Data and securityCyber SecurityCyber attack on US government highlights need for robust security

Cyber attack on US government highlights need for robust security

Sofacy, the cyberespionage group, has launched an attack against the US government using a "new persistence mechanism" designed to help evade detection.

Sofacy, the cyberespionage group, has launched an attack against the US government using a “new persistence mechanism” designed to help evade detection.

Attackers sent a spear-phishing e-mail to a US government entity using an email address belonging to the Ministry of Foreign Affairs of another country. Analysis of the attack revealed a high likelihood that the sender’s email address was not spoofed and is instead a result of a compromised host or account belonging to that Ministry.

The developer implemented a clever persistence mechanism in the Trojan, one which had not been observed in previous attacks.

The Sofacy group, also known as APT28, is a well-known threat group that frequently conducts cyber espionage campaigns, according to Palo Alto networks, who discovered the threat.

Commenting on the attack, Mark James, security specialist at ESET, said: “These types of threats rely on user interaction; they require you to actually trigger the phishing attack. If you have procedures and policies in place to deal with this then its success rate should be relatively low. Having said that, spam and phishing emails are still the highest and most popular means to deliver malware because it only requires a momentary lapse of concentration to click that link or run that file. Often the end user is misdirected while the malware does its dirty deeds in the background.”

James recommends that staff are made aware of the dangers of opening attachments and or clicking links within emails. “Policies and rules will help to keep the danger to a minimum but ultimately the user is the biggest threat,” he said. “Good regular updating internet security software along with fully patched operating systems and applications will help to keep you safe. Putting off upgrading operating systems may not actually be saving you money, one mistake and the few thousand pounds you may have saved may cost you hundreds of thousands or even more importantly your good name.”

Full details of the recent Sofacy attack can be found here.

Related Articles

Government and tech industry hold roundtable on IoT security

Cyber Security Government and tech industry hold roundtable on IoT security

6m Jay Ashar
New Army cyber operations centres for MOD

Cyber Security New Army cyber operations centres for MOD

6m Jay Ashar
Competing priorities biggest roadblock to cybersecurity

Cyber Security Competing priorities biggest roadblock to cybersecurity

6m Jay Ashar
Cybersecurity is a market for lemons

Cyber Security Cybersecurity is a market for lemons

6m Bernard Parsons
Compulsory cyber awareness training for Cardiff council staff

Cyber Security Compulsory cyber awareness training for Cardiff council staff

6m Jay Ashar
UK government to assess the cyber security capability landscape

Cyber Security UK government to assess the cyber security capability landscape

6m Jay Ashar
New capability to help organisations fight cyber threats

Cyber Security New capability to help organisations fight cyber threats

6m Jay Ashar
Room for more cybersecurity over and above GDPR

Cyber Security Room for more cybersecurity over and above GDPR

8m Jay Ashar