Sensitive Data Stolen From Government Facility Using Spear Phishing Attack

By Author: EC-COUNCIL
Total Articles: 68
Comment this article

The Oak Ridge National Laboratory was forced to disconnect internet access for workers on Friday after the federal facility was hacked, and administrators discovered data being siphoned from a server. Only a “few megabytes” of data were stolen before the lab discovered the breach and cut internet access to prevent further exfiltration from the sensitive government facility, according to Thomas Zacharia, deputy director of the lab.
According to Zacharia, the intrusion came in the form of a spear-phishing email sent to lab employees on April 7. The e-mail, purportedly sent from the human resources department, discussed employee benefits and included a link to a malicious web page, where malware exploited the IE vulnerability to download additional code to users’ machines.
Financial institutions and their customers remain as targets of phishing attacks over half the time, according to the report. Other specific attack targets included auctions, online payments gateways and government organizations. The top countries or origin for phishing URLs are Romania at 18.8%, the United States at 14.6%, China at 11.3%, South ...
... Korea at 9.8% and the United Kingdom at 7.2%.

Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. It is typically carried out by e-mail or instant messaging
Bulgaria's Unicredit Bulbank has alarmed its clients about a new malicious phishing attack. An electronic message is sent informing the banks' clients about a blocked session in the Bulbank Online System and asking them to follow the link in the letter in order to avoid the permanent suspension of the account and blocking of the account, such a message is not sent by the Bank and is designed to steal personal information. Unicredit Bulbank has asked its clients not to follow the link and not to enter their user name and password. If the clients have already done that, they are advised to enter the site of Bulbank and immediately to change their passwords.
Paypal, one of the most popular online payment services, has been the victim of a sophisticated phishing attack, according to the US Computer Emergency Readiness Team (US-CERT). The attack, which was also being used against Bank of America, Lloyds and TSB, is sent as part of an HTML attachment with unsolicited emails claiming to be legitimate. The key difference between this attack and similar phishing attempts is that it locally stores the phishing webpage, rather than redirecting the user to a specific URL, which can be caught by anti-phishing measures built into many popular web browsers. Storing the website locally allows the attack to completely bypass browsers' anti-phishing defenses.
US-CERT recommends that users be extra cautious online, particularly with personal information. It suggests that users should not open links and attachments in unsolicited emails, and should also attempt to verify that the email is legitimate by contacting the organization in question or logging in directly through official websites only.
In tracing the origin of phishing emails, IBM research shows India is tops at 15.5%, Russia at 10.4%, Brazil at 7.6%, U.S. at 7.5% and Ukraine at 6.3%. IBM notes that the same four phishing-originating countries still dominate, only their relative positions have shifted slightly in the annual ranking, with Ukraine being a "newcomer" to the "top 10" phishing list for 2010.
Smartphone owners are more likely to fall victim to email phishing scams than PC users, claims security vendor Trusteer. The firm recently obtained data from servers used to host phishing web sites about the number and type of devices used to access them. It revealed that, once an email is sent out alerting recipients to a fraudulent web site, smartphone users are often the first to visit.
While computer users practices online safety measures, organizations need to implement robust Internet security initiatives to protect their network and their customer’s information, including hiring highly trained information security experts in order to avoid security breaches. Information security professionals can increase their information security knowledge and skills by embarking on highly technical and advanced training programs. EC-Council has launched the Center of Advanced Security Training (CAST), to address the deficiency of highly technically skilled information security professionals.
CAST will provide advanced technical security training covering topics such as Advanced Penetration Testing, Digital Mobile Forensics training, Application Security, Advanced Network Defense, and Cryptography. These highly technical and advanced information security training will be offered at all EC-Council hosted conferences and events, and through specially selected EC-Council Authorized Training Centers.
About EC-Council
EC-Council is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (CEH) course, Computer Hacking Forensics Investigator (CHFI) program, License Penetration Tester (LPT) program and various other information security training programs offered in over 84 countries around the globe. EC-Council has trained over 90,000 individuals in technical security training and certified more than 40,000 security professionals. EC-Council has launched the Center of Advanced Security Training (CAST), to address the deficiency in the lack of highly technically skilled information security professionals.