|The last few months have sparked a national awareness of cybersecurity — or rather, the lack of it. From the celebrity nude leaks in September of this year, to seemingly rampant credit card hacks targeted at major retailers, people are becoming more and more aware that the internet is not the safest place for information. The latest hack, which is already being called one of the biggest, was revealed on Monday and was for the purpose of gaming the stock market.
According to Reuters, cybersecurity firm FireEye has uncovered a hacking operation that has apparently been active since as early as mid-2013. The operation targeted and hacked emails from more than 100 different companies, mostly healthcare and pharmaceutical companies.
The hackers stole sensitive corporate information from publicly held companies, presumably for the purpose of gaming the stock market, since the information gathered would allow someone to make profitable trades before the insider information was made public. About 47% of Americans are invested in the stock market.
“They are pursuing sensitive information that would give them privileged insight into stock market dynamics,” FireEye Threat Intelligence Manager Jen Weedon said.
According to The Washington Post, the hacking group has been dubbed “FIN4” by FireEye, since it is the fourth major financially motivated hacking groups that the firm tracks.
Rather than using malware, the sophisticated hacking scheme hacks email login and password information, and in turn uses this to send phishing emails to other members of a company.
Though major hacking operations are usually thought to be from China, FireEye suspects that FIN4 is either from America or Western Europe and that the masterminds behind it were trained in investment banking, based on evidence from the phishing emails.
It is unclear whether or not the stolen information was used for trading, and the identities of the hackers are unknown.