Security News > 2020 > December > Think-Tanks Under Attack by Foreign APTs, CISA Warns
"Unfortunately, despite some of the conveniences and efficiencies that remote work can provide, it has greatly expanded the attack surface for all businesses, including think-tanks," Banda said.
In late October, CISA warned that the North Korean APT group known as Kimsuky is actively attacking think-tanks, commercial-sector businesses and others, often by posing as South Korean reporters.
Its mission is global intelligence gathering, CISA noted, which usually starts with spearphishing emails, watering-hole attacks, torrent shares and malicious browser extensions, in order to gain an initial foothold in target networks.
"Organizations need to maintain a strong security-awareness training program and update it frequently to keep employees updated on the latest attack patterns and phishing emails. Employees can make the proper decisions to identify potential phishing emails and report them. This action makes for a more solid security culture and allows the organization to work towards being a more substantial asset for the security department."
Topics will include the most dangerous ransomware threat actors, their evolving TTPs and what your organization needs to do to get ahead of the next, inevitable ransomware attack.
News URL
https://threatpost.com/think-tanks-attack-apts-cisa/161807/
Related news
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- CISA warns of Windows flaw used in infostealer malware attacks (source)
- Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593) (source)