Kaspersky Labs writes about a nation state attack against their own network targeting their very own technology using what they dub Duqu 2:
The attackers were interested in learning about our technologies, particularly our Secure Operating System, Kaspersky Fraud Prevention, Kaspersky Security Network, Anti-APT solution, and services. The bad guys also wanted to find out about our ongoing investigations and learn about our detection methods and analysis capabilities. Since we’re well known for successfully fighting sophisticated threats they sought this information to try stay under our radar. No chance.
Attacking us was hardly the smart move: they’ve now lost a very expensive technologically-advanced framework they’d been developing for years. Besides, they tried to spy on our technologies… which are accessible under licensing agreements (at least some of them)!
We’ve found that the group behind Duqu 2.0 also spied on several prominent targets, including participants in the international negotiations on Iran’s nuclear program and in the 70th anniversary event of the liberation of Auschwitz. Though the internal investigation is still underway we’re confident that the prevalence of this attack is much wider and has included more top ranking targets from various countries. I also think it’s highly likely that after we detected Duqu 2.0 the people behind the attack wiped their presence on the infected networks to prevent exposure.
I wonder how much of this is true and how much has been dramatized for marketing. It is masterfully written and although Kaspersky was breached, it somehow does not sound as bad as one would expect.