Chapter
Hackers Target MSPs to Gain Access to DoD Network
40:36 - 52:21 (11:44)
Hackers targeted managed service providers (MSPs) to gain access to the US Department of Defense's network. They hacked into an MSP with access to lots of networks, including those of companies with contracts with the US Navy, in order to spider into their customers' networks and run scans on the DoD's IPs to see if there were any shared folders open to that company or network.
Clips
A malicious log-in occurred on an MSP's infrastructure through a customer's IP address, which turned out to not be an employee working on that day, leading to more of their customers being compromised with the same malware.
40:36 - 43:43 (03:06)
Summary
A malicious log-in occurred on an MSP's infrastructure through a customer's IP address, which turned out to not be an employee working on that day, leading to more of their customers being compromised with the same malware.
ChapterHackers Target MSPs to Gain Access to DoD Network
Episode103: Cloud Hopper
PodcastDarknet Diaries
A threat actor used a targeted approach to hack into MSPs in order to gain access to the Department of Defense's (DoD) network.
43:43 - 45:49 (02:06)
Summary
A threat actor used a targeted approach to hack into MSPs in order to gain access to the Department of Defense's (DoD) network. By spidering into each MSP customer's network and running scans on the DoD's IPs, they were able to jump into multiple customer environments and install keyloggers.
ChapterHackers Target MSPs to Gain Access to DoD Network
Episode103: Cloud Hopper
PodcastDarknet Diaries
APT10, an advanced persistent threat (APT) group, stole personal confidential information, such as social security numbers and dates of birth, from over 100,000 US Navy personnel.
45:49 - 49:17 (03:27)
Summary
APT10, an advanced persistent threat (APT) group, stole personal confidential information, such as social security numbers and dates of birth, from over 100,000 US Navy personnel. The group targeted a Managed Services Provider (MSP) that stores, processes, and protects commercial data, including intellectual property and confidential business information, on behalf of its clients.
ChapterHackers Target MSPs to Gain Access to DoD Network
Episode103: Cloud Hopper
PodcastDarknet Diaries
A foreign government accessed and stole proprietary information from a private company with contracts with the US Navy, revealing the possibility of privileged access into the US Navy's network.
49:17 - 52:21 (03:03)
Summary
A foreign government accessed and stole proprietary information from a private company with contracts with the US Navy, revealing the possibility of privileged access into the US Navy's network. This kind of attack is unusual and signifies a shift from government-to-government spying to economic espionage.