Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Security Lessons to Learn From Tactics of Indicted Russian Hackers

    By
    WAYNE RASH
    -
    July 19, 2018
    Share
    Facebook
    Twitter
    Linkedin
      Russian Infrastructure Attack Campaign

      The indictment filed by Special Counsel Robert Mueller on Friday the 13th reads in places like a crime novel. The story explains step-by-step how a group of Russian operatives who are part of the Internet Research Agency targeted the Democratic Party and the Hillary Clinton campaign, hacked into their computers and then stole vast quantities of data. 

      The breach happened in March of 2016, although the process started three years before that and would soon become the centerpiece of election news as breached emails started appearing on Wikileaks and other websites forming the basis for a series of stories embarrassing to the campaign. 

      But as you read through the indictment, there’s more there than just a theft of emails. There’s also the story of how the data was exfiltrated and transferred out of the U.S. as well as how the Russian operatives tried to cover their tracks. This investigation then led to a second indictment related to the same Russians and their attempts to manipulate social media and to create fake news to influence the 2016 U.S. presidential election.

      As you read through the indictments, you’ll see the same sort of hacking and social engineering activities you’ve heard about many times before including phishing emails, the deciphering of insecure passwords, the misdirection tactics. It’s all there, and it all provides an opportunity for you to protect your organization if you’re willing to learn from the Russian example and use it to deal with the bad guys that attack your organization. 

      If it seems like the tactics are very similar in each indictment, that’s due to the fact that the same people are involved. 

      “Essentially state-sponsored actors are using the same tradecraft as the criminal bad guys,” explained Stu Sjouwerman, CEO of KnowBe4, a security training company. “In Russia they are the same bad guys. The have a choice to go to prison or work for the GRU,” he said. The GRU is Russia’s main military intelligence agency. 

      Sjouwerman said that the Russian bad guys, like other cybercriminals, make it a point to go after the people in an organization. In the case of the hack of the Clinton campaign, the Russians sent a phishing email to campaign chairman John Podesta disguised to look like an official email from Google, asking him to change is Gmail password, and offering a place to click. Podesta clicked. 

      That was all it took to download tens of thousands of email messages. The rest is history. 

      By now you’re telling yourself that you don’t have to worry because you’re not a senior government official and you don’t have a high profile position that would make you an inviting target. But that doesn’t matter. 

      Cyber-criminals will use the same tactics to steal your company’s money or its intellectual property as they used in their attempts to influence the U.S. election. Those bad guys may be after your contacts at some other company which is their real target and you may just be a stepping stone. But whether they’re after your property or your business partners, the result can be serious. 

      So what can you do? Whether your attackers are state sponsored hackers or simply criminals, you can protect against those same tactics. The first one of those is to defend your company and your staff against phishing. “Instead of going after John Podesta, they go after senior managers in accounting,” Sjouwerman explained. 

      The criminals find this information from your website, from LinkedIn and from media reports. They spend the time to research the senior people in your organization so they can successfully impersonate them. Then they either spoof an internal email, or the email of someone the targeted executive trusts. After that, it’s an assault on passwords, on contact information, on payroll information and on your computer infrastructure itself. 

      The bad guys will try to steal your money and your other property through social engineering. But they’ll also install malware bearing surveillance applications, viruses, keyloggers and other cyber-weapons. They will try to get their hands on executive pay stubs and they’ll try to get customer and vendor lists. 

      Here are some steps to take that have been presented before—more than once—but which bear repeating: 

      • Educate your employees about phishing emails, how to spot them, and what to do if they find one. You can help them by providing practice through a test provided for free by KnowBe4. 
      • Insist that your employees use strong, unique passwords for your email system. KnowBe4 also has a free test for breached passwords that uses over a billion compromised credentials harvested from the dark web. 
      • Try to avoid using public webmail services for critical communications, but if you must use them, insist that your employees use multi-factor authentication. But Sjouwerman said that you can’t just use authentication where the site sends a number to a cell phone because those are too easy to spoof. Instead, he said that you should use an app such as Microsoft Authenticator or Google Authenticator where the app generates the code on the phone. 
      • Train your staff to expect attempts to subvert your procedures through actions such as phony requests to transfer money and set up procedures so that they don’t fall for fraud in which someone spoofs a senior executive and asks for information such as an executive’s pay stub, which is an increasingly prevalent type of phishing attack. 

      Another thing to remember is that you can’t assume that the bad guys will always try to exfiltrate data to a foreign location. The Russians, for example, used a server in Arizona as an intermediate step out of the U.S. 

      The attacks are getting more sophisticated and there are limits to how much you can do technically to prevent these attacks, but training and awareness can go a long way in reducing the success of the social engineering that hackers of all sorts depend on.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×