Russia Phishing Attack On USAID, Other Human Rights Groups

BACKGROUND:

In response to today’s Another Nobelium Attack report from Microsoft that threat actors affiliated with Russian intelligence conducted a phishing attack on the US Agency for International Development (USAID) to surveil human rights and other organizations critical of the Russian government, a cybersecurity expert with Gurucul offers perspective.

Subscribe
Notify of
guest
2 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Saryu Nayyar
Saryu Nayyar , CEO
InfoSec Expert
May 31, 2021 12:57 pm

<p>This proves yet again that one bad apple can spoil the whole bunch. A single user clicking on a single phishing link in a single email can expose an entire organization of connected agencies and businesses to cyber attacks. Education is critical to keeping employees and contractors from inadvertently opening the door to cyber criminals. A strong proactive cyber defense should be top of mind for all organizations.</p>

Last edited 1 year ago by Saryu Nayyar
Tom Garrubba
Tom Garrubba , Senior Director and CISO
InfoSec Expert
May 31, 2021 12:59 pm

<p>These threat actors are masters at their craft and are using harder to detect methods of baiting users to click on something. Part of good cyber defense is to constantly brief your community (i.e., employees, suppliers, and other stakeholders) of the latest threats and trends and that they are a critical line of defense in ensuring a smooth operation.</p> <p> </p> <p>Organizations must continuously inform their community of employees, vendors and others to be suspect of anything they receive – even if it appears to be an internal email or notification. Taking that extra step of directly verifying the legitimacy of an email from outside the company really can become the difference as to whether or not your company will be hacked.</p>

Last edited 1 year ago by Tom Garrubba
Information Security Buzz
2
0
Would love your thoughts, please comment.x
()
x