Kaspersky: Cyber attack launched after MH370 went missing

  • Nation
  • Sunday, 19 Apr 2015

SINGAPORE: Within four days after the disappearance of Malaysia Airlines Flight MH370, a group of cybercriminals known as Naikon had apparently launched an “attack” on Malaysian authorities.

The group had attempted to infect the computers of government organisations, the navy, police and civil aviation departments in Malaysia and also other countries involved in the search for the plane, said computer security company Kaspersky Lab.

The motive was to steal information related to the investigation and search efforts, said its Global Research and Analysis Team (GReAT) director Costin Raiu.

“There is a cybercriminal group extremely active in the Asia-Pacific region. We are calling them Naikon. Following the disappearance of MH370, we noticed a spike in the attacks by Naikon.

“Their purpose was to get intelligence from the countries which were involved in the search,” he said during the Kaspersky Cybersecurity Summit here recently.

However, it is not known how successful they had been.

The name Naikon was derived from the string “NOKIAN95/WEB” which was found in the code of the malware.

The group, he said, began sending hundreds of thousands of phishing e-mails, which usually claimed to contain “updates” or were seeking information about MH370, with a Microsoft Word document attached.

A phishing e-mail is sent out by cybercriminals to steal information from individuals or groups.

Raiu showed an example of one of the Naikon e-mails sent to Malaysian authorities, with an attachment titled senarai delegasi (list of delegates).

“They successfully targeted very high-profile institutions in several countries,” he said.

Later, he told The Star that the cybercriminals were trying to get information about the plane, including the passengers and cargo manifest.

“It was an intelligence-gathering operation,” he said.

He said the Asia Pacific was a “hotspot” for cyber attacks due to its economic situation.

“Every country is fighting for a better economic condition, for example, to secure foreign investment.

“If there is a tender, your offer has to be better. So you need to spy on them (other countries) to see what they offer, so you can offer something better. It is usually for this reason that the cyber attacks are done,” he said.

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

Next In Nation

Gyms now allowed to open subject to SOPs, Youth and Sports Minister announces
500kg croc captured at Bagan Ajam jetty
Penang allows congregational prayers based on mosque capacity from Saturday (Sept 18) for fully vaccinated
Health DG: Four Covid-19 cases detected after screenings of those leaving for Langkawi
Syed Saddiq issued letter of demand over allegations to destabilise Bersatu
TMJ: Johor Covid-19 task force to improve system used to screen, isolate, monitor and treat patients
Sabah needs full RM480mil allocation for flood mitigation, says Kitingan
Setting-up isolation centre for entry of foreign workers a right move to ease shortage of workers, says ACCCIM
PM’s assurance to address MA63 issues shows he understands needs of Sabah and Sarawak, says PBS
EMCO in two localities in Pahang and Sabah from Sept 19-Oct 2

Stories You'll Enjoy