The first week of 2016 has started AMAZINGLY well for the Eskenzi family of clients. However, the client who has come out on top and gets a gold star from all of us here has got to be ESET, because they were responsible for uncovering a brilliant piece of research and announcing it just as everyone was turning up at work on Monday morning. They discovered the BlackEnergy Trojan had been used by hackers to attack the Ukrainian electric power industry and left almost a million people without power over Christmas. ESET were able to show through their own telemetry that this was not an isolated incident and that BlackEnergy had also been used to target numerous energy companies; however, not all of the targets had successfully been infected by the malware.
The attack scenario was simple: The target got a spear-phishing e-mail that contained an attachment with a malicious document. The Ukrainian security company CyS Centrum published two screenshots of e-mails used in BlackEnergy campaigns, where the attackers spoofed the sender address to appear to be one belonging to Rada (the Ukrainian parliament). The document itself contained text trying to convince the victim to run the macro in the document. This is an example where social engineering is used instead of exploiting software vulnerabilities. If victims are successfully tricked, they end up infected with BlackEnergy Lite.
So once again something as simple as a phishing attack resulted in hundreds of thousands losing electricity! Crazy eh!
Although this is awful for the people affected and of course the power industry itself is exposed which isn’t good for anyone – it does hopefully mean that the power industry will learn from their mistakes and take remedial action and make sure they protect their systems with better security in the future. At the very least you would hope that any companies reading about ESET’s research will take note an ensure their staff are trained to recognise what a phishing email looks like. See I’ve started the new year all full of hope and optimism!
From our perspective as a PR agency ESET is the perfect client. They do the research, detection and exposing and we then do our job as their agency to get the story out to all our media contacts. Research and exposing vulnerabilities makes headlines – it’s still one of the best PR hooks in the book – it’s real, original and newsworthy – it makes headlines!.
As a result ESET have got into almost every national newspaper this week including the FT, Reuters, Forbes, Metro, Telegraph, the Independent, Business Insider, the Register and International Business Times.
Nice job done – thank you ESET for being a brilliant client – and let’s raise a glass (albeit an empty one, because it’s dry January) to plenty more discoveries from ESET and other clients during 2016.
Looking forward to week two!
