Government-sponsored spear phishing campaigns remain active

Share this…

Russian agencies are linked to these campaigns

Spear phishing attacks reappear in the media after the Justice Department formally accused 12 Russian military intelligence officers of using this resource as part of a broad campaign to bring to light compromising information (Kompromat) designed to interfere with US political processes.

American intelligence officials warn that government-sponsored malicious phishing campaigns have not diminished, so what can potential victims do?

Just to start, anyone at risk should use the two-factor authentication (2FA) to safeguard their email and cloud accounts. Using 2FA generally requires users to enter not only a password when logging on, but also a single code from a digital or physical token.

2FA Limits

While this is an important step, there is no magic solution to protect against spear phishing, as mentioned by enterprise data protection services experts.

Information security experts consider that if an attacker can trick users to obtain a password, they can trick them to obtain an additional 6-digit code. 2FA can protect against other important attacks, such as the password stolen from one site to be used in another one, or the violation of password databases. But any 2FA system that involves the user entering a code is susceptible to being stolen by phishing.

Many sites and services, including Google, Microsoft Office 365, and Salesforce, among others, allow administrators to ask users to use 2FA to log in. But experts in enterprise data protection services say that users who handle sensitive information need more than a system to send them a code through an app or their phone. That’s because attackers can also trick users into entering the code into fraudulent sites.

The phishing epidemic continues

The problem with phishing is that it depends on social engineering, which means it is designed to deceive users, and can potentially be used to compromise any online account. Unfortunately, humans are easy to deceive, at least sometimes, and we make mistakes. In addition, the phishing campaign can be replicated as many times as necessary until it yields fruit.

The severity of the phishing threat can be seen in the way the subject has recently been treated. Experts in enterprise data protection services describe features such as the increasingly specific nature of phishing attacks, or the importance of keeping in mind the human factor, as well as the training of computer users, the use of technology to extract data from e-mails and attachments and the implementation of malicious domain tracking to better block phishing campaigns, as there is no single solution to deal with this problem.

John Podesta’s Case

Much of our personal and professional lives is hosted on an online server, thereby increasing the impact of phishing on a daily basis.

One of the most prominent phishing victims in recent years was John Podesta, director of the Hillary Clinton election campaign. Federal prosecutors say that the same group of officers from the Russian Central Intelligence Department (GRU) who attacked the Democratic Campaign Committee and the Democratic National Committee also attacked Podesta’s personal email account.

Podesta’s personal email account was far from being the only victim of the alleged Russian attackers. According to experts in enterprise data protection services, the Russian intervention campaign aimed at victims in 39 countries.

In addition to the intervention to the accounts of Podesta and the Democratic Party, the other objectives of the attack included accounts used by the German parliament, the Italian Army, the Saudi Ministry of Foreign Affairs, as well as Philip Breedlove, former commander NATO’s supreme ally of Europe, and Colin Powell, former US secretary of State.

According to experts in enterprise data protection regulation from the International Institute of Cyber Security, anyone can be a victim of a phishing attack, that’s why we should all be smarter and encourage best practices as users to defend ourselves and our devices from them.