Security News > 2020 > December > Think-Tanks Under Attack by Foreign APTs, CISA Warns
"Unfortunately, despite some of the conveniences and efficiencies that remote work can provide, it has greatly expanded the attack surface for all businesses, including think-tanks," Banda said.
In late October, CISA warned that the North Korean APT group known as Kimsuky is actively attacking think-tanks, commercial-sector businesses and others, often by posing as South Korean reporters.
Its mission is global intelligence gathering, CISA noted, which usually starts with spearphishing emails, watering-hole attacks, torrent shares and malicious browser extensions, in order to gain an initial foothold in target networks.
"Organizations need to maintain a strong security-awareness training program and update it frequently to keep employees updated on the latest attack patterns and phishing emails. Employees can make the proper decisions to identify potential phishing emails and report them. This action makes for a more solid security culture and allows the organization to work towards being a more substantial asset for the security department."
Topics will include the most dangerous ransomware threat actors, their evolving TTPs and what your organization needs to do to get ahead of the next, inevitable ransomware attack.
News URL
https://threatpost.com/think-tanks-attack-apts-cisa/161807/
Related news
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- CISA tags SonicWall VPN flaw as actively exploited in attacks (source)
- CISA tags Broadcom Fabric OS, CommVault flaws as exploited in attacks (source)
- Nation-state APTs ramp up attacks on Ukraine and the EU (source)
- CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs (source)
- CISA says SaaS providers in firing line after Commvault zero-day Azure attack (source)