Security Awareness Advocate On Austria’s Foreign Ministry Targeted By ‘Serious’ Cyber Attack

Austria’s foreign ministry has been targeted by a cyber-attack that is suspected to have been conducted by another country.

The ministry said the seriousness of the attack suggested it might have been carried out by a “state actor”. The hack started on Saturday night and experts warn it could continue for several days.

A Russian group called Fancy Bear was suspected to have been involved and was blamed for a similar attack on the German parliament in 2015.

The full story can be found here: https://www.bbc.co.uk/news/world-europe-50997773

Experts Comments

January 06, 2020
Hugo Van den Toorn
Manager, Offensive Security
Outpost24
It is true that despite the precautions taken and all the controls in place, a motivated attacker can always find a way through an organisation’s defences. Although we see an increase in politically motivated attacks over the past few years, we should remain vigilant in blaming certain threat actors or nation-states. As we also see that attribution remains difficult with cyber-attacks, past attacks learn that adversaries will attempt to make their attacks look like other actors in an attempt.....Read More
It is true that despite the precautions taken and all the controls in place, a motivated attacker can always find a way through an organisation’s defences. Although we see an increase in politically motivated attacks over the past few years, we should remain vigilant in blaming certain threat actors or nation-states. As we also see that attribution remains difficult with cyber-attacks, past attacks learn that adversaries will attempt to make their attacks look like other actors in an attempt to avoid taking the blame or to provoke conflicting parties.  Read Less
January 06, 2020
Javvad Malik
Security Awareness Advocate
KnowBe4
There's little information available at the moment as to the type and nature of cyber attack against the Austrian foreign ministry. However, Fancy bear, also known as Sofacy or APT28, has been operational for over a decade and typically targets political targets through phishing emails and credential harvesting through spoofed websites. Once successful in its phishing attack, the group usually leverages droppers to install malware and maintain access. The best defence against such attacks.....Read More
There's little information available at the moment as to the type and nature of cyber attack against the Austrian foreign ministry. However, Fancy bear, also known as Sofacy or APT28, has been operational for over a decade and typically targets political targets through phishing emails and credential harvesting through spoofed websites. Once successful in its phishing attack, the group usually leverages droppers to install malware and maintain access. The best defence against such attacks is to have an aware and engaged workforce that can identify and report any suspected phishing emails or spoofed sites which ask for credentials. Organisations can also implement measures such as multi factor authentication to prevent criminals from gaining access even if they have compromised the password.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.