#CyberHeadlines: Phishing NATO

#CyberHeadlines: Phishing NATO

Hackers Phished NATO with new Matryoshka Doll Reconnaissance Framework

A new, layered approach of hacking has been employed upon NATO members. A report by Steve Ranger of ZDNet and Tech Republic put out a report, outlining their tactics today (January 31, 2017). Researchers who were targeted in these attacks claim that it comes in the form of a Word doc Trojan, but not in the typical line of attack. The campaign was launched over the Winter holiday season (Christmas and New Year). The interesting, tactical aspect of these attacks were the attacker’s ability to avoid analysis by obfuscating payloads. The document assesses what it’s dealing with then requests a payload and Adobe Flash exploit, which is loaded covertly. The booby-trap lies in attackers swapping out final payloads for junk data, once the campaign was discovered. The targeted researchers have labeled this technique the “matryoshka doll reconnaissance framework” after the Russian dolls that live inside one another in layers. The motives and identities of the hackers is still unknown, but the messaging was titled with “NATO Secretary meeting” which points to attackers leveraging geo politics as their phishing tactic.

CyberTraining 365 is an online academy that offers nearly 1,000 hours of relevant and cutting edge cyber security training. Our training provides the most in demand industry certification prep courses including EC-Council, CompTIA, (ISC)2 and Cisco; all taught by leading cyber security experts. All of our offerings are aligned with the national initiative for cyber security education (NICE) and ensure the most up-to-date information for this constantly shifting field. With engaging content in a scenario-based format, CyberTraining 365 uses bite-sized micro-learning methodology ensures learners are not overwhelmed with information. On Demand LMS platform has white-label capabilities ideal for internal training purposes.

Leave a Reply

Your email address will not be published. Required fields are marked *