Spearphishing and Other Russian Hacking Tactics.


This month, US Deputy Attorney General Rod Rosenstein announced the indictment of twelve Russian nationals in the hacking of the Democratic National Committee (DNC) during the 2016 presidential election. Those indicted where charged with hacking into DNC computers, documents, and releasing said documents with the intent to sway the election in favor of the Republican party (read: Trump). 

The alleged events were not perpetrated by some black hat group in a dark basement, but from within two units of Russia’s Main Intelligence Directorate, known as the GRU, the foreign military intelligence agency of the General Staff of the Armed Forces of the Russian Federation. In a coordinated effort, one cyber operations unit worked to steal information, while the other unit was responsible for disseminating the information. 

The charged used two distinctive techniques to accomplish their malevolent cyber operations. The first, was spearfishing, an expression you likely know, and a common hacking tactic which involves sending misleading email communications to trick recipients into disclosing their passwords along with other bits of sensitive data.

The second tactic involved indicted parties hacking into computer networks to install malicious software, malware that allowed them to spy on users, capture keystrokes, take screenshots, and remove data from targeted computers. They accessed email accounts of both volunteers and employees involved in the US presidential campaign, which went all the way up to the top, to the Campaign Chairman. They also allegedly accessed the computer networks of a Congressional Campaign Committee and a National Political Committee. 

The conspirators created fictitious online personas, and used the personas to release sensitive information, including thousands of stolen emails and documents. Uncovered in the investigation, was the fact that there was a clear discussion between the parties to release this sensitive and damaging information on a timeline that would effectively disrupt the election. In an effort to conceal their connection to Russia, the charged used a network of computers around the world, a network that was financed through hard-to-trace cryptocurrencies. The conspirators also reportedly corresponded with several Americans during the election under the guise of their personas. But there’s more.

Russian GRU officers used cyber operations to hack the website of the State Election Board and stole the information of approximately half a million voters. They also hacked computers of an organization that provides software used to verify voter registration information, in addition to targeting state local officials responsible for administering elections. 

Why Your SMB Also Needs to Be On High Alert

Without this interference, there most certainly could have been someone else sitting in the Oval Office at this very moment. But regardless of your opinion on the current state of affairs in the White House, the implications are clear - the unfortunately not uncommon Russian hacking tactics used to change the course of history could absolutely be used to take down your own company.

Think that as an SMB you’re isolated from such a thing? You don’t have to be a person or business of interest on CNN to be a target. In fact, 60 percent of small businesses get hacked every year.

Hackers Are Targeting SMBs That Don't Take Cybersecurity Seriously

Cybercriminals are banking (literally) on the assumption that you as a small or medium business  are dismissing the “red alert” as something political organizations and enterprise level businesses need to be concerned about. In doing so, you take your guard down and allow the enemy at the gate to pass through and have their way with your data. This condition is downright epidemic, as recent data shows that 87 percent of small-business owners don't feel that they're at risk of a cybersecurity attack, rendering 1 in 3 small businesses without cybersecurity tools in place. And the two that do, more often than not do not have enough protection.

The Cost of Not Investing in Cybersecurity is Much Greater

Tech Republic reports that a single data hack typically costs a small business anywhere between $82,200 to $256,000. Can you afford to lose that today? And what about the fallout and public (customer/client) outcry that will follow when your, and thus their, data is breached? You must also factor in potential fines that may come from violating data privacy compliance of both PIPEDA (Canada) and GDPR (EU), something that may very well be investigated should your organization be hacked. The investment in cybersecurity pales in comparison to what’s at stake.

Smart SMBs Are Adopting Advanced Endpoint Threat Protection

There are certainly internal steps you can take to protect yourself from spearfishing and other common hacking tactics. Adoption of MS Office 365 as your software as a service, is one, and as a Microsoft Gold Partner and Certified CSP Fully Managed can make sure that your transition to this superior level of data security and compliance is seamless. In addition, we encourage you to share this document on Best Practices for Personal Password Protection with everyone in your company. But most important, is the adoption of the most advanced form of endpoint threat protection around. 

This involves the use of artificIal intelligence (AI) and machine learning as an endpoint security solution to detect zero-day threats (a threat that exploits an unknown computer security vulnerability), advanced malware, targeted attacks, and secure endpoint patient zero. All of this can be accomplished with CylancePROTECT, an enterprise level endpoint threat protection solution that will protect your SMB from ransomware, malware, malicious documents, advanced threats, and spearfishing alike. Learn more about what this awesome tool can do for you

As a Cylance partner, Fully Managed will expertly apply this cybersecurity solution to your business’ systems so that your data stays out of harms way, whether you are the target of Russian nationals, or a hacker hiding out in some dark basement near you.

Contact Fully Managed today to get started.