Have any question?

Blog

MSPNetworks Blog

MSPNetworks has been serving the Farmingdale area since 2010, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Let’s help you improve your business by scheduling smarter.

Since the beginning of the COVID-19 situation in March, creating a vaccine has been a major priority. True to form, hackers have begun targeting the very organizations responsible for the vaccine trials. There’s a lesson to be learned, today we’ll discuss it.


Cozy Bear

According to the UK’s National Cyber Security Centre, a group with the moniker “APT29” (who is also known as “Cozy Bear” or as “the Dukes”) has started to relentlessly hack organizations tabbed with creating a vaccine for COVID-19. These claims have been corroborated by both US and Canadan authorities, and present a significant roadblock to the progress of COVID-19 vaccine production. 

In fact, the National Cyber Security Centre released a report that goes on to describe APT29’s use of several exploits in conjunction with spear phishing attacks to gain access to CSC’s network and infrastructure. Once network security is breached the organization gets busy deploying malware known as WellMess or WellMail.

CSC has been working with software vendors to patch vulnerabilities. Software that has been patched doesn’t provide the exploitable pathways that often lead to problems. 

Experts believe that this is not the first time APT29 has struck and that this threat should be taken very seriously. The organization is believed to be behind the 2016 hack that broke into the Democratic National Committee’s systems. The group has also been suspected of attacks against various healthcare, energy, government and other organizations.

Spear Phishing 

We relentlessly discuss phishing in our blog, because it is one of the biggest threats to maintaining network security. Most phishing attacks are messages sent randomly, but the spear phishing attack is one that is planned and executed deliberately to target one person. Hackers look for a weak link and try to take advantage of it. 

While your organization probably won’t be targeted by major hacking collectives, it is still important that you and your staff know how to identify a phishing attack and what to do if you suspect you are being attacked. Here are a few tips:

  • Always check the details. Legitimate emails are sent from legitimate email addresses. Take a look at the email address of suspect emails and you’ll likely see a potential ruse. 
  • Proofread the message. Most business correspondence is proofread before it is sent. If the spelling and grammar looks as suspect as the email is, it’s likely illegitimate.
  • Reach out. If there is any question, reach out to the organization/person sending the message. The more you know, the less likely you will fall for a scam. 

Identifying phishing attacks has to be a major point of emphasis for your company. Call MSPNetworks today at (516) 403-9001 for help with getting the resources you need to properly train your team. 

Tip of the Week: How to Implement Smarter Scheduli...
When Securing Your Smartphone, Some Options are Be...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Tuesday, 03 December 2024

Captcha Image

Customer Login

News & Updates

MSPNetworks is proud to announce the launch of our new website at www.mspnetworks.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact Us

Learn more about what MSPNetworks can do for your business.

MSPNetworks
1111 Broadhollow Rd Suite 202
Farmingdale, New York 11735