Google Cautions Military And Government Personnel Of Spear Phishing Attack

By Author: eccuni
Total Articles: 211
Comment this article

Recently, Google unearthed a major spear phishing campaign. Cybercriminals reportedly collected passwords of hundreds of Gmail users. The affected accounts include those of Chinese political activists, senior government officials of United States (U.S), and Asian countries, South Korea in particular, military officials and journalists. According to Google, the purpose of the spear phishing attack seems to be monitoring the contents of the targeted users. The offenders allegedly used the extracted passwords to gain unauthorized access to the Gmail accounts, and altered the forwarding and delegation settings. While the e-mail service provider has said that the latest attack supposedly originated from Jinan, China, the company has not provided any evidence to collaborate the same. Information security professionals of the company were successful in disrupting the account hijacking campaign and have initiated steps to secure the accounts of the affected individuals. The company has also notified the affected users.

In case of a spear phishing attack, cybercriminals send specially crafted e-mails to target individuals ...
... or employees affiliated to an organization, with the intention of gaining access to privileged information. Spear phishing e-mails are often hard to detect as they appear to come from a legitimate source such as peers, subordinates, system administrators, supervisors or stakeholders.

Government, military, defense and intelligence personnel often face spear phishing attacks. Last year, several U.S government employees and contracted professionals were targets of a more sophisticated spear phishing attack. They apparently received a Christmas greeting card, which appeared to come from White House. On clicking the greeting link, the targeted individuals received a prompt to open a .zip file. Individuals, who opened the file, inadvertently downloaded a Zeus Trojan in their computer systems without their knowledge. Ironically, the cleverly crafted e-mail was even successful in tricking some cyber security professionals. Security professionals may benefit from distance learning and online university degree programs to update their skills sets to deal with evolving sophisticated threats.

Employees must be wary of responding to e-mails urging urgent action and seeking personal, official and financial information. In case of suspicion, they must verify the authenticity of the e-mail with the concerned institutions or authority. Individuals must forward spoofed e-mails to relevant legal authorities and report abuse. This will enable concerned authorities to initiate remedial action. Fake Unique Resource Locators (URLs) look strikingly similar to legitimate web addresses of a company, but may have proxy names and numbers as prefix or suffix or have incorrect spelling of the company. Individuals must enter log in credentials on a secure e-mail account page, which begins with https. Google has urged users to make use of the two-factor verification process to avoid unauthorized access to e-mail accounts. The e-mail service provider has also asked Internet users to regularly check forwarding and delegating accounts settings. The company has also urged users to take cognizance of the red warning related to suspicious activity, displayed above the inbox. E-learning, online degree and training programs on cyber security may help employees in understanding security threats and improve their abilities to detect social engineering attacks.

Computer systems of government, military and defense personnel may contain information pertaining to offenders, strategies, and other sensitive data concerning national security. Exposure of such information may have adverse implications. Professionals qualified in IT degree or computer science degree degree programs may help organizations in implementing best practices in IT security and securing IT infrastructure.