In Case You Missed It: FireEye Top Stories 12-04

1. China Arrests Hackers in OPM Breach: China arrested the attackers it says were behind the breach of the Office of Personnel Management, which involved the personally identifiable information for 22 million current and former federal employees. The criminals were not state-sponsored but were acting independently. FireEye Global Government CTO Tony Cole said that the arrests serve as a deterrent, saying that less people would be inclined to commit a crime if they knew they’d get caught.

2. Hackers Target the Media: Hackers in China launched a spear phishing campaign that targeted media outfits in Hong Kong. The attack follows a trend of advanced threat groups that are hiding their deeds, connecting to legitimate Web services including social sites and cloud storage. The attack uses Dropbox to reach victims, but does not appear to be targeting Dropbox.

3. China Accused of Cyber Attack on Australia Bureau of Meteorology: The attack compromised sensitive systems within the Federal Government. Officials are still determining the motive behind the attack, but it could be related to compromising Australia's ability to accurately forecast weather in order to affect military and commercial aircraft operations. The breach could take years and cost hundreds of millions of dollars to fix.

4. Australians, Don’t Open that Email: Australia is at greater risk for cyber breaches than other parts of the world because its mining and energy companies are top targets. FireEye founder Ashar Aziz discussed the changing threat landscape in Australia, pointing out that spear phishing is a common form of malware distribution. Spear phishing emails are designed to look like they're coming from someone the recipient knows and trusts, and encourage the reader open an attachment or click on a link.