Kaspersky: Cyber attack launched after MH370 went missing

  • Nation
  • Sunday, 19 Apr 2015

SINGAPORE: Within four days after the disappearance of Malaysia Airlines Flight MH370, a group of cybercriminals known as Naikon had apparently launched an “attack” on Malaysian authorities.

The group had attempted to infect the computers of government organisations, the navy, police and civil aviation departments in Malaysia and also other countries involved in the search for the plane, said computer security company Kaspersky Lab.

The motive was to steal information related to the investigation and search efforts, said its Global Research and Analysis Team (GReAT) director Costin Raiu.

“There is a cybercriminal group extremely active in the Asia-Pacific region. We are calling them Naikon. Following the disappearance of MH370, we noticed a spike in the attacks by Naikon.

“Their purpose was to get intelligence from the countries which were involved in the search,” he said during the Kaspersky Cybersecurity Summit here recently.

However, it is not known how successful they had been.

The name Naikon was derived from the string “NOKIAN95/WEB” which was found in the code of the malware.

The group, he said, began sending hundreds of thousands of phishing e-mails, which usually claimed to contain “updates” or were seeking information about MH370, with a Microsoft Word document attached.

A phishing e-mail is sent out by cybercriminals to steal information from individuals or groups.

Raiu showed an example of one of the Naikon e-mails sent to Malaysian authorities, with an attachment titled senarai delegasi (list of delegates).

“They successfully targeted very high-profile institutions in several countries,” he said.

Later, he told The Star that the cybercriminals were trying to get information about the plane, including the passengers and cargo manifest.

“It was an intelligence-gathering operation,” he said.

He said the Asia Pacific was a “hotspot” for cyber attacks due to its economic situation.

“Every country is fighting for a better economic condition, for example, to secure foreign investment.

“If there is a tender, your offer has to be better. So you need to spy on them (other countries) to see what they offer, so you can offer something better. It is usually for this reason that the cyber attacks are done,” he said.

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 0
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!

Next In Nation

Actress Diana Danielle files for divorce from Farid Kamil
Twelve Singaporeans injured in crash on NSE near Pagoh
Dr Wee: Conditions need to met before Kedah Aerotropolis gets approval
Anifah Aman and Noolita Suan sworn in as senators
Seremban to procure electric vehicles to boost green city goals
Sabah Tourism Ministry will act on formal complaints but not on hearsay, says Liew
Stats on increase in B40 group to be known by mid-year, says Rafizi
'Harmony walk' on the cards to showcase Sabah's religious co-existence, says Bangkuai
Efforts to improve police welfare are ongoing, says Saifuddin
Sabah workshop explores peaceful co-existence with mischievous macaques

Others Also Read