BAE Systems has published a threat analysis report that describes how the cyber espionage malware known as Snake attacks computer systems and how the virus works to avoid conventional security tools.
The company’s applied intelligence division also created a list of technical indicators to help enterprises bolster threat detection and mitigation techniques, BAE said Friday.
According to BAE’s report, the Snake malware program has been around since at least 2005 and targeted systems based in the U.S., Europe and the U.K.
“What this research once more demonstrates, is how organised and well-funded adversaries are using highly sophisticated tools and techniques to target legitimate organisations on a massive scale,” said Martin Sutherland, managing director of the applied intelligence division.
BAE researchers found that Snake uses a kernel-centric architecture and bypasses Windows security to load unsigned toolkit in 64-bit machines.
“The challenge of keeping confidential information safe will continue for many years to come,” Sutherland added.
“Hopefully, however, this research will help potential targets to better understand the nature of their threat adversary, and how they can build appropriate defences.“