Kaspersky: Cyber attack launched after MH370 went missing

  • Nation
  • Sunday, 19 Apr 2015

SINGAPORE: Within four days after the disappearance of Malaysia Airlines Flight MH370, a group of cybercriminals known as Naikon had apparently launched an “attack” on Malaysian authorities.

The group had attempted to infect the computers of government organisations, the navy, police and civil aviation departments in Malaysia and also other countries involved in the search for the plane, said computer security company Kaspersky Lab.

The motive was to steal information related to the investigation and search efforts, said its Global Research and Analysis Team (GReAT) director Costin Raiu.

“There is a cybercriminal group extremely active in the Asia-Pacific region. We are calling them Naikon. Following the disappearance of MH370, we noticed a spike in the attacks by Naikon.

“Their purpose was to get intelligence from the countries which were involved in the search,” he said during the Kaspersky Cybersecurity Summit here recently.

However, it is not known how successful they had been.

The name Naikon was derived from the string “NOKIAN95/WEB” which was found in the code of the malware.

The group, he said, began sending hundreds of thousands of phishing e-mails, which usually claimed to contain “updates” or were seeking information about MH370, with a Microsoft Word document attached.

A phishing e-mail is sent out by cybercriminals to steal information from individuals or groups.

Raiu showed an example of one of the Naikon e-mails sent to Malaysian authorities, with an attachment titled senarai delegasi (list of delegates).

“They successfully targeted very high-profile institutions in several countries,” he said.

Later, he told The Star that the cybercriminals were trying to get information about the plane, including the passengers and cargo manifest.

“It was an intelligence-gathering operation,” he said.

He said the Asia Pacific was a “hotspot” for cyber attacks due to its economic situation.

“Every country is fighting for a better economic condition, for example, to secure foreign investment.

“If there is a tender, your offer has to be better. So you need to spy on them (other countries) to see what they offer, so you can offer something better. It is usually for this reason that the cyber attacks are done,” he said.

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

Next In Nation

Ahmad Faizal says he was misquoted over remarks against Pandelela
Sinovac third phase clinical trials for children under 12 to start at the end of October
Authorities seize unnotified cosmetics, unregistered medicines worth RM218,000 in several raids
Umno supreme council member Arman Azha sworn in as senator
MACC nabs 16 company directors for allegedly misusing Mitra funds
Sabah’s dusk-to-dawn sea curfew extended till Nov 11
Melaka polls: Cabinet to discuss ways to prevent ministers from using official events to campaign, says Wan Junaidi
Cops arrest foreigner in Klang with over RM940,000 in smuggled alcoholic drinks
M’sia firmly committed to FPDA despite Aukus emergence, says Hisham
Jobless man arrested for posing as cop in attempted robbery

Others Also Read