It almost seems like something from a Hollywood script: cyber criminals using enticing pictures of film and cinema stars in order to get people to click on emails or links – thereby distributing malware. This was the case with the Moviestar malware aimed at the 2013 G20 summit, which used photos of star Carla Bruni in order to plant malware which helped breach the government computer systems of nine government institutions across five nations. It was that simple.
FireEye believes that the Australia hosted G20 summit this November will be a likely candidate for targeted malware intrusion, where hackers will send recipients fake schedules and information links that are “related” to the summit. FireEye is highlighting the need for advanced detection to prevent these threats from coming to light and succeeding.
Similar attacks–called Dream and Dolphin–were carried out during the London Olympics, with fake schedules and other news items related to the games being used as “bait” to access government level computers. The G20 summit held in St. Petersburg was also the victim of attempted cyber attack – an email with the subject line Pre-Summit Meeting of G20 had three different malware viruses inside.
It’s interesting that these threats are so persistent, and officials and attendees must be made aware of the risks involved. A briefing on cyber security should be essential, warning people of suspicious links, emails, and other issues. Countries should also attempt to configure their computers with the latest in malware detection and prevention. Australia in particular should be extra vigilant, according to FireEye, and be on the lookout for bait that is specifically targeting world events and events related to the upcoming G20 summit.