North Korean Spear-Phishing Campaign Attacks U.S. Firms – Expert Commentary

By   ISBuzz Team
Writer , Information Security Buzz | Sep 16, 2019 06:54 am PST

Prevailion researchers discovered an ongoing, spear-phishing campaign coined “Autumn Aperture” that targets U.S.-based firms . The campaign is possibly linked to the North Korean Kimusky threat actors and involves sending victims trojanized documents over email. Additionally, the hackers utilize obscure file formats, making them difficult to detect by antivirus products.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Alexander García-Tobar
Alexander García-Tobar , CEO and Co-founder
September 16, 2019 2:57 pm

The Autumn Aperture attack is a prime example of how sophisticated and convincing cybercrime tactics have become — phishing attacks in particular. These hackers are impersonating senders that are known to the targets, hiding malware in legitimate-looking documents, and sending spoofed emails that their victims may even be expecting.

Today, spear phishing plays a role in at least 90 percent of all cyberattacks, and it is highly effective. To stop attacks like this, the first essential step is to prevent malicious emails from ever entering inboxes. Most email defenses will focus on the content of the messages and the links they contain, but given the rapidly evolving attacks techniques and use of obscure file formats in attacks like these, content-centric systems don’t always catch the bad guys. It’s therefore critical to confirm the identity of the sender, because the vast majority of phishing schemes use fake identities and are virtually indistinguishable from legitimate emails.

Properly enforcing DMARC and implementing advanced anti-phishing solutions that validate senders’ identities add a crucial defensive layer to keep these attacks at bay. It’s time organizations stop putting the onus on their employees and partners to identify and avoid fraudulent emails, and implement known best practices to proactively defend their inboxes.

Last edited 4 years ago by Alexander García-Tobar

Recent Posts

Would love your thoughts, please comment.x