{"id":93008,"date":"2018-12-12T03:01:09","date_gmt":"2018-12-12T11:01:09","guid":{"rendered":"https:\/\/securingtomorrow.mcafee.com\/?p=93008"},"modified":"2025-06-03T21:23:14","modified_gmt":"2025-06-04T04:23:14","slug":"operation-sharpshooter-targets-global-defense-critical-infrastructure","status":"publish","type":"post","link":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/","title":{"rendered":"\u2018Operation Sharpshooter\u2019 Targets Global Defense, Critical Infrastructure"},"content":{"rendered":"<p><em>This post was written with contributions from the McAfee Advanced Threat Research team. \u00a0<\/em><\/p>\n<p>The McAfee Advanced Threat Research team and McAfee Labs Malware Operations Group have discovered a new global campaign targeting nuclear, defense, energy, and financial companies, based on McAfee\u00ae Global Threat Intelligence. This campaign, Operation Sharpshooter, leverages an in-memory implant to download and retrieve a second-stage implant\u2014which we call Rising Sun\u2014for further exploitation. According to our analysis, the Rising Sun implant uses source code from the Lazarus Group\u2019s 2015 backdoor Trojan Duuzer in a new framework to infiltrate these key industries.<\/p>\n<p>Operation Sharpshooter\u2019s numerous technical links to the Lazarus Group seem too obvious to immediately draw the conclusion that they are responsible for the attacks, and instead indicate a potential for false flags. Our research focuses on how this actor operates, the global impact, and how to detect the attack. We shall leave attribution to the broader security community.<\/p>\n<p><a href=\"https:\/\/www.mcafee.com\/enterprise\/en-us\/assets\/reports\/rp-operation-sharpshooter.pdf\" target=\"_blank\" rel=\"noopener\">Read our full analysis of Operation Sharpshooter.<\/a><\/p>\n<h2><strong>Have we seen this before?<\/strong><\/h2>\n<p>This campaign, while masquerading as legitimate industry job recruitment activity, gathers information to monitor for potential exploitation. Our analysis also indicates similar techniques associated with other job recruitment campaigns.<\/p>\n<h2><strong>Global impact<\/strong><\/h2>\n<p>In October and November 2018, the Rising Sun implant has appeared in 87 organizations across the globe, predominantly in the United States, based on McAfee telemetry and our analysis. Based on other campaigns with similar behavior, most of the targeted organizations are English speaking or have an English-speaking regional office. This actor has used recruiting as a lure to collect information about targeted individuals of interest or organizations that manage data related to the industries of interest. The McAfee Advanced Threat Research team has observed that the majority of targets were defense and government-related organizations.<\/p>\n<p><em>Targeted organizations by sector in October 2018. Colors indicate the most prominently affected sector in each country. Source: McAfee\u00ae<\/em> <em>Global Threat Intelligence.<\/em><\/p>\n<p><em>Infection flow of the Rising Sun implant, which eventually sends data to the attacker\u2019s control servers. <\/em><\/p>\n<h2><strong>Conclusion<\/strong><\/h2>\n<p>Our discovery of this new, high-function implant is another example of how targeted attacks attempt to gain intelligence. The malware moves in several steps. The initial attack vector is a document that contains a\u00a0weaponized\u00a0macro to download the next stage, which runs in memory and gathers intelligence. The victim\u2019s data\u00a0is sent to a control server for monitoring by the actors, who then determine the next steps.<\/p>\n<p>We have not previously observed this implant. Based on our telemetry, we discovered that multiple victims from different industry sectors\u00a0around the world have reported these indicators.<\/p>\n<p>Was this attack just a first-stage\u00a0reconnaissance\u00a0operation, or will there be more? We will continue to monitor this campaign and will report further when we or others in the security industry receive more information.\u00a0The McAfee Advanced Threat Research team encourages our peers to share their insights and attribution of who is responsible for Operation Sharpshooter.