Connect with us

Tech News

NCA’s Operation Morpheus targets illicit Cobalt Strike use

Published

on

NCA’s Operation Morpheus targets illicit Cobalt Strike use

The National Crime Agency (NCA) in the UK, in collaboration with agencies such as the FBI, and counterparts from Australia, Canada, and the European Union, has carried out a series of enforcement actions against individuals using the Cobalt Strike penetration testing tool for cyber criminal activities.

Operation Morpheus recently targeted 690 instances of Cobalt Strike across 129 internet service providers (ISPs) in nearly 30 countries. The NCA, along with its partners, successfully neutralized 593 of these instances by either taking down servers or notifying ISPs hosting malware.

While Cobalt Strike is a legitimate tool owned by Fortra, cyber criminals have exploited pirated or unlicensed versions to conduct cyber attacks, including ransomware incidents. Illicit versions of Cobalt Strike have been linked to major cyber attacks and ransomware gangs like Ryuk and Conti.

Paul Foster, the NCA’s director of threat leadership, emphasized the impact of illegal use of Cobalt Strike, stating that it has facilitated cyber crime and caused significant financial losses to businesses. He urged victims of cyber crime to report incidents to law enforcement.

How do I stop Cobalt Strike being used against me?

To prevent Cobalt Strike attacks, IT and security professionals should prioritize cyber security hygiene measures and educate their organizations. The tool often enters systems through phishing emails containing malicious links or attachments, so implementing robust email security measures is crucial.

Fortra has also committed to collaborating with law enforcement and the security industry to remove older versions of the software from the internet.

See also  Finnair cancels 300 December flights over pilot strike, BA

Trending