In a new collection of extensive research reports, our Threat Intelligence Team profiles a new, likely state-sponsored threat actor called The White Company. The report details one of the group’s recent campaigns, a year-long espionage effort directed at the Pakistani government and military – in particular, the Pakistani Air Force. We call this campaign Operation Shaheen.
In today’s episode of InSecurity, Matt Stephenson talks with Operation Shaheen researchers Ryan Smith, Jon Gross, and Kevin Livelli. Their recently published research reports profiled a new and likely state-sponsored threat actor dubbed The White Company.
Just like every other major international banking sector, Pakistan’s financial data has become increasingly digitized. The digitalization is great for convenience and efficiency, but it has also made their banking industry increasingly vulnerable to cyberattack.
One of the great paradoxes in cybersecurity is that as defenders race ahead to identify the next and newest methods of attack, attackers often lag behind and reuse the old and obvious ones with success. In this Threat Intelligence Bulletin, we look back and show how easy it is for threat actors to change course after the publication of threat intelligence reports - and how valuable it can be for researchers, organizations and the public they serve to keep looking back.