[Heads Up]
Microsoft: SolarWinds hackers spear phish govt agencies from 24 countries article by Stu Sjouwerman: reflection
https://blog.knowbe4.com/heads-up-microsoft-solarwinds-hackers-spear-phish-govt-agencies-from-24-countries
The article titled #SolarWinds #hackers spear phish govt agencies from 24 countries is yet another installment in news related to phishing attacks on major businesses around the world. This time, the threat actor Nobelium targeted government agencies, think tanks, consultants, and non-governmental organizations. This group attacked 3k email accounts at over 150 organizations in over 24 total countries, with the more concerning fact being that the United States took the brunt of the attacks. The attackers compromised a well-known legitimate email marketing service named #USAID. These attackers, according to the article, are linked to Russian backed foreign intelligence service operators.
The malware contained HTML attachments which installed an optical disc image which they encouraged the target to open, ultimately loading Cobalt Strike Beacon onto the device which is the default malware payload used to create a connection to the team server. The paid penetration testing product allows the attacker to deploy an agent named “Beacon” on the victim’s machine. This can be transmitted over HTTP, HTTPS, DNS, or the windows SMB protocol. What is particularly alarming is that this allows it to perform low-profile asynchronous communication as well as real time interactive communication with the cobalt strike server. The significance behind the SolarWinds breech lies within the 425 organizations its customer base is made up of. Highly sensitive organizations like The Pentagon, NASA, NSA, and even the US Postal Service are all associated. In March the company announced that after a whopping $3.5 Million already spent through December, they expect an even higher additional cost in future financial periods. This information should be shared with family and friends so they can acknowledge that the threats of outside (and possibly inside) are only becoming more and more ubiquitous as technology is growing. Developing a good plan to hedge against an attack won’t always be enough and educating ourselves to the ways and means that these bad actors are taking will become paramount in protecting ourselves and our families against future attacks on our data.
Citation:
www.cynet.com
https://blog.knowbe4.com/heads-up-microsoft-solarwinds-hackers-spear-phish-govt-agencies-from-24-countries