Security News > 2020 > October > CISA: Emotet increasing attacks on US state, local governments

Emotet attacks have targeted multiple state and local governments in the U.S. as part of potentially targeted campaigns that have been ramping up since August, the Cybersecurity and Infrastructure Security Agency said in an alert published today.
Since August, the two organizations "Have seen a significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails."
"This increase has rendered Emotet one of the most prevalent ongoing threats," CISA adds.
Starting with July 2020, CISA has observed increased Emotet activity, with the "EINSTEIN Intrusion Detection System, which protects federal, civilian executive branch networks" detecting around 16,000 related alerts.
To secure networks and devices against Emotet attacks, CISA and MS-ISAC recommend admins and users to be cautious when opening suspicious attachments, to use antivirus software, and to block suspicious IPs addresses.
News URL
Related news
- CISA orders agencies to patch BeyondTrust bug exploited in attacks (source)
- CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks (source)
- China's Salt Typhoon spies spotted on US govt networks before telcos, CISA boss says (source)
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- CISA flags Craft CMS code injection flaw as exploited in attacks (source)