Security News > 2020 > December > FBI and Homeland Security warn of APT attacks on US think tanks

They also provided a set of extensive mitigation measures to be immediately implemented by think tank organizations' leaders, staff, and IT staff to strengthen their security posture and defend against ongoing attacks by nation-state hacking groups.
The FBI also issued a 'TLP:WHITE' private industry notification in April 2020 regarding the continued targeting of US think tanks by state-backed APT groups since at least 2014, with the end goal of gaining access to and exfiltrating sensitive information.
"Nation-state APT actors have sought access to US think tank organizations-which employ former US Government personnel who continue to engage with current USG officials on political, domestic, foreign, and economic policies -as a means to collect sensitive USG information, bypassing the need to target USG networks directly," the FBI warned.
Even after successfully removing APTs from the compromised network of a think tank organization, they have been able to "Shortly" re-infiltrate them and resume harvesting and exfiltrating sensitive information until their malicious activity was once again detected and blocked the FBI said.
Previous attacks targeting US think tanks in 2017 and 2018 were reported by Defense One and security researchers at Volexity.
News URL
Related news
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Incoming deputy boss of Homeland Security says America's top cyber-agency needs to be reined in (source)
- CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks (source)
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)
- Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks (source)
- Ex-NSA boss: Election security focus helped dissuade increase in Russian meddling with US (source)
- AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface (source)
- US defense contractor cops to sloppy security, settles after infosec lead blows whistle (source)