A Cyber-spy group is reported to have attempted to hack the Dutch Safety Board officials’ computers tasked with the MH17 air crash investigation.
Pawn Storm, a Russian spy group believed to have close connections with the Russian government reportedly targeted the Dutch agency before and after the safety board published their detailed report on the MH17 incident on October 13, 2015, Trend Micro reported on its website October 22.
“Pawn Storm has a long history of targeting government agencies and private organizations to steal sensitive information. Our most recent findings show that they targeted the international investigation team of the MH17 plane crash from different sides,” the company said.
Trend Micro believes that a fake server mimicking an SFTP server of the Dutch agency was set up on September 28, 2015, later a fake VPN server of the same organization was set up on October 14, 2015. These were used for credential phishing attacks against the personnel of the safety board to get unauthorized access to both the SFTP and the VPN server.
The Trendlabs Security blog said this was the first time that they have seen direct evidence of an APT group attempting to get unauthorized access to a VPN server.
“The VPN server of the Safety Board looks to use temporary tokens for authentication. However, these tokens can be phished in a straightforward way and tokens alone do not protect against one-time unauthorized access by third parties, once the target falls for the phishing attack,” the website said.
The attacks weren’t limited to the Dutch Safety Board.
On September 29 2015, a fake Outlook Web Access (OWA) server was set up to target an important partner of the Dutch Safety Board in the MH17 investigation. We were able to warn the affected party in a very early stage, thus probably preventing the attack to succeed.
These discoveries show that it is very likely that Pawn Storm coordinated attacks against different organizations to get sensitive information on the MH17 plane crash.
In a press release, Trend Micro said it notified the safety board before any information was accessed.
Speaking to AFP, a spokeswoman for the Dutch Safety Board said the cyber incidents had been uncovered, but did not provide details on who they thought the perpetrators were. She also said there was "no evidence" the efforts had succeeded.
In the past, the group is believed to have carried out attacks against the White House, NATO, and Syrian opposition. Trend Micro reported that Pawn Storm is boosting its attack efforts targeting the Syrian groups, along with other countries in the region that have spoken out against Russia.
The MH17 flight was brought down with a high degree of accuracy last July 17 killing 298 passengers onboard. The results of the investigation was released in October this year.
The official report concluded that Malaysia Airlines flight MH17 was shot down by a Russian-made BUK missile fired from rebel-held eastern Ukraine.
The report rejected Moscow's contention that the plane was hit by a missile fired by Ukrainian troops as it flew at some 33,000 feet above the territory.
The report said, "The investigation was not concerned with question of blame or liability.
Russia has denied using Buk missile in the Malaysian MH17 flight crash that happened last summer and says that it was done by the missile in possession of Ukrainian troops within three-four kilometres area. The official report however have concluded that Malaysia Airlines flight MH17 was shot down by a Russian-made BUK missile fired from rebel-held eastern Ukraine
US relied on social media for ‘forensic evidence against Russian backed rebels for the shooting down of the Malaysian Airlines Flight MH 17. State Department Spokesperson Marie Harf disclosed that “evidence” was a You Tube video showing a conversation between a separatist leader and a Russian military commander where the former accepts responsibility for shooting down the airliner
The Dutch military has received an actual Buk anti-aircraft missile system from Georgia to use in its investigation of the Malaysian Airlines Flight MH17 downing in July 2014. According to a report by Dutch television news service
The investigating team of MH17 airliner crash has found a component belonging to the Russian-made Buk missile at the crash site in eastern Ukraine. The Joint Investigation Team (JIT) published an image which shows a "Venturi", which emits propellant gases, like a car exhaust
Bell Helicopter Textron Wins $32 Million in Support of V-22 Aircraft Hub
L3 To Produce Squad Aiming Laser Systems For USSOCOM
BAE Systems’ Eye Tracking Tech to Control Future Fighter Jets
China Threatens ‘Consequences’ if US Does not Withdraw Sanctions
Bharat Electronics Receives INR9200 Crore ($1.8Billion) Order for Naval LRSAM
Argentina Finally Makes Payment For Five Dassault Super Etendard Strike Aircraft
Israel Air Force Considering Boeing F-15 over Additional F-35 Fighter Jets
Philippines, Bangladesh Likely to Buy 100 Turkish-Indonesian KAPLAN Tanks
Russian fifth generation fighter aircraft (FGFA) Su-57 will for the first time perform flights during the ARMY 2018 event near...
The American-made Patriot and Russian S-400 Triumf air defense systems are currently hogging international orders despite their price tags running...
The Russian ministry of defense on Thursday published a series of videos showcasing the production, deployment and installation and testing...
The market for fighter jets in countries which are expected to have open competitions is estimated at US$50 billion to...
The Indian MoD's plan to purchase 110 fighter jets may be its costliest fighter jet buy ever with the entire...
Indias plans of integrating the MBDAs meteor missile on its LCA Tejas and Su-30MKI aircraft may not happen due to...