Hackers from the APT28 group attacked email-boxes of hundreds of employees of the Czech ministries

Hackers from the APT28 group attacked email-boxes of hundreds of employees of the Czech ministries  3r371.
 3r371. 3r311. Image:
Unsplash
3r314.
 3r371.
 3r371. According to a Czech Information Security Service report, in 2016-201? members of the APT28 cyber-grouping (also known as Sofacy, Fancy Bear, etc.) are 3r3193. held a successful hack
information systems of the Ministry of Foreign Affairs of the Czech Republic. The victims of the attack were also employees of the Ministry of Defense.
3r3633.
 3r371.
 3r371.

What happened


 3r371. Hackers, who were previously associated with the Russian special services, managed to steal the contents of e-mails of about 150 employees of the Czech Foreign Ministry. According to the report of the Security Service, the attackers were mainly interested in the correspondence of the senior management of the ministry. In particular, the information contained in the letters was used to attack other state institutions.
 3r371.
 3r371. Vectors and attack targets are fully consistent with the vectors and targets of other attacks carried out by the APT2? 3r360 grouping.  3r371.
 3r371. In addition, attacks on Czech military installations were identified. In addition, members of the APT28 managed to crack the email of several employees of the Ministry of Defense and military personnel of the country's army. The attackers were able to steal personal data that could be used for further attacks, while the secret information was not compromised.
 3r371.
 3r371.

How to protect against such attacks


 3r371. According to Positive Technologies, from year to year the number and complexity of targeted attacks continue to grow. Despite the availability of protection, many companies are not immediately able to detect hacking: the average time of the attacker in the infrastructure - 197 days. One of the reasons is that existing solutions detect targeted attacks on the perimeter, but do not detect threats if the attackers have already penetrated the network.
 3r371.
 3r371. Detecting attacks at an early stage and minimizing damage can be achieved by monitoring malicious activity both at the perimeter and inside the network, revealing it in traffic on a variety of grounds. A regular retrospective analysis helps to find hacking facts that occurred unnoticed by security systems.
 3r371.
 3r371. 3r3355. On Thursday, 3r3356. December ? at 2:00 p.m. Dmitry Kim, manager for providing products at Positive Technologies, during a free webinar will talk about how we implemented this approach in a new solution for early detection and prevention of targeted attacks. The webinar will be useful for managers and IS specialists of large companies (public sector, finance, industry, telecom).
 3r371.
 3r371. To participate in the webinar you need 3r3623. register
.
3r371. 3r371. 3r371.
3r371.
+ 0 -

Add comment