International equipment and software suppliers for the industrial sector last May suffered targeted malware attacks that employed numerous unconventional techniques to evade detection, reports Kaspersky ICS CERT experts in a recent blog post

Utilizing steganography to conceal malicious data within another file, while abusing legitimate web resources to host the malware, the attackers made it highly difficult to detect infection attempts -- although Kaspersky said that in all cases that were identifiable, the malware was blocked by its solutions, preventing additional attacks.

The targeted suppliers, whom if compromised could have been abused as a stepping stone to later attack their industrial enterprise clients, are based in Japan, Italy, Germany and the U.K. The contractors were sent phishing emails that were customized to their local languages and contained malicious Microsoft Office documents with malicious, obfuscated macros. If the localization of the intended victim's operating system didn't match the language used in the phishing email, the malware would not fully execute.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.