<\/p>\n<h2><strong>Indicators of compromise<\/strong><\/h2>\n<p><em>MITRE ATT&amp;CK\u2122 techniques<\/em><\/p>\n<ul>\n<li>Account discovery<\/li>\n<li>File and directory discovery<\/li>\n<li>Process discovery<\/li>\n<li>System network configuration discovery<\/li>\n<li>System information discovery<\/li>\n<li>System network connections discovery<\/li>\n<li>System time discovery<\/li>\n<li>Automated exfiltration<\/li>\n<li>Data encrypted<\/li>\n<li>Exfiltration over command and control channel<\/li>\n<li>Commonly used port<\/li>\n<li>Process injection<\/li>\n<\/ul>\n<p><em>Hashes<\/em><\/p>\n<ul>\n<li>8106a30bd35526bded384627d8eebce15da35d17<\/li>\n<li>66776c50bcc79bbcecdbe99960e6ee39c8a31181<\/li>\n<li>668b0df94c6d12ae86711ce24ce79dbe0ee2d463<\/li>\n<li>9b0f22e129c73ce4c21be4122182f6dcbc351c95<\/li>\n<li>31e79093d452426247a56ca0eff860b0ecc86009<\/li>\n<\/ul>\n<p><em>Control servers<\/em><\/p>\n<ul>\n<li>34.214.99.20\/view_style.php<\/li>\n<li>137.74.41.56\/board.php<\/li>\n<li>kingkoil.com.sg\/board.php<\/li>\n<\/ul>\n<p><em>Document URLs<\/em><\/p>\n<ul>\n<li>hxxp:\/\/208.117.44.112\/document\/Strategic Planning Manager.doc<\/li>\n<li>hxxp:\/\/208.117.44.112\/document\/Business Intelligence Administrator.doc<\/li>\n<li>hxxp:\/\/www.dropbox.com\/s\/2shp23ogs113hnd\/Customer Service Representative.doc?dl=1<\/li>\n<\/ul>\n<p><em>McAfee detection<\/em><\/p>\n<ul>\n<li>RDN\/Generic Downloader.x<\/li>\n<li>Rising-Sun<\/li>\n<li>Rising-Sun-DOC<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This post was written with contributions from the McAfee Advanced Threat Research team. \u00a0 The McAfee Advanced Threat Research team&#8230;<\/p>\n","protected":false},"author":911,"featured_media":93015,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[442],"tags":[1411,5526,4452,180,4185],"coauthors":[2544,4607],"class_list":["post-93008","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-mcafee-labs","tag-advanced-persistent-threats","tag-advanced-threat-research","tag-cybersecurity","tag-malware","tag-phishing"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>\u2018Operation Sharpshooter\u2019 Targets Global Defense, Critical Infrastructure | McAfee Blog<\/title>\n<meta name=\"description\" content=\"This post was written with contributions from the McAfee Advanced Threat Research team. \u00a0 The McAfee Advanced Threat Research team and McAfee Labs Malware\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u2018Operation Sharpshooter\u2019 Targets Global Defense, Critical Infrastructure | McAfee Blog\" \/>\n<meta property=\"og:description\" content=\"This post was written with contributions from the McAfee Advanced Threat Research team. \u00a0 The McAfee Advanced Threat Research team and McAfee Labs Malware\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/\" \/>\n<meta property=\"og:site_name\" content=\"McAfee Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/McAfee\/\" \/>\n<meta property=\"article:published_time\" content=\"2018-12-12T11:01:09+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-04T04:23:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/Network-of-internet-of-things-attacked-by-a-hacker-on-one-node-3D-illustration.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2048\" \/>\n\t<meta property=\"og:image:height\" content=\"1152\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ryan Sherstobitoff, Asheer Malhotra\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@r_sherstobitoff\" \/>\n<meta name=\"twitter:site\" content=\"@McAfee\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ryan Sherstobitoff, Asheer Malhotra\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/\"},\"author\":{\"name\":\"Ryan Sherstobitoff\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/8f80835dde8294e9c91e4cd0f998e035\"},\"headline\":\"\u2018Operation Sharpshooter\u2019 Targets Global Defense, Critical Infrastructure\",\"datePublished\":\"2018-12-12T11:01:09+00:00\",\"dateModified\":\"2025-06-04T04:23:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/\"},\"wordCount\":624,\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/Network-of-internet-of-things-attacked-by-a-hacker-on-one-node-3D-illustration.jpg\",\"keywords\":[\"advanced persistent threats\",\"Advanced Threat Research\",\"cybersecurity\",\"malware\",\"Phishing\"],\"articleSection\":[\"McAfee Labs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/\",\"name\":\"\u2018Operation Sharpshooter\u2019 Targets Global Defense, Critical Infrastructure | McAfee Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/Network-of-internet-of-things-attacked-by-a-hacker-on-one-node-3D-illustration.jpg\",\"datePublished\":\"2018-12-12T11:01:09+00:00\",\"dateModified\":\"2025-06-04T04:23:14+00:00\",\"description\":\"This