Hackers aim to hack the air-gapped networks of Taiwan and Philippine Military
According to ZDNet, The Hackers are in favor of the Chinese Government who is attacking the air-gapped networks of Taiwan and the Philippine military. A multinational cybersecurity and defense company Trend Micro said that the attacks are done by a Hacker group Tropic Trooper.
Taiwan and Philippine military systems were attacked by malware by hackers. The Malware is known as USBferry.
What is USBferry?
According to Trend Micro USBferry is a USB malware that performs different commands on specific targets, maintains stealth in environments, and steals critical data through USB storage.
Trend Micro the main reason behind these attack was to allow hackers to reach inside air-gapped (isolated, internet-disconnected) networks operated by the Taiwanese and the Philippine militaries, and other targets.
The USBferry malware infects a system with less security protection, then wait for a USB device to be connected, infect the device, and wait to be ferried to other parts of a victim’s internal network.
We started tracking this particular campaign in 2018, and our analysis shows that it uses a fake executable decoy and a USB trojan strategy to steal information
said Trend Micro
Tropic Trooper has been interested in stealing defense and marine-related intelligence from Taiwan and the Philippines from the last 6 years
Tropic Trooper is aware that main military or government agencies may have protection strategies in place in physically isolated environments, such as the use of biometrics, secure USB for data transfers, or plugging the USB device into a quarantined machine before using it in a physically isolated environment
Trend Micro researchers said in a report
Air-gapped networks are getting interesting for hackers day-by-day, as this is the 3rd incident which is been into the notice in the week. Security companies need to think about this and get a solution to it ASAP!