August 17, 2016
Since March 2015, a well-organized cyber-crime syndicate has targeted more than 130 companies in over 30 countries for the purpose of industrial espionage.
The vast majority of the victims are small to medium companies (30-300 employees) activating in the industrial sector.
According to cyber-security vendor Kaspersky Lab, the group, which they named Operation Ghoul, intensified operations during June 2016, and more specifically, between June 8 and 27.
The majority of targeted companies activate in industrial sectors such as the petrochemical field, naval, military, aerospace, heavy machinery, solar energy, steel, pumps, and plastics.
Other activity sectors were also targeted, such as engineering, shipping, pharmaceutical, manufacturing, trading, education, tourism, IT, and more.
The group has shown a narrow focus on companies activating in the industrial sector, but not specific to one country. Attacks were scattered all over the globe, with the most recorded in Spain (25 incidents), Pakistan (22), the United Arab Emirates (19), India (17), Egypt (16), and more.
Other targeted countries include the UK, Germany, South Africa, Portugal, Qatar, Switzerland, Gibraltar, USA, Sweden, China, France, Azerbaijan, Iraq, Turkey, Romania, Iran, Iraq, and Italy.