Most often we hear about financial, banking and large retail operations being targeted by hackers and cybercriminals. Lately, however according to a report from Forcepoint the JAKU (named in homage to a planet in Star Wars) botnet appears to be targeting technical, engineering and certain government agencies.

In the report, researchers describe how the JAKU servers assign a unique ID (UID) to every victim. This allows the system to track each instance of a victim “phoning home”.

Once duplicates have been scrubbed it appears that approximately 19,000 victims have fallen prey to JAKU according to records gathered for the period September 2015 – May 2016. Since the system uses the victim’s Windows default language the victims demographics can be assembled. Here is how the breakout:

  • Korean (43%)
  • Japanese (30%)
  • English (13%) and
  • Chinese (10%). The remaining
  • 27 Other languages (4%)

Interestingly enough, there do not appear to be any instances of North Korean computers having been infected.

Simultaneous Mass and Targeted Attacks

One of the unique aspects of JAKU, according to Forcepoint is the way it combines what they deem “indiscriminate” attacks (numbering into the thousands) with highly targeted attacks. Even more curious is that these precision attacks appear to center upon technical organizations such as members of International NonGovernmental Organizations (NGOs), Engineering Companies, Academics, Scientists and Government Employees.

What all This Means to You and Your Organization

Botnets such as JAKU are just one of the many different types of cyber threats facing organizations such as yours. The only way to keep your organization safe is to have a comprehensive security plan in place that addresses all possible vulnerabilities. At Konsultek we specialize in protecting and securing the valuable data of organizations across all industries and sizes. Go ahead, give us a call and let’s see how we can work together to secure your future.

 

read more