Threat researchers detected threat group NOBELIUM conducting several waves of malicious spear phishing email campaigns. Each wave used different technical lures and social engineering to fine-tune which threat performed best against targeted government agencies, consultants, and non-profits in over 20 countries.
What’s at Risk
This most recent spear phishing campaign is attributed to NOBELIUM, the threat group believed responsible for the wide-scale SolarWinds Orion attack. Also known as Cozy Bear and APT29, NOBELIUM demonstrates their stealth and ability to adapt their cyber criminal techniques to evade detection. NOBELIUM phishing emails contain malware that could inflict damage by:
Mitigation Requires Vigilance
Modern threats require organizations to PREVENT, DETECT, and RESPOND to active threats and even PREDICT future attacks before they happen. Effective cybersecurity mitigation uses multiple layers of security controls that combine people, process, and technology.
Cyber attacks have become more sophisticated as technology has become more pervasive and complex. Cyber criminals often tailor their malicious attacks and techniques to specific business victims because the payout outweighs the time spent. Boost your organizational security by taking these recommended steps to reduce NOBELIUM’s impact:
As always, we can help you detect never-before-seen threats and block these new threat variants. Netsurion’s Managed Threat Protection offers extended detection and response (XDR) capabilities such as improved visibility and multiple security controls.
Longer-Term Implications
Constant vigilance is key against cyber criminals that capitalize on our reliance on technology. Attackers vary their malicious techniques, looking for every security gap that they can exploit. Avoid a reactive approach or “check-box mentality” as these threats escalate in volume and complexity; proactive protection can help enterprises overcome cybersecurity pitfalls.
This rise in cyber attack sophistication and scale has also served to raise concerns by world leaders. At the G7 Summit held in the United Kingdom, common initiatives were discussed to protect critical infrastructure, privacy, and financial systems like payments.
We also commit to work together to urgently address the escalating shared threat from criminal ransomware networks. We call on all states to urgently identify and disrupt ransomware criminal networks operating within their borders and hold those networks accountable for their actions.
-G7 member states as quoted in Cyber Defense Magazine
https://www.cyberdefensemagazine.com/g7-calls-on-russia/
Protecting our global infrastructure and supply chains requires an industry-wide effort across government, businesses, and supply chain partners like service providers.
Use a proactive approach to cybersecurity to stay ahead of well-funded and trained cyber criminals. These advanced threats are also increasing faster than the talent pool of security analysts and experts. With Netsurion and our 24/7 SOC, we are an extension of your team and provide coverage around the clock against these ever-present threats. Let us work with your stakeholders to share past outcomes and successes with similar organizations.
Related Resources
The following references and resources provide insight to avoid falling prey to exploitive cyber criminals.
Subscribe to Lumifi's Daily Cybersecurity News Curated by a CISO
We’ve expanded our MDR capabilities with enhanced incident response and security services to better protect against evolving cyber threats.