Hackers Fire Warning Shots at the Military Using Ransomware
It's been an unpleasant few months for US government organizations. In October, the Office of Personnel Management (OPM) admitted that during a data breach of its system, the personal details of about 21.5 million individuals had been stolen. About a month later, government workers started receiving phishing emails that carried the dreaded Locky ransomware.
The unsolicited messages were designed to look like they were coming from OPM and told victims that their bank accounts had been compromised. There was a RAR file which, the email said, contained details on the suspicious transactions. In reality, the archive hosted a JavaScript file which downloaded and executed what is now the most prevalent ransomware family out there.
The grammar of the emails was less than immaculate, and the social engineering wasn't that convincing. Even if there were something wrong with your bank account, the Office of Personnel Management would be the last institution to warn you about it. Common sense dictates that the campaign should have been a miserable failure. It wasn't.
In fact, the threat actors thought that it was so successful that they decided to aim their emails at a place where the stakes could be much higher. The OPM-themed messages were sent to individuals working for the US Army Cyber Command. What are the potential consequences of this exactly?
Locky isn't famed for stealing sensitive information, so documents carrying the "Top Secret" notice are most likely safe (provided they are backed up properly, of course). And it should also be noted that the targets are working for the military branch designed to protect what President-elect Donald Trump described as "The Cyber", which means that they should know better than to open random emails about compromised bank accounts. At least that's the theory. Nevertheless, the Army Cyber Command decided to take no chances and issued an internal warning to all of its employees about the spam.
The fact that there are attempts to attack the Army doesn't necessarily mean that sensitive state and military secrets are under threat. It does mean, however, that the bad actors are trying to target all sorts of high-profile organizations. And it doesn't get any more high-profile than the US Army.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.