A cyberespionage group called Sofacy has launched a fresh attack against the US government, using a “new persistence mechanism” designed to help evade detection. The campaign involves sending government officials spear-phishing emails from the email address belonging to the ministry of foreign affairs of another nation, indicating that the sender’s account may have been compromised. Mark James, Security Specialist at ESET commented below.
Mark James, Security Specialist at ESET:
How big is this threat?
“Like most of these threats they are only big if they are successful, these types of threats rely on user interaction; they require you to actually trigger the phishing attack. If you have procedures and policies in place to deal with this then its success rate should be relatively low. Having said that, spam and phishing emails are still the highest and most popular means to deliver malware because it only requires a momentary lapse of concentration to click that link or run that file. Often the end user is misdirected while the malware does its dirty deeds in the background.”
Any other comments about the growing sophistication of threats and APTS?
“Threats and APT’s will continue to grow and become more sophisticated to counter the measures imposed to stop them, its natural progression. The bad guys produce malware, the good guys stop it, we get better, they get better and so on. It’s in our nature to learn and adapt regardless of our profession, it’s always been the same in computing with both hardware and software.”
Advice for businesses?
“Make sure your users and staff are very aware of the dangers of opening attachments and or clicking links within emails; it’s the very basics of securing your network. Policies and rules will help to keep the danger to a minimum but ultimately the user is the biggest threat. Good regular updating internet security software along with fully patched operating systems and applications will help to keep you safe. Putting off upgrading operating systems may not actually be saving you money, one mistake and the few thousand pounds you may have saved may cost you hundreds of thousands or even more importantly your good name.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.