A report from the European Union IT Emergency Response Team (CERT-EU) reports a high number of state-sponsored spear phishing attacks against European Union institutions in 2023.
The attacks appear to have been carried out primarily by hackers and groups associated with or supported by state actors. The report finds that spear phishing continues to be the most commonly used method by state-backed cybercriminal groups when attempting to penetrate target networks.
The spear phishing method underlying the attacks involves highly targeted and personalized email campaigns designed to deceive specific people within organizations. Within or around EU institutions, spear phishing was the most common method used by criminals to gain initial access, according to the report. Once the hackers gained access to the networks, they were able to exploit it for a variety of purposes, including espionage, hacktivism, data theft, and other cybercriminal activities.
The threat actors often posed as employees of EU institutions or the public administration of EU countries. They sent spear phishing emails with malicious attachments, links or fake PDF files. These initially contained internal or publicly accessible documents related to EU laws, which served the purpose of deception. The fact that EU institutions and the administrations of member states were primarily targeted indicates that the attackers have a great interest in information about EU political affairs.
Highly personalized state attacks
What makes the attacks described special is the personalized approach based on spear phishing. The attackers invested a lot of time in scouting out their targets and then developing customized social engineering attacks. The first step was to collect information about EU institutions, including the roles of specific employees, contact lists and commonly shared internal documents.
With the help of the information collected and the use of social engineering, the criminals were then able to create believable messages and deceive their targets. Leveraging information from previous attacks and identifying unsecured IT resources also helped attackers increase the chances of success in their attacks and, in many cases, ultimately achieve their goals.
More at KnowBe4.com
About KnowBe4 KnowBe4, provider of the world's largest platform for security awareness training and simulated phishing, is used by more than 60.000 companies around the world. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness of ransomware, CEO fraud and other social engineering tactics through a new approach to security education. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped develop the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as the last line of defense.
Matching articles on the topic