Posted on May 30, 2017 at 12:05 PM
Russian hackers have managed to pull off something very hard with great ease this time. Apparently, they’ve managed to get access to the computer belonging to one of the officials in Pentagon. However, the attack didn’t arrive via email, nor did they use a file hidden in the sea of seemingly unimportant documents. In fact, it came from social networks.
A Twitter post that offered a summer vacation package has had a link attached to it. According to the tricked official, it was something that pretty much anyone might have clicked on. The officials from Pentagon believe that this is exactly what the problem is and that so much time was spent on training workers on how not to get fooled by suspicious emails, that no one bothered to notice the fact that hackers have moved on to new forms of attacks. These new attacks aren’t coming to your email with a suspicious attachment, but instead, they’re publicly displayed and waiting for you to click on it.
The officials at Pentagon now worry that hackers might be using the social media in order to get into the computer networks of the Defense Department. So far, the human error has caused people to get their systems infected by clicking the suspicious documents sent to them via email. However, they could have been trained to scan the email before opening it. On the other hand, on the social media, the risk of opening malicious document is much greater because people consider their friends to be safe sources.
If only one person gets compromised, the attack continues through the network of friends of that person, and soon, the entire departments could be targeted rather easily. The officials are aware of the problem, but training people to spot the attack on the social media isn’t as easy as it might sound. One of the anonymous sources has said that doing it is like trying to train people to consider every and all attempts to make contact dangerous. Even the ones from the family and close friends.
Many have become aware of the problem after the Democratic Party was hacked last year because several people opened dangerous emails. However, not many realized that messages on Facebook and Twitter could be just as dangerous to everyone.
This act, called ‘spear phishing’, isn’t exactly new. In fact, employees of State Department were spear phished back in November 2015. However, the scale of these attacks is greater than anything seen before, and over 10,000 Twitter accounts that belong to the employees of Defense Department were spear-phished by Russian hackers.
The Department has refused to comment, but Twitter has sent a copy of their anti-spam rules, and it says there that accounts that don’t obey the rules will be suspended. Facebook has even admitted awareness of the problem and has claimed that they’re monitoring the incidents. To combat these attempts, Facebook has recently started using special detection systems, notifications, and even users’ education.
Security companies have stated that spear phishing is among the most growing attacks.
The problem is hardly ever mentioned, but it’s still there. The infected accounts could even be used for gathering intelligence, and if they decided to watch what a group of soldiers is posting online, they could determine their movements, or even start a conversation in an attempt to figure out their missions.
The issue is that most people won’t rethink when it comes to what they’re posting, and they don’t think that someone can find that info useful and helpful. One research claims that almost 30% of spear phishing emails that were sent ended up being opened, according to the 2016 report. Another one says that the percentage is more around 66% than 30%.
It’s even estimated that, only in the Defence Department attack, over 7,000 people has clicked the link and therefore made the first step towards getting compromised.
It’s rather simple, really. The attacker could see which sports team gets mentioned often by the victim, and then produce a message in which they’re offering tickets on the sale. You can even see which groups the victim has joined, or which pages have they liked, all for the purpose of creating content that will get them to click on the link.
As a part of an experiment, a program was made that has sent 819 messages on Twitter in order to see how many of them would open the message and click on the link without explanation. Turns out that 275 people have fallen for it. Only this time, in the case of the Defence Department, these weren’t test-links, but instead the malicious ones. Computers got infected as soon as people clicked on the links, and the links came from the members of employees’ families so that they wouldn’t seem suspicious.
The employee that was a part of the newest breach has stated that he was targeted via his wife’ Twitter profile. She clicked on the vacation link, and the hackers went from her profile to her computer, and then to his computer via the home network.