Expert Comments

New Phishing Campaign Targeting Gov’t Departments Around The World – Commentary From Email Security Expert

Expert(s): Security Experts
Expert(s): Security Experts

Researchers from Anomali discovered a new, mysterious phishing campaign that attempts to the steal login credentials from government departments from around the world. In total, the attacks have targeted at least 22 different organizations across North America, Europe and Asia.

The attacks consist of emails pretending to be related to the targeted government agencies and attempts to trick victims into clicking an email link that directs them to authentic-looking, spoofed government agency websites, prompting the victims to input their username and password. The country that has seen the highest volume of these attacks is the United States with the U.S. Department of Energy, U.S. Department of Commerce and U.S. Department of Veterans Affairs being among those targeted.

It’s currently unclear who is behind the attacks or what their primary goals are.

Experts Comments

December 13, 2019
James McQuiggan
Security Awareness Advocate
KnowBe4
Criminal hackers are evolving their phishing emails to make them extremely convincing to the end user and with a spear phishing email, it's targeted for that particular user. Criminals will use typosquatting to create a similar website with a transposed character to make it easier for people to fall victim to these types of attacks when they hover over the link in the email. Organizations with a strong and robust security awareness program can provide training for employees to be aware of.....Read More
Criminal hackers are evolving their phishing emails to make them extremely convincing to the end user and with a spear phishing email, it's targeted for that particular user. Criminals will use typosquatting to create a similar website with a transposed character to make it easier for people to fall victim to these types of attacks when they hover over the link in the email. Organizations with a strong and robust security awareness program can provide training for employees to be aware of these types of phishing and spear phishing emails. The training can additionally educate the users to be aware of social engineering and to verify any websites before they click on the link.  Read Less
December 16, 2019
Dr. Anton Grashion
EMEA Director
Corelight
Phishing works. People are vulnerable and often do the wrong thing for the right reasons. This is why organisations assess risks and try to prevent all that is possible in line with their assessments and where that isn't possible they have to be able to detect threats inside the organisation in the minimum amount of time. That's often easier said than done and the drive to reduce the time to detect is critical.
December 15, 2019
Javvad Malik
Security Awareness Advocate
KnowBe4
Phishing is a favoured technique of organised criminals and state-sponsored actors due to its high rate of success. The fact that this particular attack has gone to many government departments would indicate a targeted campaign. Government departments should remain vigilant, especially around the holiday period where many staff are on vacation so any intrusion may go undetected for longer. Security awareness and training is fundamental in defending organisations against such phishing.....Read More
Phishing is a favoured technique of organised criminals and state-sponsored actors due to its high rate of success. The fact that this particular attack has gone to many government departments would indicate a targeted campaign. Government departments should remain vigilant, especially around the holiday period where many staff are on vacation so any intrusion may go undetected for longer. Security awareness and training is fundamental in defending organisations against such phishing attacks. From a technical perspective, if these government departments haven't implemented MFA, they should consider doing so as a priority as it can help protect accounts even if the password has been compromised.  Read Less
December 13, 2019
Colin Bastable
CEO
Lucy Security
State and local governments are badly exposed to the risks of ransomware and CEO/BEC (Business Email Compromise) attacks. At Lucy Security, in client meetings we consistently find that around 30 percent of spoof emails are delivered to the email inboxes of local government staff. The problem with relying on technical defenses like firewalls and DMARC alone is that the attackers only need to get lucky once. Defenses need to be 100 percent effective, 100 percent of the time. That is never going.....Read More
State and local governments are badly exposed to the risks of ransomware and CEO/BEC (Business Email Compromise) attacks. At Lucy Security, in client meetings we consistently find that around 30 percent of spoof emails are delivered to the email inboxes of local government staff. The problem with relying on technical defenses like firewalls and DMARC alone is that the attackers only need to get lucky once. Defenses need to be 100 percent effective, 100 percent of the time. That is never going to happen. You can patch systems, but the bad guys always find new vulnerabilities. Up to 30 percent of untrained staff are highly susceptible to the attacks that do succeed. Just like technical defenses, staff can be “patched” to reduce their vulnerabilities to phishing attacks, by training them in a holistic, integrated way. Treat people and systems as parts of the whole. A holistic approach to cybersecurity is essential – deploy technical defenses and “patch” your staff to significantly protect assets through defense in depth.  Read Less
December 13, 2019
Peter Goldstein
CTO and Co-founder
Valimail
This new global phishing campaign targeting government departments is a prime example of how sophisticated and convincing cybercrime tactics have become, especially phishing attacks. There is a common misconception that phishing emails are easy to identify, because they’ll contain spelling and grammar errors and are clearly not coming from anyone the recipient knows. The truth is, cybercriminals have become extremely adept at crafting emails that are indistinguishable from legitimate emails.....Read More
This new global phishing campaign targeting government departments is a prime example of how sophisticated and convincing cybercrime tactics have become, especially phishing attacks. There is a common misconception that phishing emails are easy to identify, because they’ll contain spelling and grammar errors and are clearly not coming from anyone the recipient knows. The truth is, cybercriminals have become extremely adept at crafting emails that are indistinguishable from legitimate emails that recipients receive every day. In this particular instance, the hackers are using advanced impersonation techniques (used in over 80 percent of spear-phishing emails) and even writing emails in the targets’ native language, all with the aim of driving victims to spoofed websites that will steal the victims’ login credentials. To stop attacks like this, the first essential step is to prevent malicious emails from ever entering inboxes. Most email defenses will focus on the content of the messages and the links they contain, but given the rapidly evolving attacks techniques, content-centric systems don’t always catch the bad guys. Therefore, it’s imperative for companies to implement known best practices to proactively defend their inboxes, such as properly enforcing DMARC, a widely-accepted open standard that ensures only authorized senders can use your domain in the From: field of their email messages, and deploying modern anti-phishing solutions that validate senders’ identities.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT

You may also like

Panasonic Becomes Latest Victim Of Data Breach – Security Expert...

Clearview’s £17 Million Fine For Processing 10+ Billion Images Is...

Booz Allen Report On CISOs And China Quantum Computing Risks,...

Experts Reactions On Sky Broadband Hack Warning

Ransomware Set To Break Records This Black Friday 2021

Security Expert On Apple Suing NSO Group

Meta Delays Plans To Rollout End-to-end Encryption

NCSC Issues Black Friday Warning To Tetailers

How The Zelle Fraud Scam Steals Your Bank Credentials

GoDaddy Data Breach Impacts Over A Million Users, Experts Reactions

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts