As reported by Sky News, Russian hackers stole secret trade deal papers from the email account of former cabinet minister Liam Fox.
Reuters report that Mr Fox’s account was broken into multiple times between 12 July and 2 October 2019 – in the run up to last year’s general election. It said a “spear phishing” message was used, which tricks the target into handing over their password and login details. Quoting unnamed sources, Reuters reported officials did not say which group was responsible but did insist the attack “bore the hallmarks of a state-backed operation”.
Clearly this data breach will be a huge concern for the UK Government, and it highlights the very real threat organisations face protecting their sensitive documents. Unfortunately, malicious attacks still account for more than a third of data breaches each year, so it is vital that organisations have security measures in place to prevent sensitive documents falling into the wrong hands. Data protection and multi-layered encryption should be at the core of today’s document and email management practices, and inevitably questions will be raised if the Department for International Trade is found wanting.
Spear phishing is not necessarily growing in frequency, but the attack vector is clearly being conveyed in more ingenious and craftier ways than we have seen before. Victims are highly likely to be aware of such tactics, which goes to show the level these hackers are now at.
Moreover, the emails targeting these high profile figures rarely stop at just one attempt either. These will flood in and many will be masqueraded as a known contact to the victim. The language and tone will fit perfectly and the demands will sound convincing. Even astute, savvy victims can often trip up when enough pressure is mounted.
Although it may be time consuming, those at risk in high profile positions must double check everything before entering confidential data such as passwords and one time passcodes. An easy slip up can be extremely costly, and powerful hackers are not giving up easily, so we must remain more vigilant than ever to beat them.