CYBER SECURITY – LURE THEMES
Lure themes are liked as much by the hackers as the hacked themselves. Though the theme remains the same at both the ends, for one it is a weapon and for the other a decoy for which he falls unknowingly, sometimes being unaware even after the hack. This is another dimension of the current Russia-Ukraine War. We have seen the same story playing out across the world during the thick of Covid-19 pandemic, when the hackers and financial tricksters had a field day. Human psychology does not change and we are ready again to get hacked by the Ukraine War Themed Files. The files with these types of names have become the lure of choice for a wide range of hackers.
While the critical infrastructure entities continue to be heavily targeted, a large number of threat actors are using Russo-Ukrainian as a lure for various phishing and malware campaigns. Billy Leonard of Google TAG said; “Government-backed actors from China, Iran, North Korea and Russia, as well as various unattributed groups, have used various Ukraine war-related themes in an effort of get targets to open malicious mails and click malicious links.” He went on to say that financially motivated and criminal actors are also using the current events to make their hacking and amassing booty task easier. Check Point Research has named three APT groups, named EL Machete, Lyveum and SideWinder found running phishing campaigns in five countries.
A study of the victims identified spans over government, financial and energy sectors. This is the expanse and also the ignorance of the people who handle cyber security issues, globally. How much the effectiveness of Cyber Security training made headway in real terms is out in the open, there is nothing much left to our imagination. The Cyber Security firm sees a rise in overall cyber-attacks on both Ukraine and Russia, +39% and +22 respectively. The decoy comprises official looking documents, news articles, job postings or anything of interest connected to the war. The malware thus deployed is capable of keylogging, screenshotting and executing commands. One of the motivation behind the recent espionage campaigns is to steal sensitive information from governments, banks, and energy companies.
Cyber war would be an adjunct to every war that would be fought in the future. Nobody has any idea as to when the Cyber War may turn out to be the main war and the physical war becomes an adjunct to it. Nobody knows where technology would take us. The running hack campaigns are highly targeted and sophisticated mainly focusing on victims in the government, financial and energy sectors. Three different APT groups as named earlier, originating in different parts of the world, have been caught orchestrating these spear phishing campaigns. The cyber collateral of a physical is a given. The countries need to be prepared accordingly. Cyber security non-preparedness has the capability to bring a physical war to a naught. Physical and cyber should henceforth be a part of the same war machine. The threat surface for both the sides have considerably increased.
PHYSICAL AND CYBER WAR HAS TO BE TREATED AS A PART OF THE SAME CONTINUUM AND THE GOAL.