The National Cyber Security Centre today red-flagged Russia-back hacker group APT29 for targeting organisations involved in coronavirus vaccine development with spear-phishing attacks and malware infections.
Commenting on the NCSC’s latest advisory, Tony Cole, CTO at Attivo Networks, said that it is unfortunate that an actor such as APT29 with such sophisticated capabilities is still able to simply scan targets for existing known vulnerabilities and then compromise with little effort or use phishing emails to obtain their initial set of credentials.
“Organisations must step up their efforts to counter adversaries targeting them. Patching is an imperative that must be met. Instrumentation focused on detection and lateral movement inside the network perimeter and across all endpoints is another imperative since prevention often fails regardless of defensive spending. You can’t prevent all attacks however you must detect them quickly when they do get through your defenses,” he added.
Read the complete article at Teiss.