post was written with contributions from the McAfee Advanced Threat Research team. \u00a0 The McAfee Advanced Threat Research team and McAfee Labs Malware\",\"breadcrumb\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#primaryimage\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/Network-of-internet-of-things-attacked-by-a-hacker-on-one-node-3D-illustration.jpg\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/Network-of-internet-of-things-attacked-by-a-hacker-on-one-node-3D-illustration.jpg\",\"width\":2048,\"height\":1152},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Other Blogs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"McAfee Labs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"\u2018Operation Sharpshooter\u2019 Targets Global Defense, Critical Infrastructure\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"name\":\"McAfee Blog\",\"description\":\"Internet Security News\",\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\",\"name\":\"McAfee\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"width\":1286,\"height\":336,\"caption\":\"McAfee\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/McAfee\/\",\"https:\/\/x.com\/McAfee\",\"https:\/\/www.linkedin.com\/company\/mcafee\/\",\"https:\/\/www.youtube.com\/McAfee\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/8f80835dde8294e9c91e4cd0f998e035\",\"name\":\"Ryan Sherstobitoff\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/b9bc99b6021883cbf5794b450795dc55\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/07\/Ryan-150x150.jpg\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/07\/Ryan-150x150.jpg\",\"caption\":\"Ryan Sherstobitoff\"},\"description\":\"Ryan Sherstobitoff is a Senior Analyst for Major Campaigns \u2013 Advanced Threat Research in McAfee. Ryan specializes in threat intelligence in the Asia Pacific Region where he conducts cutting edge research into new adversarial techniques and adapts those to better monitor the threat landscape. He formerly was the Chief Corporate Evangelist at Panda Security, where he managed the US strategic response for new and emerging threats. Ryan is widely recognized as a security &amp; cloud computing expert throughout the country.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/ryan-sherstobitoff-a1334a5\/\",\"https:\/\/x.com\/r_sherstobitoff\"],\"url\":\"https:\/\/www.mcafee.com\/blogs\/author\/ryan-sherstobitoff\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\u2018Operation Sharpshooter\u2019 Targets Global Defense, Critical Infrastructure | McAfee Blog","description":"This post was written with contributions from the McAfee Advanced Threat Research team. \u00a0 The McAfee Advanced Threat Research team and McAfee Labs Malware","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"\u2018Operation Sharpshooter\u2019 Targets Global Defense, Critical Infrastructure | McAfee Blog","og_description":"This post was written with contributions from the McAfee Advanced Threat Research team. \u00a0 The McAfee Advanced Threat Research team and McAfee Labs Malware","og_url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/","og_site_name":"McAfee Blog","article_publisher":"https:\/\/www.facebook.com\/McAfee\/","article_published_time":"2018-12-12T11:01:09+00:00","article_modified_time":"2025-06-04T04:23:14+00:00","og_image":[{"width":2048,"height":1152,"url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/Network-of-internet-of-things-attacked-by-a-hacker-on-one-node-3D-illustration.jpg","type":"image\/jpeg"}],"author":"Ryan Sherstobitoff, Asheer Malhotra","twitter_card":"summary_large_image","twitter_creator":"@r_sherstobitoff","twitter_site":"@McAfee","twitter_misc":{"Written by":"Ryan Sherstobitoff, Asheer Malhotra","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#article","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/"},"author":{"name":"Ryan Sherstobitoff","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/8f80835dde8294e9c91e4cd0f998e035"},"headline":"\u2018Operation Sharpshooter\u2019 Targets Global Defense, Critical Infrastructure","datePublished":"2018-12-12T11:01:09+00:00","dateModified":"2025-06-04T04:23:14+00:00","mainEntityOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/"},"wordCount":624,"publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/Network-of-internet-of-things-attacked-by-a-hacker-on-one-node-3D-illustration.jpg","keywords":["advanced