Part 2: APT Analysis
Advanced Persistent Threat (APT) groups are a collection of people who receive support and guidance from an established nation state. APT groups are known to generally follow the same pattern as other cyber criminals such as stealing information, disrupting operations, or destroying critical infrastructure (Eye, 2019). APT groups tend to perform their activity over a matter of months or years, which is very different from other cyber criminals. They are also known to adapt to specific cyber defensive measures and repeatedly target the same victim (Eye, 2019). When APT groups find evidence of malware used in previous APT group attacks, they tend to attempt another attack using upgraded malware. APT 12, who is also known as DynCalc or Calc Team, is a well-known cyber espionage group that is believed to be based out of China. The actions and the targets of this group tend to align with the People’s Republic of China’s goals. APT 12 also has been linked to the Chinese People’s Liberation Army. Evidence has been uncovered that leads people to believe that APT12 retools operations after it has been exposed to the media. This group is known as “Darwin’s Favorite APT Group” because similar to Darwin’s theory of evolution, the group has been required to evolve and acclimate in order to maintain its mission (Moran & Oppenheim, 2014). APT12 is known to typically deploy phishing emails from valid, but compromised, email accounts to infect a computer with malware. The malware that they employed from October 2012 throughout May 2014 is known as RIPTIDE. This type of malware is a proxy-aware backdoor that communicates via HTTP to a hard-coded command and control server (Moran & Oppenheim, 2014). The initial communication with the server will retrieve an encryption key. The key is then used to encrypt all further communications. In October 2012, APT12 used RIPTIDE to exploit the New York Times after one of their journalists published an article pertaining to the secret wealth of China’s Premier Wen Jiabao 8 (FlorCruz, 2013). APT12 attacked the New York Times for months via RIPTIDE and obtained employee passwords and the email information of Shanghai bureau chief David Barboza. APT12 eventually modified RIPTIDE to target systems using a Microsoft Word document to exploit systems without being detected via RIPTIDE notifiers, renaming it to HIGHTIDE. The motivation for the modifications to the RIPTIDE malware is suspected to be due to a blog post about RIPTIDE detection by security teams.
HIGHTIDE was first detected in August 2014 when a spear phish email was sent to a Taiwanese government ministry (Moran & Oppenheim, 2014). The spear phish email held a Microsoft Word document which contained malicious content that exploited the system. This HIGHTIDE backdoor to the system was placed to exploit CVE-2012-0158 via a Microsoft Word document, much like RIPTIDE, but it bypassed all of the prior known detections of RIPTIDE. The email that contained the malware was apparently sent from another Taiwanese Government employee, leading to the evidence that the account was compromised. This attack was deemed a success, as they infiltrated the system for half of the month of August. In August of 2014, a different spear phish email was sent to a technology company in Taiwan using the THREEBYTE malware (Moran & Oppenheim, 2014). This incident shared many of the same characteristics of the HIGHTIDE attack. The similarities and characteristics of both attacks include: the THREEBYTE backdoor was compiled two days after the HIGHTIDE backdoors, both the THREEBYTE and HIGHTIDE backdoors were used in attacks targeting organizations in Taiwan, both the THREEBYTE and HIGHTIDE backdoors were written to the same file path of C:\DOCUMENTS and SETTINGS\{user}\LOCAL SETTINGS\Temp\word.exe., and APT12 has previously used the THREEBYTE backdoor (Moran & Oppenheim, 2014). Also, in August 2014, another round of spear phishing e-mails were sent to target a technology organization 9 within Japan using WATERSPOUT backdoor. WATERSPOUT backdoor, similar to RIPTIDE and HIGHTIDE, is an HTTP based backdoor that communication with the hard-coded command and control server (Moran & Oppenheim, 2014). APT12 conducts operational attacks against journalists, governments, and defense industrial bases with a high rate of success. They will continue to evolve and adapt its tactics in order to stay ahead of network defenders. The successful use of RIPTIDE has changed and evolved to the manufacture and use of WATERSPOUT backdoor to avoid detection and to continue exploiting targets for information to reach their goals.
References:
FlorCruz, M. (2013) China’s APT-12, The Entity That May Be Behind The New York Times Hack. Retrieved from https://www.ibtimes.com/chinas-apt-12-entity-may-be-behindnew-york-times-hack-1053044
Moran, N. & Oppenheim, M. (2014). Darwin’s Favorite APT Group. Retrieved from https://www.fireeye.com/blog/threat-research/2014/09/darwins-favorite-apt-group-2.html
Eye, F. (2019). Advanced Persistent Threat Groups | FireEye. Retrieved from https://www.fireeye.com/current-threats/apt-groups.html
Are you busy and do not have time to handle your assignment? Are you scared that your paper will not make the grade? Do you have responsibilities that may hinder you from turning in your assignment on time? Are you tired and can barely handle your assignment? Are your grades inconsistent?
