The recently uncovered Hangover cyber campaign will cause lasting damage to UK businesses if left unaddressed, according to security experts from Trend Micro, Kaspersky and F-Secure.
The Hangover cyber campaign, which was found stealing corporate intellectual property earlier in May, was unearthed by security researchers at Norman. It is believed to stem from India and is designed to target Pakistan as well as businesses across the word.
Trend Micro security director Rik Ferguson told V3 that while it's unclear whether the attack is directly targeting the UK, its advanced nature is cause for concern. "While the UK does not appear to be represented as a target in the research paper published by Norman, the question, 'Should UK businesses worry about it?' has perhaps an unexpected answer; yes, they should," he said.
"Hangover is simply another example of a targeted attack campaign that is going after several different industry verticals in several different geographies, the tactics used are no different from the vast majority of today's targeted attacks.
"Customer-built malware, relevant to the platform in question, whether it be Windows or Mac OS, delivered through a spear-phishing campaign using credible communications and attachments to induce the victim to open the document, then subsequent ongoing intrusion and theft of intellectual property."
F-Secure analyst Sean Sullivan mirrored Ferguson's sentiment, highlighting many British businesses' links to India and Pakistan as further evidence that they must be on alert.
"It's difficult to say what UK businesses should worry about – but I think I'd say that they should consider themselves ‘in play' if they do business with either India or Pakistan. Apparently it isn't just China and America that spy on companies and people of interest," Sullivan told V3.
Kaspersky security expert David Emm highlighted Hangover's links to a recent outbreak of Apple OS X malware as another key concern for British businesses, urging IT managers to no longer view Mac computers as being inherently safe.
"There has been a growing amount of malware aimed at OS X in the last two years, including DNS Changers, fake anti-malware programs and botnets. This is a result of the growing market share of the Mac. Gone are the days when Apple could compare the ‘healthy Mac', immune from malware, with the ‘sick PC' and this incident provides a further example of this," he said.
"It's also important that we look at this in the context of the increase in targeted attacks and, specifically, in the desire of attackers to harvest sensitive data from a range of computing devices used in an organisation. We saw this with Red October, where attackers stole data from a whole range of connected devices. We saw it also in a series of attacks on Tibetan activists over the last year or so, again including Macs."
Looking to the future, Emm said the threat of Mac malware will grow, urging businesses to begin tailoring their defences to combat the new threat.
"It is likely that the number of threats targeting OS X will continue to grow and it would be naïve of anyone using a Mac to imagine that they could not become the victim of cybercrime. It's also important to recognise that it's not all about threats that sit on a particular type of device. If the network is compromised, data stored on any connected device can potentially be accessed by an attacker, as in the case of data on mobile devices," said Emm.
"It's important that businesses of all kinds – wherever they're based, whatever business sector they operate in and whatever size – review their security strategy. This should include the assets an attacker might wish to target, the methods they might use to penetrate the company, the impact an attack would have and the procedures and the technologies they need to minimise the risk of attack."
Emm's comments follow widespread warnings within the security community that the cyber threat facing Apple users is growing. Most recently security firm AlienVault highlighted a series of attacks on activist groups, targeting weaknesses in Apple OS X as evidence of the trend.
Wikileaks Vault 7 suspect Joshua Schulte fingered by FBI after re-using smartphone passwords on his PCs
Joshua Schulte indicted on 13 counts relating to Vault 7 leaks and trading in images of child abuse
Alexa for Hospitality will link with existing systems so guests can order room service and control the air con
Massive volcanic eruptions could have warmed Mars' surface sufficiently for oceans to form
Examination of fruit flies' brains generated more than one billion data points for scientists to analyse