Many of the targets Symantec identified were well known commercial organisations located in India. These organisations include one of India’s largest financial organisations, a large e-commerce company, one of India’s top five IT firms and two government organisations, among others. Suckfly spent more time attacking the government networks compared to all but one of the commercial targets. Additionally, one of the two government organisations had the highest infection rate of the Indian targets.
The second Indian government organisation attacked is linked to departments of India’s central government and is responsible for implementing network software for different ministries and departments. The high infection rate for this target is likely because of the organisation’s access, technology, and information that it has on other Indian government organisations. Symantec adds that Suckfly’s attacks on government organisations that provide information technology services to other government branches is not limited to India. They have conducted attacks on similar organisations in Saudi Arabia, likely because of the access that those organisations have.
While most of Suckfly group’s attacks are focused on government organisations (32 percent), technology (29 percent), e-commerce (14 percent), financial (14 percent), shipping (7 percent) and healthcare (4 percent) were also targeted by this group. Suckfly has the resources to develop malware, purchase infrastructure, and conduct targeted attacks for years while staying off the radar of security organisations. Symantec believes that Suckfly will continue to target organisations in India, and similar organisations in other countries to provide economic insight to the organisation behind Suckfly’s operations.