Government Agencies and Think Tanks attacked, APT29 suspected

In a recent case of cyber attack, the Russian Government has been accused yet again. Primarily because the attacks coincide with the 2018 Mid-Term Elections held on the 6th of November, 2018.

Links have been traced to APT 29, in fact, Kaspersky has reportedly confirmed the involvement of the notorious APT 29. In the past, APT 29 has been linked to the 2016 Presidential Campaigns by the US Intelligence.

In this incident, the miscreants impersonated Heather Nauert, a US State official, and sent emails with malicious attachments to others. The sole intent was to infect and thereby control the recipient system.

Who are APT 29?

According to a statement from the Dutch Intelligence, APT 29 has reportedly been linked to the Russian Foreign Intelligence Service. This group was earlier in limelight for having disrupted the 2016 Presidential Campaigns in the US.

Modus Operandi

These cybercriminals have reportedly sent e-mails impersonating Nauert and asking the recipient to download an attachment. Once the recipient downloads the abovementioned attachment, then the malicious software gets installed into the system and gives access to the cybercriminals.

The APT 29 picked Nauert, a reliable official who is being considered for the prestigious post of Ambassador for the UN.

According to Nick Carr, a FireEye Researcher, this group first gained access to another secure infrastructure. Next, they used it to bridge communication with the State Agency’s Staff and then sent out their phishing emails.

In a recent statement, FireEye, a leading cybersecurity service provider that caters to the needs of several State Agencies and prominent businesses, made certain that the revelations were shocking.

According to this cybersecurity firm, the current targets of the APT 29 group include some of its clients such as Military, Law Enforcement, Defence Contractors and Think Tanks. FireEye did not disclose any names, but it pointed out that over 20 Agencies, Companies, and Think Tanks are at the risk of being compromised.

 

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients