In addition, Multi-Factor Authentication (MFA) should be enabled on all accounts and logins to any accounts should be closely monitored and managed.”
Because email account hijacking and data breaches are most often the result of phishing emails, people employed by the embassies and other diplomats should be trained to spot these attacks and report them to an internal security staff. In situations like embassies, which act as sovereign soil in foreign countries, and for the diplomats within them, the information about activities occurring within the region would be a gold mine for adversaries. These are spearphishing emails targeted at particular diplomats and embassy staff, making claims about fictitious events such as embassy closures due to Covid-19.Įrich Kron, Security Awareness Advocate for KnowBe4, expands on what these types of phishing campaigns tend to look like: “For anyone involved in politics, it is critical to understand that they may be targeted due to information they have, or even just the contacts they may have. Mandiant says that the current phishing campaign makes use of legitimate email addresses that have been previously compromised, and opens with what appears to be an administrative notice from an embassy. The phishing campaign is just one element of a rash of recent activity by advanced persistent threat group 29 (APT 29), probably better known to the general public as “Cozy Bear.” Believed to be backed by Russian intelligence, the group conducted a similar operation in 2021 that focused on compromising diplomats via legitimate-looking Constant Contact emails.
0 kommentar(er)
