Russia Phishing Attack On USAID, Other Human Rights Groups

By   ISBuzz Team
Writer , Information Security Buzz | May 31, 2021 04:55 am PST


In response to today’s Another Nobelium Attack report from Microsoft that threat actors affiliated with Russian intelligence conducted a phishing attack on the US Agency for International Development (USAID) to surveil human rights and other organizations critical of the Russian government, a cybersecurity expert with Gurucul offers perspective.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Tom Garrubba
Tom Garrubba , Senior Director and CISO
May 31, 2021 12:59 pm

<p>These threat actors are masters at their craft and are using harder to detect methods of baiting users to click on something. Part of good cyber defense is to constantly brief your community (i.e., employees, suppliers, and other stakeholders) of the latest threats and trends and that they are a critical line of defense in ensuring a smooth operation.</p> <p> </p> <p>Organizations must continuously inform their community of employees, vendors and others to be suspect of anything they receive – even if it appears to be an internal email or notification. Taking that extra step of directly verifying the legitimacy of an email from outside the company really can become the difference as to whether or not your company will be hacked.</p>

Last edited 2 years ago by Tom Garrubba
Saryu Nayyar
Saryu Nayyar , CEO
May 31, 2021 12:57 pm

<p>This proves yet again that one bad apple can spoil the whole bunch. A single user clicking on a single phishing link in a single email can expose an entire organization of connected agencies and businesses to cyber attacks. Education is critical to keeping employees and contractors from inadvertently opening the door to cyber criminals. A strong proactive cyber defense should be top of mind for all organizations.</p>

Last edited 2 years ago by Saryu Nayyar

Recent Posts

Would love your thoughts, please comment.x