persistent threats","Advanced Threat Research","cybersecurity","malware","Phishing"],"articleSection":["McAfee Labs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/","url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/","name":"\u2018Operation Sharpshooter\u2019 Targets Global Defense, Critical Infrastructure | McAfee Blog","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#primaryimage"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/Network-of-internet-of-things-attacked-by-a-hacker-on-one-node-3D-illustration.jpg","datePublished":"2018-12-12T11:01:09+00:00","dateModified":"2025-06-04T04:23:14+00:00","description":"This post was written with contributions from the McAfee Advanced Threat Research team. \u00a0 The McAfee Advanced Threat Research team and McAfee Labs Malware","breadcrumb":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#primaryimage","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/Network-of-internet-of-things-attacked-by-a-hacker-on-one-node-3D-illustration.jpg","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/Network-of-internet-of-things-attacked-by-a-hacker-on-one-node-3D-illustration.jpg","width":2048,"height":1152},{"@type":"BreadcrumbList","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/operation-sharpshooter-targets-global-defense-critical-infrastructure\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/www.mcafee.com\/blogs\/"},{"@type":"ListItem","position":2,"name":"Other Blogs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/"},{"@type":"ListItem","position":3,"name":"McAfee Labs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/"},{"@type":"ListItem","position":4,"name":"\u2018Operation Sharpshooter\u2019 Targets Global Defense, Critical Infrastructure"}]},{"@type":"WebSite","@id":"https:\/\/www.mcafee.com\/blogs\/#website","url":"https:\/\/www.mcafee.com\/blogs\/","name":"McAfee Blog","description":"Internet Security News","publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.mcafee.com\/blogs\/#organization","name":"McAfee","url":"https:\/\/www.mcafee.com\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","width":1286,"height":336,"caption":"McAfee"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/McAfee\/","https:\/\/x.com\/McAfee","https:\/\/www.linkedin.com\/company\/mcafee\/","https:\/\/www.youtube.com\/McAfee"]},{"@type":"Person","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/8f80835dde8294e9c91e4cd0f998e035","name":"Ryan Sherstobitoff","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/b9bc99b6021883cbf5794b450795dc55","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/07\/Ryan-150x150.jpg","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/07\/Ryan-150x150.jpg","caption":"Ryan Sherstobitoff"},"description":"Ryan Sherstobitoff is a Senior Analyst for Major Campaigns \u2013 Advanced Threat Research in McAfee. Ryan specializes in threat intelligence in the Asia Pacific Region where he conducts cutting edge research into new adversarial techniques and adapts those to better monitor the threat landscape. He formerly was the Chief Corporate Evangelist at Panda Security, where he managed the US strategic response for new and emerging threats. Ryan is widely recognized as a security &amp; cloud computing expert throughout the country.","sameAs":["https:\/\/www.linkedin.com\/in\/ryan-sherstobitoff-a1334a5\/","https:\/\/x.com\/r_sherstobitoff"],"url":"https:\/\/www.mcafee.com\/blogs\/author\/ryan-sherstobitoff\/"}]}},"_links":{"self":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/93008","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/users\/911"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/comments?post=93008"}],"version-history":[{"count":3,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/93008\/revisions"}],"predecessor-version":[{"id":215033,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/93008\/revisions\/215033"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media\/93015"}],"wp:attachment":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media?parent=93008"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/categories?post=93008"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/tags?post=93008"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/coauthors?post=93008"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}