Security News > 2020 > December > FBI and Homeland Security warn of APT attacks on US think tanks
They also provided a set of extensive mitigation measures to be immediately implemented by think tank organizations' leaders, staff, and IT staff to strengthen their security posture and defend against ongoing attacks by nation-state hacking groups.
The FBI also issued a 'TLP:WHITE' private industry notification in April 2020 regarding the continued targeting of US think tanks by state-backed APT groups since at least 2014, with the end goal of gaining access to and exfiltrating sensitive information.
"Nation-state APT actors have sought access to US think tank organizations-which employ former US Government personnel who continue to engage with current USG officials on political, domestic, foreign, and economic policies -as a means to collect sensitive USG information, bypassing the need to target USG networks directly," the FBI warned.
Even after successfully removing APTs from the compromised network of a think tank organization, they have been able to "Shortly" re-infiltrate them and resume harvesting and exfiltrating sensitive information until their malicious activity was once again detected and blocked the FBI said.
Previous attacks targeting US think tanks in 2017 and 2018 were reported by Defense One and security researchers at Volexity.
News URL
Related news
- Security measures fail to keep up with rising email attacks (source)
- US proposes ban on Chinese, Russian connected car tech over security fears (source)
- Some US Kaspersky customers find their security software replaced by 'UltraAV' (source)
- T-Mobile US fined $31.5M for network security breaches between 2021 and 2023 (source)
- Private US companies targeted by Stonefly APT (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks (source)
- Healthcare attacks spread beyond US – just ask India's Star Health (source)
- China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it (source)
- EDRSilencer red team tool used in attacks to bypass security (source)