http://www.eweek.com/security/anthem-breach-evidence-points-to-china-security-researchers-say.html
By Robert Lemos
eWEEK.com
2015-02-28
A new open-source intelligence analysis of the breach of health insurer
Anthem has reinforced theories that the data theft leads back to a Chinese
espionage program, security firm ThreatConnect stated on Feb. 27.
In the report, which is based on public sources or "open-source"
intelligence, security researchers at ThreatConnect and other companies
found technical evidence that linked the malware reportedly used in the
Anthem attack to a Chinese espionage group and a professor at Southeast
University, which works with a government contractor, Beijing Topsec
Technology Co.
A variety of evidence—including email addresses, domains registered for
the command-and-control servers and the certificate used to sign the
malware—led back to the trio of actors, Rich Barger, chief intelligence
officer for ThreatConnect, told eWEEK.
"All of this evidence, from the technical aspect, pointed back to China in
numerous ways despite the actors' best efforts to shroud their origins,"
Barger said. "They made an effort to hide, but they messed up."
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
