in

Malware Targets Defense Contractors, Can Go Undetected for Years

Malware Targets Defense Contractors, Can Go Undetected for Years - top government contractors - best government contracting event
Mark Jendzejec, STG Inc.

Malware Targets Defense Contractors, Can Go Undetected for Years - top government contractors - best government contracting eventResearchers from security firm Mandiant revealed the existence of a backdoor Trojan they called Hikit, reports Danielle Walker for SC Magazine.

According to Mandiat's findings, Hikit was discovered only last year, but it has already infiltrated the network of a number of defense contractors as part of a larger scheme.  

Ryan Kazanciyan, a principal consultant at Madiant, shared with SC Magazine on Monday that Hikit is a type of a persistent threat malware which is designed to take classified data for industrial espionage.

Hikit cannot perform a system breach on its own but exploits server weak points to allow and maintain access to its target's database.

Hikit can place commands at its target servers, transfer files, conduct data retrievals, and redirect server traffic.

Researchers at Symantec published a blog post regarding Hikit last Friday which explained the malware does not communicate with a command-and-control server when installed in order to evade detection.  

The kernel driver regulates network traffic until it can track the precise pattern which unlocks the backdoor communication channel.

Hikit can also hamper the operational capacity of its target server since it does not communicate with its creator, according to the Symantec post.

Kazanciyan says Hikit can remain undetected for many years because of the vastness and complexity of their target's networks and its capability of depending on filched identities to gain access.  

He cited that some of its victims have only become aware of its existence in their networks after notification from law enforcement agencies.  

Kazanciyan suggests that target organizations must first identify who was the source of the malware; since it is highly probable that personnel with unrestricted access could have introduced the malware into their network.

He also recommends quarantining internet-facing systems so that malware cannot access other parts of the network.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity News

mm

Written by David J. Barton

Malware Targets Defense Contractors, Can Go Undetected for Years - top government contractors - best government contracting event
China, U.S. Hope to Curb Cyberwar, Intellectual Property Theft
Malware Targets Defense Contractors, Can Go Undetected for Years - top government contractors - best government contracting event
Intelligent Decisions Wins F-22 Program Task Order; Harry Martin Comments