Whichever your reason is, it is valid! You can get professional academic help from our service at affordable rates. We have a team of professional academic writers who can handle all your assignments.
Students barely have time to read. We got you! Have your literature essay or book review written without having the hassle of reading the book. You can get your literature paper custom-written for you by our literature specialists.
Do you struggle with finance? No need to torture yourself if finance is not your cup of tea. You can order your finance paper from our academic writing service and get 100% original work from competent finance experts.
Computer science is a tough subject. Fortunately, our computer science experts are up to the match. No need to stress and have sleepless nights. Our academic writers will tackle all your computer science assignments and deliver them on time. Let us handle all your python, java, ruby, JavaScript, php , C+ assignments!
While psychology may be an interesting subject, you may lack sufficient time to handle your assignments. Don’t despair; by using our academic writing service, you can be assured of perfect grades. Moreover, your grades will be consistent.
Engineering is quite a demanding subject. Students face a lot of pressure and barely have enough time to do what they love to do. Our academic writing service got you covered! Our engineering specialists follow the paper instructions and ensure timely delivery of the paper.
In the nursing course, you may have difficulties with literature reviews, annotated bibliographies, critical essays, and other assignments. Our nursing assignment writers will offer you professional nursing paper help at low prices.
Truth be told, sociology papers can be quite exhausting. Our academic writing service relieves you of fatigue, pressure, and stress. You can relax and have peace of mind as our academic writers handle your sociology assignment.
We take pride in having some of the best business writers in the industry. Our business writers have a lot of experience in the field. They are reliable, and you can be assured of a high-grade paper. They are able to handle business papers of any subject, length, deadline, and difficulty!
We boast of having some of the most experienced statistics experts in the industry. Our statistics experts have diverse skills, expertise, and knowledge to handle any kind of assignment. They have access to all kinds of software to get your assignment done.
Writing a law essay may prove to be an insurmountable obstacle, especially when you need to know the peculiarities of the legislative framework. Take advantage of our top-notch law specialists and get superb grades and 100% satisfaction.
We have highlighted some of the most popular subjects we handle above. Those are just a tip of the iceberg. We deal in all academic disciplines since our writers are as diverse. They have been drawn from across all disciplines, and orders are assigned to those writers believed to be the best in the field. In a nutshell, there is no task we cannot handle; all you need to do is place your order with us. As long as your instructions are clear, just trust we shall deliver irrespective of the discipline.
Our essay writers are graduates with bachelor's, masters, Ph.D., and doctorate degrees in various subjects. The minimum requirement to be an essay writer with our essay writing service is to have a college degree. All our academic writers have a minimum of two years of academic writing. We have a stringent recruitment process to ensure that we get only the most competent essay writers in the industry. We also ensure that the writers are handsomely compensated for their value. The majority of our writers are native English speakers. As such, the fluency of language and grammar is impeccable.
There is a very low likelihood that you won’t like the paper.
Not at all. All papers are written from scratch. There is no way your tutor or instructor will realize that you did not write the paper yourself. In fact, we recommend using our assignment help services for consistent results.
We check all papers for plagiarism before we submit them. We use powerful plagiarism checking software such as SafeAssign, LopesWrite, and Turnitin. We also upload the plagiarism report so that you can review it. We understand that plagiarism is academic suicide. We would not take the risk of submitting plagiarized work and jeopardize your academic journey. Furthermore, we do not sell or use prewritten papers, and each paper is written from scratch.
You determine when you get the paper by setting the deadline when placing the order. All papers are delivered within the deadline. We are well aware that we operate in a time-sensitive industry. As such, we have laid out strategies to ensure that the client receives the paper on time and they never miss the deadline. We understand that papers that are submitted late have some points deducted. We do not want you to miss any points due to late submission. We work on beating deadlines by huge margins in order to ensure that you have ample time to review the paper before you submit it.
We have a privacy and confidentiality policy that guides our work. We NEVER share any customer information with third parties. Noone will ever know that you used our assignment help services. It’s only between you and us. We are bound by our policies to protect the customer’s identity and information. All your information, such as your names, phone number, email, order information, and so on, are protected. We have robust security systems that ensure that your data is protected. Hacking our systems is close to impossible, and it has never happened.
You fill all the paper instructions in the order form. Make sure you include all the helpful materials so that our academic writers can deliver the perfect paper. It will also help to eliminate unnecessary revisions.
Proceed to pay for the paper so that it can be assigned to one of our expert academic writers. The paper subject is matched with the writer’s area of specialization.
You communicate with the writer and know about the progress of the paper. The client can ask the writer for drafts of the paper. The client can upload extra material and include additional instructions from the lecturer. Receive a paper.
The paper is sent to your email and uploaded to your personal account. You also get a plagiarism report attached to your paper.
GET A PERFECT SCORE!!! 
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more