Hackers are attacking high ranking executives of a German multinational corporation part of a government-private sector task force focused on personal protective equipment (PPE) procurement.
The attackers behind this pandemic-related spear-phishing campaign have already attempted to steal the user credentials of over 100 senior executives as security researchers at IBM X-Force Incident Response and Intelligence Services (IRIS) said in a report published today.
This task force’s members have been commissioned by the German government to leverage their expertise and contacts in foreign markets to secure PPE like medical gear and face masks, “particularly from China-based supply and purchasing chains,” IBM found.
“In the past 15 years phishing has proven to be the Achilles heel in any organisation, as the task of educating personnel against social engineering is extremely hard, especially considering that social engineering and related attacks and techniques are constantly evolving. But also due to the nature of social engineering which targets the person rather than the machine, and therefore it is more likely to eventually fall a victim.”
Trevor Morgan, product manager at comforte AG:
“Given these really stressful times, attackers take advantage of fear and distraction to strike swiftly at data which interests them. However, it’s a great reminder that at no point should a business take for granted their security posture. So how to improve that defensive posture in a situation like this?
Strong security is not only based on access prevention and intrusion detection—meaning a strong perimeter—but also on data-centric methods of protection, too. Encryption is great until it’s not, as many forms can be easily cracked. In this reported instance, a data-centric method such as tokenization, which replaces clear and sensitive data with representational tokens without meaning, would render any data that attackers managed to get a hold of (through stolen credentials or brute-force intrusion) without inherent meaning and thus worthless.
The name of the game is applying an holistic approach to security that accounts for both the perimeter and the data itself, and of course protecting supply chains is definitely worth the extra thought and effort. Every business should take heed and reconsider the next step after credentials are stolen and data is access by unauthorised threat actors. Data-centric security like tokenization makes a whole lot of sense to protect sensitive data itself.”
Source: Bleeping Computer