In response to the recent Google discovery of a state-backed hacking campaign by North Korea targeting security researchers engaging in vulnerability research, cyber security experts commented below.

Experts Comments

January 27, 2021
Asaf Hecht
Cyber Research Team Leader
CyberArk

Attackers regularly succeed in infiltrating corporate networks across a range of different industries by using social engineering to exploit vulnerabilities in the human psyche. This case is no different, and if anything shows that security researchers – typically the most security-literate employees within organisations - are equally vulnerable to being targeted in carefully co-ordinated, calculated attacks.

 

What is interesting about this state-backed hacking campaign uncovered by Google is

.....Read More

Attackers regularly succeed in infiltrating corporate networks across a range of different industries by using social engineering to exploit vulnerabilities in the human psyche. This case is no different, and if anything shows that security researchers – typically the most security-literate employees within organisations - are equally vulnerable to being targeted in carefully co-ordinated, calculated attacks.

 

What is interesting about this state-backed hacking campaign uncovered by Google is that even nation states are using social engineering as an attack vector. Businesses must be aware and meet this challenge by adopting privileged access management to prevent the lateral spread of an attack. Proactively managing and rotating high-value ‘privileged’ credentials, and limiting user access to only the information and tools needed to perform their immediate role, reduces an attacker’s route to critical data and their ability to exfiltrate information or disrupt operations.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.