logo
logo

Critical National Infrastructure Supply Chain under Sustained Attack: NCSC

avatar
Jose Rhoades
img

The attack has been ongoing since March 2017.

The UK’s National Cyber Security Council (NCSC) has warned of an ongoing attack campaign against multiple companies involved in the Critical National Infrastructure (CNI) supply chain – with the hostile attacks focused on engineering and industrial control companies.

The attack, ongoing since March 2017, has involved the harvesting of NTLM credentials via Server Message Block (SMB) using strategic web compromises and spear-phishing.

Target networks are attacked in one of two main ways, the NCSC said in a comprehensive advisory published on Thursday.

1 – The attacker carries out a watering hole attack, compromising a website of interest to the target, and adding a link to a resource located on a malicious fileserver.

2 – The attacker sends a spear-phishing email from a compromised account containing a document of interest.

collect
0
avatar
Jose Rhoades
guide
Zupyak is a free content platform for publishing and discovering stories, software and startups.