and China – local Russian ambassador Dmitri Ljubinski demanded a retraction and apology. The newspaper said: “For example, the Kronen Zeitung headlined on Tuesday with the claim that a trail leads to Moscow – without further substantiating this.”

A local radio station, the Österreichischer Rundfunk (ORF, state broadcaster Austrian Radio), reported in mid-January that the attack bore the hallmarks of Russia’s Turla Group. Citing information from its own sources, the broadcaster described the attack in detail:

Like all previously known malware modules that are assigned to Turla, Topinambour is a pure spy tool. The individual elements of the malware are – as is usual – only put together in the target network, but the sophistication of Turla lies in the “how”. The entire suite consists of short command chains for .NET or PowerShell and uses – wherever possible – legitimate Windows elements such as cmd.exe that are present on the attacked machine anyway.

ORF reported that a command-line module was used by the attackers to send a four-byte TCP request to an external server. That downloads the malware dropper, which in turn places Turla’s trojan. Deployed as a so-called fileless attack, the malware’s operators were, so ORF said, able to revisit freshly disinfected servers with subtly altered strains, reacting to countermeasures on the fly. A Google-translated version of its article, which reads well in English, is available here.

“Strings of the command-line interface PowerShell or the counterpart of the .NET programming suite from Microsoft are always buzzing around in this network,” said ORF, highlighting that Austria’s foreign ministry maintains around 100 diplomatic missions worldwide.

Turla Group, like every other malware operator out there on the internet, has about two-dozen trade names depending on which infosec company is blogging about it at a given moment. It is variously known as Venomous Bear, Group 88, Uruburos, Iron Hunter, and so on. It was last seen on El Reg when British and American spies blamed the hacking crew for masquerading as Iranians to launch attacks on Middle Eastern governments.

Last summer the United Nations HQ in Austrian capital Vienna was hacked. Incredibly, officials covered it up in the hope nobody would notice.

Source: Gareth Corfield
Tags: AustriaChinacyber attackforeign ministryhackingRussia
pass163

pass163

Next Post
Austria Unprepared After Cyberattack on Foreign Ministry

Austria Unprepared After Cyberattack on Foreign Ministry

Translate

Popular Post

Bavaria plans coronavirus curfews in some hotspots — even at New Year
Asia

Bavaria plans coronavirus curfews in some hotspots — even at New Year

by pass163
December 24, 2020
0

  Bavaria is set to be placed under the strictest coronavirus measures in Germany from Wednesday, including local curfews in...

Read more
Germany’s Strategic Gray Zone With China

Germany’s Strategic Gray Zone With China

December 24, 2020
‘Good riddance,’ says China as Germany leaves UN Security Council

‘Good riddance,’ says China as Germany leaves UN Security Council

December 24, 2020
Defense stocks top performers regardless of U.S. elections

Defense stocks top performers regardless of U.S. elections

October 13, 2020
How the federal system hampers the fight against pandemic

How the federal system hampers the fight against pandemic

October 13, 2020
  • About
  • Advertise
  • Advertise
  • Privacy & Policy
  • Privacy & Policy
  • Contact Us
  • Contact Us
  • About

Topics

Follow Us

About Us

Passauerbote.com is part of Passauer Bote LLC, which delivers daily news around the globe.

© 2012 Passauerbote

No Result
View All Result
  • World News
    • Africa
    • Asia
      • China
      • North Korea
    • Canada
    • Europe
    • Latin America
    • Middle East
    • Russia
    • United Kingdom
      • Brexit
    • United States
  • National Security
    • Cyber Security
    • Immigration
    • Military
    • NATO
    • Refugee Crisis
    • Terrorism
  • Politics
    • Democracy
    • Free Speech
  • Business
    • Economy
    • Free Market
  • Science
    • Technology
  • Culture
    • Art
    • Books & Literature
    • Food & Drink
    • Health
    • History
    • Movies & TV
    • Music
    • Privacy
    • Religion
    • Travel
    • Women & Children
  • Environment
    • Climate Change
    • Endangered Species
    • Wildlife
  • Sports
    • Auto Racing
    • Baseball
    • Basketball
    • Cycling
    • Football
    • Golf
    • Olympics
    • Soccer
    • Tennis
    • Water Sports

© 2012 Passauerbote