Nigerian cybercriminals targeting industrial firms have stolen a slew of sensitive technical drawings, network diagrams, cost estimates, and project plans already this year. The data, exfiltrated by a cocktail of different spyware programs, wasn’t stolen from just executives, but also operators, engineers, designers and architects.
The thefts stem from a series of Business Email Compromise (BEC) attacks. In total, researchers with Kaspersky Lab said this week they’ve seen over 500 companies – mostly in the industrial and transportation sector – from 50 countries hit by strategic phishing messages over the past several months.
A report by the company’s Industrial Control Systems Cyber Emergency Response Team broke down the phishing attacks on Thursday.