ThreatConnect Aids Novetta Research for Operation Blockbuster

ThreatConnect Supports the Novetta-led Research for Operation Blockbuster

Today, the Operation Blockbuster report was published by Novetta, a leader in advanced analytics. Novetta has once again led a coalition of private industry partners, including ThreatConnect, to understand and disrupt malicious capabilities and infrastructure that has been attributed to an adversary that Novetta has identified and dubbed, the Lazarus Group. Most notably tied to the 2014 Sony breach, the Lazarus Group has also been linked to numerous malicious attacks on commercial, military and government targets beginning as early as 2009.

ThreatConnect is supporting the Novetta-led research by availing indicators and signatures to the community via the ThreatConnect platform. To access Operation Blockbuster signatures and Lazarus Group indicators log in to the ThreatConnect Common Community or sign up for a free account

Novetta continues to work with us and other public and private partners in this Operation to ensure that the signatures and intelligence will have a meaningful impact on the Lazarus Group’s abilities to function, to help potential victims understand the technical and operational methods of this group, as well as the important underlying geopolitical and socioeconomic impacts. Novetta – and its partners including ThreatConnect – believe that this combination of sharing highly technical analysis with both the public and private industry is the best way to interdict these types of actors.

Novetta CEO Peter LaMontagne said, “By working with industry partners, we were able to better understand and devise ways to disrupt the tools and techniques used by malicious actors and share that information to protect our collective customers.”

Though the attack on Sony occurred over a year ago, retrospective analysis has been compiled into a comprehensive report which details Novetta’s technical findings, clarifies details surrounding the Sony breach, and profiles the Lazarus Group, who has continued to develop capabilities to target victims since then. Operation Blockbuster provides details on the group’s scope and the more than 45 malware families identified, including signatures and guidance to help organizations detect and stop the group’s activities.

Novetta Publishes Operation Blockbuster – ThreatConnect Aids Research

Lessons learned from Operation Blockbuster: