NEWS
Leafminder: Espionage group
targets organisations in KSA
Saudi Telecom
Company
expands IT
operations
S
audi Telecom Company (STC) is further
expanding its operations into the IT
sector. The company is aiming to expand
its investment through focusing on value-
added technical and Fin-Tech solutions and
content which it hopes will achieve targeted
future growth.
S
ymantec has released research
that reveals a cyber-espionage
group called Leafminer is targeting
government organisations and business
verticals in the Middle East, including
those in Saudi Arabia.
The primary industries under attack
include governments and the financial
and energy sectors, and the group
appears to be based in Iran. Key findings
of Symantec’s research include:
• Inexperience led to discovery:
Leafminer’s poor operational security,
as well as its eagerness to capitalise
on tools/techniques used by more
advanced threat actors, suggests
inexperience. By leaving a staging
server publicly accessible, the group
exposed its entire arsenal of tools
and opened a trove of intelligence to
Symantec researchers
10
INTELLIGENTCIO
• Infiltration techniques: Leafminer
attempts to infiltrate target networks
using three main techniques for
intrusion: watering hole websites,
vulnerability scans of network services
on the Internet and brute-force/
dictionary login attempts
• Targeting data: Leafminer’s post-
compromise toolkit suggests that the
group is looking for email data, files
and database servers on compromised
target systems. This points to
espionage as the motivation
Countries targeted by the group include
Egypt, Saudi Arabia, UAE, Qatar, Kuwait,
Bahrain and Afghanistan.
Symantec believes the group has been
targeting organisations since early 2017.
Its detection telemetry shows malware
and custom tools used by Leafminer on
44 systems across four regions.
It has already launched a new data
centre in Riyadh, in line with the National
Transformation Program 2020 and
Vision 2030. The data centre will enable
digital services for both public and private
sectors in areas such as cloud computing,
cybersecurity, data analysis and Smart Cities.
With the launch of the new data centre,
STC becomes the largest provider in the
Middle East for cloud computing services
with the addition of 12 new centres in the
next three years.
Nasser Bin Sulaiman Al Nasser, Chief
Executive Officer of Saudi Telecom Group,
said as the main provider of digital services,
and as part of the Vision 2030 initiatives,
the company continues to deploy fibre
optic Broadband services in the urban
areas of the KSA with the support from
the Ministry of Communications and
Information Technology.
The total number of fibre optic subscribers
has increased in the second quarter of
2018 by 8.5% compared to the same
quarter last year.
www.intelligentcio.com