Russia Indictments Reminder of Phishing Threats

In the aftermath of the 13 July announcement that the Mueller investigation indicted 12 Russian military officials, Americans have debated everything from the legitimacy of the investigation to the consequences of the election interference, but Sen. Rand Paul (Ky.) told CNN, “We should now spend our time protecting ourselves instead of having this sort of witch hunt on the president. I think we need to be done with this and start actually protecting our elections from foreign countries."

Experts in the cybersecurity industry agree, noting that the indictments serve as a reminder that US national and election security remain vulnerable to threats from phishing campaigns. As local, state and federal officials take another look at their election security infrastructure prior to the 2018 midterms, email security must sit atop the priority list, according to founder and CEO of IRONSCALES Eyal Benishti.

“Any forthcoming phishing mitigation strategy must prioritize humans and machines working together to not just identify threats, but to remediate them and share the attack intelligence with other government and elections organizations in real time," said Benishti. "The consequences of keeping the status quo intact with email security and phishing mitigation are too severe to ignore."

Despite President Trump’s tweet that the investigation is a “rigged witch hunt,” security commentators tend to agree with Sen. Paul. According to Jonathan Reiber, Illumio's head of cybersecurity strategy and former chief strategy officer for cyber policy in the Office of the Secretary of Defense, the new indictment does two main things. 

First, with its detailed breakdown of the GRU’s hacking tactics and capabilities, it shows how dangerous the Russians are and how important it is for everyone to stay vigilant, verify information sources and invest in cybersecurity capabilities to prevent breaches from occurring and spreading," said Reiber.

“In play-by-play granular detail, the indictment shows how Russia hacked key US political personnel and amplified that stolen data to the Nth degree through DCLeaks (a Russian front organization), social media and contact with specific persons. The tactical take-away is clear: breaches will happen and organizations need to invest in capabilities to stop intruders in their tracks,” he said.

Spear-phishing attacks remain pervasive and have the potential to wreak havoc on local, state and national elections. “This attack vector can be weaponized to impact international affairs, take down critical infrastructure or steal important intelligence,” said Cofense CTO and co-founder Aaron Higbee.

“Additionally, recent news demonstrates that threat actors are continually using clever phishing techniques to bypass next-generation perimeter technologies, as seen this month with the ZeroFont technique used to breeze by AI-based email security controls," continued Higbee. "Friday's announcement reinforces the need to empower humans in our phishing defense practices worldwide, as relying on technology, AI and machine learning alone isn’t enough to stop these attacks before the damage is done.”

What’s Hot on Infosecurity Magazine?