Security News > 2023 > May > Israel-based threat actors show growing sophistication of email attacks

A threat group based in Israel is behind attacks in recent weeks, according to a report from email security firm Abnormal Security.

Mike Britton, the chief information security officer at Abnormal, said that while it is not unexpected that sophisticated threat actors would emerge from a skilled, innovative technology ecosystem, Asia, Israel - in fact the Middle East, generally - are bases for BEC attackers.

Figure A. Israel has typically been a target most recently of a series of DDoS attacks timed with the annual OpIsrael coordinated cyber attack campaign.

Abnormal said the framework of the attacks involves internal and external message vectors - real people, spoofed, within and outside of the target organization - with the former frequently being the targeted company's CEO. Figure B. "In some campaigns, once the attack has reached this second stage, the group asks to transition the conversation from email to a voice call via WhatsApp, both to expedite the attack and to minimize the trail of evidence," said the firm.

"Email has always been a lucrative attack vector for cybercriminals. Because of this, we will likely see threat actors continue to evolve their tactics, test new approaches, and become even more targeted and sophisticated in their attempts to compromise email users," he said, adding that Slack, Zoom and Microsoft Teams are becoming more important as threat surfaces as attackers seek new entry points.

"To account for emerging threats across collaboration apps, consolidating visibility across all communications tools will significantly improve security teams' ability to detect suspicious and malicious activity - no matter where attacks originate," said Britton.

News URL

https://www.techrepublic.com/article/israel-threat-actors-email-attacks/