Trusted Internet Blog

Thoughts, Guidance, Musings

Cyber Security Case Study: Trusted Internet Stops Dangerous “Gh0stRat” at Two Companies in US and Canada

Posted by Jeff Stutzman, Founder | Dec 16, 2018 5:35:13 PM

Recently Trusted Internet deployed and installed a Small Business Unified Threat Manager (UTM) service, to a 100 person oil and gas engineering company in Canada. Within 12 hours...

Trusted Internet’s Security Operations Center (SOC) identified, and stopped Gh0stRAT, from being installed by a Botnet operating out of a public cloud datacenter in San Diego, CA. Gh0stRAT is a “Remote Administration Tool” also known as a “Trojan Horse”, that cyber criminals use to gain access and control of businesses, governments, power and utility companies. Gh0StRAT is an advanced persistent threat that can appear dormant for months then strike without notice. Gh0stRAT was written by Chinese coders for Chinese cyber espionage. Its use is more widespread today than when it was originally intended. It is now well known to be used for cyber espionage, gaining ransom, and other government or state sponsored cybercrimes.  It is now on version 3.6 and is quite healthy -here recently targeting two engineering companies in the Oil and Gas supply chain countries apart.

Due to the expert, 24x7x365 cyber security monitoring from Trusted Internet’s SOC, businesses are being protected from dangerous cybercrime. Nearly at the same time down south near the Gulf of Mexico, Trusted Internet SOC analysts had blacklisted an address pushing the same code using Conficker only a week earlier preventing the attack from occurring. In the Canadian company, Trusted Internet SOC security analysts identified the Botnet installation pattern and quickly acted to kill the connection and block the address to the Botnet operator in San Diego, CA.

 

www.trustedinternet.io

Jeff Stutzman, CISSP

Founder, Chief Information Security Officer

603-930-9212

Topics: Cyber, Information Security, gh0strat

Written by Jeff Stutzman, Founder

Mr. Stutzman personally operates as the CISO to the head coach of an NBA team, a $3.5 billion Houston oil and gas engineering and services company, a northern Virginia physical security company, and Wall Street CEO while supervising Virtual CISOs responsible for protecting executive homes and their companies around the world. He has been cited in the Wall Street Journal, Wired Magazine, NH Public Radio, and numerous trade publications. He holds a BS from Excelsior College, an MBA from Worcester Polytechnic Institute, and is a Harvard Kennedy School Senior Executive Fellow.