nation-state federal hack phishing described by a man in a hoodie sillohuettes adgains a world map with "hacked" stamped on it

by ID Agent

Don’t Overlook the Connection Between the Federal Hack & Phishing


While the main focus in this week’s sprawling nation-state hacking contretemps has been on who’s been hacked, and when, and what was breached, and why no one caught it, there has been one but small but crucial security matter that has gotten lost in the tsunami of trouble: these hackers used authentic credentials to move around inside of systems to do their dirty work. One of ways that they obtained those authentic credentials to use in the massive federal hack: phishing.




Modern Social Engineering Meets Old-Fashioned Simplicity


Everyone knows that phishing is the number one threat to every cybersecurity plan. An astonishing 90% of incidents that end in a data breach start with a phishing email. Cybercriminals of all stripes from small Dark Web gangs to huge nation-state hacking operations rely on phishing as a major component of any hacking operation because it’s cheap, effective, and garners them big rewards.

That’s why even though the suspected Russian actors involved in this hacking operation were using extremely sophisticated tools and techniques that many experts have never seen before, they didn’t overlook old-fashioned credential theft. They knew that the safest way for them to move around undetected inside their target’s systems and continue making incursions in new directions was to do it using authentic credentials. So they went for a sure thing to do that in this federal hack: phishing.

This has been a tremendous year for phishing with a more than 600% increase in activity due to massive shifts in the way that people are working and living plus the thirst for information and the fear spawned by the global pandemic. But cybercriminals know that no matter how much cybersecurity experts emphasize the value of security awareness and phishing resistance training, 62% of businesses still don’t do enough of it.

In a challenging economy, every company is looking for ways to trim spending, so they’re increasingly choosing to neglect things like training. Security awareness training isn’t sexy. It’s not a quick, shiny fix for a troublesome issue. No one is looking forward to it. Security awareness and phishing resistance training is something that is perpetually viewed as a boring, waste-of-time item that can be cut from the budget to save money – and that’s a huge mistake. Security awareness by sharp-eyed staffers is what exposed this breach now.


2020 election cybersecurity fears represented by a man in a hoodie is shown with a login screen superimposed to represent passwords for sale on the Dark Web

You probably thought you were being smart when you made your password – but cybercriminals are smart too. Read “Is This Your Password?” to see how yours stacks up. GET THE BOOK>>



Whaling and Spear Phishing Do Massive Damage


Phishing of any sort is dangerous, but the two forms of phishing that were used by the nation-state hackers in this incident are absolutely lethal weapons: spear phishing and whaling. Both methods of attack could quickly net them what they needed to extend their operations without leaving a trace by gaining access to authentic or highly privileged credentials.

Everything about this hacking operation was carefully planned, skillfully executed, and meticulously supported, and the phishing elements were no exception. The nation-state hackers concentrated their phishing attempts into spear phishing and whaling because they had the resources to conduct those operations successfully using information gained in other hacks or from intelligence or Dark Web sources.

They then used those resources to trick employees of the initially affected companies into providing them with authentic credentials through social engineering, by using excellent impersonation techniques to convince their targets that the hackers were legitimate employees or executives that needed to add devices, reset passwords or perform other routine tasks. That then enabled the hackers to get their hands on increasingly more privileged credentials by carefully exploiting those opportunities when someone took the bait.




Old Problems Need New Solutions


It’s imperative that companies stop overlooking the immense damage that phishing can do to their organization, especially when defending against nation-state hackers. The most commonly used tool of nation-state hackers is ransomware, and the most common delivery system for ransomware is phishing. A robust defense against phishing is vital to secure systems and data in today’s threat landscape.

Fortunately, we’ve got the ideal solution to do the job: BullPhish ID

  • Plug-and-play phishing simulation kits empower you to start training fast 
  • More than 50 engaging, animated videos provide easy-to-understand threat information 
  • Simple remote management makes it easy to run campaigns and adjust training groups 
  • Online testing measures retention to show who needs more help 
  • New training materials are added monthly to cover the latest threats like COVID-19 
  • More than 100 phishing simulation kits are available now
  • Training content is available in 8 languages 
  • SEE A VIDEO OF BULLPHISH ID AT WORK>>> 

 a man in a hoodie silhouetted against a world map with "hacked" stamped on it representing records on the dark web.

COVID-19 has changed everything – including the Dark Web. See how it has evolved and how that impacts security in our eBook. DOWNLOAD IT>>



Don’t Wait Until Nation-State Hackers Knock on Your Door


Nation-state hackers aren’t just a problem for the defense industry or government agencies anymore – they’re also hitting their suppliers and partners, as well as dipping heavily into the private sector. All kinds of businesses in myriad industries are at risk. Throughout the COVID-19 journey to a vaccine, they’ve been striking at hospitals, drugmakers, and now cold storage transportation firms.

These bad actors haven’t just developed new technology that allows them to penetrate defenses more quickly – they’ve also reached into their toolbox to pull out some of the most reliable threats in classic cybercrime, and it’s working. They’ve benefitted greatly from using phishing and ransomware to their maximum capacity instead of just tools that enable them to steal some data. Cybercriminals today are also using those tools to disrupt business operations, slow manufacturing, damage infrastructure, and cause all manner of havoc that they can use to make a profit.

Contact the experts at ID Agent to see how our solutions can help you secure your clients, systems, and data against today’s biggest threats like phishing and nation-state hackers.


Combat insider threats and more in our security awareness champion's guide represented by an image of the book cover and some potions, scrolls and treasure to elicit the book's fantasy game style as you study holiday phishing scams and cyberpunk 2077 malware

If Cybersecurity is Like a Game, Shouldn’t You Play to Win? Here’s How to Do It.

DOWNLOAD THE SECURITY AWARENESS CHAMPION’S GUIDE>>


social media phishing scammers

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!

LEARN MORE>>


See our innovative, cost-effective digital risk protection solutions in action.

WATCH DEMO VIDEOS>>


Contact us for an expert analysis of your company security needs and a report on your Dark Web exposure!

SCHEDULE IT>>https://www.idagent.com/learn-more



Share This Post!