Researchers also identified a wave of DNS hijacking attacks performed by an unnamed group with connections to Iran. The group has been hijacking domains belonging to government, telecommunications and internet infrastructure entities across the Middle East, North Africa, Europe, and North America. Initial technical evidence suggests that the attacks are carried out by individuals based in Iran and align with Iranian government interests. Researchers are unable to determine a single intrusion vector for each DNS record change, and it is likely that the group uses multiple techniques to gain an initial foothold in each targeted system.
We advise organisations to stay vigilant of advanced persistent threats and subscribe to threat intelligence services to be informed of the latest threats and vulnerabilities. We also recommend organisations to understand the cyber kill chain that illustrates the various stages of an APT attack and adopt the relevant security measures to defend against each attack stage. It is also important to test your network regularly either on your own or by hiring external professionals.
 Experts say China hackers 'APT10 Group' likely behind attack on major Japanese business lobby in 2016
 Global DNS Hijacking Campaign: DNS Record Manipulation at Scale
More Weekly Cyber Newsanalysis and insights
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Ensign Systems Integration
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services