The wars of the future won’t be fought with bombs and planes they’ll be fought with 1s and 0s. And while the U.S. is worried about North Korea getting nuclear weapons, it should be more worried about their cyberattacks.
The latest salvo from North Korea is a spear-phishing attack targeting U.S. firms “with an interest in nuclear deterrence, North Korea’s nuclear submarine program and North Korean economic sanctions.” Apparently this is an ongoing malware campaign aimed at U.S. companies.
“The campaign, which researchers from Prevailion call ‘Autumn Aperture‘ sends victims trojanized documents via spear-phishing emails. The campaign is highly sophisticated, using legitimate documents that the targets were likely expecting, which have been booby-trapped.”
If North Korea does gain nuclear secrets, you can be sure it’s due, at least in part, to its ability to steal secrets using spear phishing attacks. And according to the report, the latest spear phishing emails are pretty advanced. For example, “One newly added feature would enumerate the host machine and experiment with password-protecting certain documents. Autumn Aperture also added a new feature called Windows Management Instrumentation (WMI) — the infrastructure for management data and operations on Windows-based operating systems – to determine if it was safe to obtain the next payload on the host machine. It did this by obtaining a list of running processes and services from WMI, then comparing that output to a list of known antivirus products.”
Deploying cloud-based email security with real-time link click protection is important for all companies, but it’s especially important for companies with nuclear secrets. The only way to combat these advanced phishing tactics is with technology that’s prepared to sniff it out.
Whether you work for an organization with nuclear secrets or not, you should strongly consider protecting your employees with technology like that with Advanced Threat Defense. It protects employees from malicious emails 24/7 on any device.