Symantec Security Response have published a research paper revealing details about a series of attacks perpetrated by a highly organized and well funded group using the “Elderwood” Attack Platform. This platform is a series of tools and infrastructure used by this group to perform attacks against targets in a speedy and efficient manner. The group behind this platform used it to carry out a multitude of attacks against targets primarily in the defense industry and other organizations within its supply chain. This group demonstrates a dogged persistence and tenacity, along with a high degree of technical expertise as shown by the seemingly unlimited supply of zero-day exploits that they have employed in the past. This research examines a time window of at least three years in which numerous attacks were conducted and still continues to take place to this day. The paper covers the attack methods used, the possible motives, the scale of the attacks and what to do to stay protected.
The following infographic sums up the facts and figures uncovered in the research. For full details about these attacks, please download the full paper from our Security Whitepaper Repository.