Data and securityCyber SecurityCyber attack on US government highlights need for robust security

Cyber attack on US government highlights need for robust security

Sofacy, the cyberespionage group, has launched an attack against the US government using a "new persistence mechanism" designed to help evade detection.

Sofacy, the cyberespionage group, has launched an attack against the US government using a “new persistence mechanism” designed to help evade detection.

Attackers sent a spear-phishing e-mail to a US government entity using an email address belonging to the Ministry of Foreign Affairs of another country. Analysis of the attack revealed a high likelihood that the sender’s email address was not spoofed and is instead a result of a compromised host or account belonging to that Ministry.

The developer implemented a clever persistence mechanism in the Trojan, one which had not been observed in previous attacks.

The Sofacy group, also known as APT28, is a well-known threat group that frequently conducts cyber espionage campaigns, according to Palo Alto networks, who discovered the threat.

Commenting on the attack, Mark James, security specialist at ESET, said: “These types of threats rely on user interaction; they require you to actually trigger the phishing attack. If you have procedures and policies in place to deal with this then its success rate should be relatively low. Having said that, spam and phishing emails are still the highest and most popular means to deliver malware because it only requires a momentary lapse of concentration to click that link or run that file. Often the end user is misdirected while the malware does its dirty deeds in the background.”

James recommends that staff are made aware of the dangers of opening attachments and or clicking links within emails. “Policies and rules will help to keep the danger to a minimum but ultimately the user is the biggest threat,” he said. “Good regular updating internet security software along with fully patched operating systems and applications will help to keep you safe. Putting off upgrading operating systems may not actually be saving you money, one mistake and the few thousand pounds you may have saved may cost you hundreds of thousands or even more importantly your good name.”

Full details of the recent Sofacy attack can be found here.

Related Articles

Making the cloud a safe space

Cloud Computing Making the cloud a safe space

4d Guest Writer
Leading cyberlaw academic calls for review of CCTV and AFR implementation

Cyber Security Leading cyberlaw academic calls for review of CCTV and AFR implementation

1w Austin Clark
Government security analysts 'at risk of being overwhelmed by attacks'

Cyber Security Government security analysts 'at risk of being overwhelmed by attacks'

2w Austin Clark
DCMS proposes new cyber security council in latest consultation

Cyber Security DCMS proposes new cyber security council in latest consultation

3w Austin Clark
Securing unified communications – securing countries and citizens

Cyber Security Securing unified communications – securing countries and citizens

3w Guest Writer
IoT security: a barrier to deployment?

Cyber Security IoT security: a barrier to deployment?

3w Guest Writer
Cyber matters – now not later

Cyber Security Cyber matters – now not later

4w Guest Writer
Housing associations collaborate around cyber awareness

Cyber Security Housing associations collaborate around cyber awareness

4w Austin Clark