The Elderwood Project Revealed

I am usually a little leery of sensational-sounding claims by security firms; "feathering the nest" is the phrase that usually comes to mind. That said, Symantec has a sobering blog post regarding something they are calling The Elderwood Project. They outline ongoing efforts to infect and otherwise disrupt critical infrastructure using zero-day exploits:

The primary targets identified are within the defense supply chain, a majority of which are not top-tier defense organizations themselves. These are companies who manufacture electronic or mechanical components that are sold to top-tier defense companies. The attackers do so expecting weaker security postures in these lower tier organizations and may use these manufacturers as a stepping-stone to gain access to top-tier defense contractors, or obtain intellectual property used in the production of parts that make up larger products produced by a top-tier defense company.
That's not very comforting, is it?
Symantec Offical Blog 

Comments

Popular posts from this blog

VPN Use Is Up, Up, Up

Q4OS Linux On An Old Windows Laptop

Google AIY Voice Kit For Rasperry Pi