Cybersecurity specialists at BAE Systems and Symantec announced last week new evidence suggesting that the criminals behind the notorious 2014 attack on Sony Corp. are also responsible for recent cyber-attacks involving 104 organizations in 31 countries. Researchers and investigators have long attributed the 2014 Sony attack, which crippled computer systems and revealed internal emails, to the North Korea-linked group known as “Lazarus.” Malware recently discovered running on the computers of a Polish bank suggest that the Lazarus group is now targeting global financial institutions using a sophisticated “watering hole” technique.

The “watering hole” in this instance was the website of the Polish Financial Supervision Authority, which the hackers infected with malware designed to attack specific financial institutions visiting the regulator’s website. Akin to an opportunistic crocodile lying in wait for the perfect-sized gazelle to come too close to the edge of the water, the Lazarus malware was designed to only infect computers linked to pre-designated banks and other organizations located in Poland, the UK, the US, and elsewhere worldwide. By targeting only a small number of IP addresses, the malware was able to remain undetected for several months.

In addition to targeting private financial institutions, the Lazarus watering hole attack also infected websites belonging to Mexico’s National Banking and Securities Commission, a state-run bank in Uruguay, and a small number of internet and telecommunications firms. Although investigators have not attributed any thefts to the malware, Lazarus is thought to have orchestrated a number of high profile cyber-robberies, including the theft of $81 million from the Bank of  Bangladesh’s account at the Federal Reserve Bank of New York.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Scott Baird Scott Baird

Scott M. Baird is an associate in the firm’s Business Transactions and Finance Groups, where his practice involves all aspects of corporate and securities law, including corporate governance, mergers and acquisitions, private equity and venture capital transactions, joint ventures, finance transactions, and securities…

Scott M. Baird is an associate in the firm’s Business Transactions and Finance Groups, where his practice involves all aspects of corporate and securities law, including corporate governance, mergers and acquisitions, private equity and venture capital transactions, joint ventures, finance transactions, and securities law and compliance. He focuses on new legislation as well as regulatory and compliance matters involving financial service institutions. Read his full rc.com bio.

Photo of Norman Roos Norman Roos

Norman Roos, a member of Robinson+Cole’s Business Transactions Group, concentrates his practice on transactional, regulatory, and technology matters relating to the financial services and real estate industries. He is also a member of the firm’s Financial Services Cyber-Compliance Team and advises financial institutions…

Norman Roos, a member of Robinson+Cole’s Business Transactions Group, concentrates his practice on transactional, regulatory, and technology matters relating to the financial services and real estate industries. He is also a member of the firm’s Financial Services Cyber-Compliance Team and advises financial institutions concerning data privacy and security matters, particularly in relation to policy planning and implementation.

Mr. Roos is counsel to the Connecticut Mortgage Bankers Association, Inc., and is president-elect of the American College of Mortgage Attorneys where he has served on the Board of Regents and as Connecticut State Chair. A member of the Connecticut Bar Association, Mr. Roos is Past Chair of the Financial Institutions Law Section. He has served on a number of Connecticut Law Revision Study Committees including those on Uniform Common Interest Ownership Act, Electronic Communications, Mortgagor Liability, and Electronic Recording of Land Records. Read his full bio here.