The annual World Economic Forum (WEF) in Davos, Switzerland in January drew a powerful cyber-attack, according to Swiss defense minister Guy Parmelin.
Swiss newspaper Tages-Anzeiger is reporting that the attack was not successful, but it does indicate a pattern of high-level attempts. Parmelin said that he suspects economic espionage as the reason behind the attack, but added that a nation-state led offensive could be plausible as well. He also said that he suspects the attackers to be of Russian origin—though no official accusations have been made.
“Significant events, like the World Economic Forum, serve as a hub for important conversations and attract high-profile visitors from all over the world,” Kaspersky Lab researchers said. “But a high concentration of important people in one place also attracts malicious cyber-attackers, who consider public events a good opportunity to gather intelligence with the help of targeted malware.”
According to Kaspersky Lab statistics, at least five of the sophisticated cyber-espionage campaigns discovered in recent years have made use of malicious tools capable of infecting mobile devices. Sometimes these are custom-made malicious programs, created and propagated during a given cyberespionage campaign, as was seen in the Red October, Cloud Atlas and Sofacy campaigns. In other cases, the malicious actors tend to use so-called commercial malware: a special set of offensive tools sold by commercial organizations like HackingTeam (whose tool is called RCS), Gamma International (FinSpy) and others.
Also in January, Swiss defense contractor Ruag, based in Bern, was the victim of an attack that used the same tactics as the Davos attempt. In that instance, hackers breached the company's servers and were able to exfiltrate sensitive information.
Ruag is an expert in aerospace and terrestrial military equipment—and supplies munitions to the Swiss military.
Photo © Drop of Light/Shutterstock.com