Russian agriculture industry subjected to Cloud Atlas cyberespionage campaign

Agricultural organizations across Russia have been targeted by state-backed threat operation Cloud Atlas, also known as Inception, in a phishing attack involving lures for an upcoming industry forum as part of a cyberespionage campaign, reports The Record, a news site by cybersecurity firm Recorded Future.

Illicit emails purporting to be the forum's official program were sent to distribute a file abusing an eight-year-old Microsoft Office vulnerability, tracked as CVE-2017-11882, to facilitate malicious code execution and total system compromise, a report from Russian cybersecurity firm F6 showed.

Attackers could then install nefarious software, manipulate data, and establish new user accounts. Such a development comes as Cloud Atlas has ramped up intrusions against Russian and Belarusian targets this year, while continuously improving its attack arsenal.

"Cloud Atlas's continued use of the same tactics and exploitation of long-known vulnerabilities suggests its attacks remain effective largely due to unprotected or poorly maintained systems and the human factor," said F6 researchers.