In a dramatic new escalation of cyber espionage activities occurring around the world, hackers now appear to be going after software companies in so-called “supply chain attacks.” The primary goal is to infect as many computers as possible worldwide by going after popular software vendors. The most recent victim of an attempted supply chain attack is multi-billion-dollar Czech antivirus software company Avast, which has more than 435 million users in 68 countries for its popular cybersecurity products. Given the size and scale of Avast’s operations, it’s easy to see why hackers viewed the company as a particularly attractive supply chain attack target.Details of the Avast cyber espionage case
According to Avast, the company first detected suspicious behavior on its network on September 23. Immediately, the company opened a full and extensive investigation into the cyber attack, and also enlisted the help of both the Czech police and the Czech intelligence agency Security Information Service (BIS). Preliminary evidence from this investigation suggests that the attack was a cyber espionage attempt perpetrated by Chinese threat actors. However, the exact identity of the intruder or their purpose is not known, primarily because the threat actor was progressing with exceptional caution.
Avast has been notably transparent about the entire cyber espionage attack, even as some details emerge from an external forensics team that could place Avast in a very negative light. According to Avast, unknown hackers attempted to access internal computer networks at least seven times in 2019. The intruder in each case used compromised username/password credentials that were used to access a temporary Virtual Private Network (VPN) profile. Access was possible, admits Avast, because the company was not using a multi-factor authentication approach, meaning that once the hackers had access to the login credentials, they were able to access the network.
Contect us: CCleaner Product Key