Because of its accession to the NATO, Montenegro will probably be the target of new attacks similar.
Download the free guide
Boost your gains
Brussels, 6 June 21017 FireEye, Inc. (NASDAQ: FEYE), the leader of the network security based on intelligence, unveiled today during an interview with journalists from new information about cyber attacks against the government of the State of Montenegro, which, according to its analysis from the group of hackers Russian APT28.
Earlier this year, FireEye identified the malware stating that the group APT28 was triggered cyber attacks targeting the government of montenegro. The documents lures used in these attacks of spear phishing refers to a meeting of the Secretariat of the NATO Treaty Organization (North Atlantic), and another described a visit to a military unit european in Montenegro. This last document could be stolen and used for illegal purposes. Yesterday, Montenegro formally became the newest member of NATO.
The expansion of NATO is often perceived by the Russian Federation as a threat to its security, and the offer of accession of Montenegro has been strongly opposed by Russia and by the political parties pro-russians in Montenegro. It is possible that this activity is part of the ongoing activity of APT28 targeting the various member states of NATO, as well as the organization itself, said Tony Cole, Vice President and Chief Technology Officer for Global Government at FireEye.
Russia is strongly opposed to the accession process to the NATO, Montenegro, and probably will continue to use its capabilities of cyber intervention in order to hinder as far as possible, the proper integration of Montenegro into the alliance. The accession of Montenegro could increase the volume of cyber attacks in the direction of NATO and provide new opportunities for adversaries such as Russia to gain unauthorised access to information held by NATO, Mr. Cole said.
FireEye attributed the activity to the group of hackers Russian APT28 for several reasons. The first is that the structure of the exploit flash and the malware GAMEFISH are regarded as being used exclusively by APT28. In addition, this group has already in the past targeted the member states of NATO and the attacks in question have also used an infrastructure considered to be the signature of APT28.
FireEye believes that it is unlikely that Russia abandons its attacks on the Montenegro now that this country’s accession to NATO was confirmed. The member states of NATO and the nations interested in joining this organization should expect to face an increased risk of similar activities.
In February 2017, after that the montenegrin Prime Minister Dusko Markovic has denounced the opposition is foreign to the accession of his country to NATO, government organizations and media in Montenegro have been targeted intermittently by Denial of Service attacks. These attacks have made it temporarily inaccessible to the affected websites. FireEye does not have a high degree of confidence in the attribution of these attacks. They may or may not be directly related to the statements of the Prime Minister.
FireEye released the report on APT28 in October 2014 and January 2017.
About FireEye :
FireEye is the security specialist network based on the intelligence. Functioning as a seamless extension and extensible security operations client network, FireEye offers a unique platform that combines security technologies with innovative building intelligence on the threats of the government, and the consulting services Mandiant world-renowned. Thanks to this approach, FireEye eliminates the complexity and efforts related to cyber security for organizations having difficulties to anticipate, prevent and respond to cyber attacks. FireEye has over 5600 customers in 67 countries, including over 40% of companies listed in the Forbes Global 2000.
Download the free guide
Boost your gains
