Weekly Email Security News Recap #1 [May 2022]
Our personal information, identity, and banking details can be stolen and abused just because we think we are pretty cybersmart.
But the reality is that we unknowingly have our cyber safety threatened all the time.
From individuals to global corporations, the risk of being hacked is ever-present. There are no safe spaces in the digital world without adequate cybersecurity.
Still, cyberattacks and email security breaches only grow.
Stay abreast of the most important email and cybersecurity with our recap for the first week of May.
Operation CuckooBees, an apparent spying effort by Chinese state-sponsored hackers, was recently discovered by the cybersecurity firm Cybereason. The campaign is supposedly linked to the prolific Winnti Group, or APT 41.
Cybereason informed the FBI and the U.S. Justice Department of the discovery.
The hackers made away with data from dozens of large energy, defense, pharmaceutical, and aerospace companies located in Europe, Asia, and North America. The targeted enterprises were none the wiser during the data breaches and cyberattacks.
Although the attacks were global, the US was the top target for the stolen data.
Throughout a 12-month investigation, Cybereason found the intruders took a store of sensitive proprietary data and intellectual property like;
- Source code
- R&D documents
- Fighter jet diagrams
- Helicopter diagrams
- Missile diagrams
The attackers didn’t stop there. They also acquired details about various companies’ network architecture, user accounts, user credentials, business units, customer data, employee emails, etc. All this data can be used for future cyberattacks.
A cybercriminal pleaded guilty to six counts related to the theft of over $23 million on 28 April 2022. His sentence has yet to be determined but the conspiracy and bank fraud convictions alone each carry a maximum of 30 years behind bars.
Sercan Oyuntur of California targeted a U.S. Department of Defense contractor. Oyuntur’s fellow criminal schemers were in Turkey, Germany, and New Jersey.
They targeted the individual responsible for communicating with the DoD through a government computer system. The cybercriminals attempted to steal money meant for a company supplying jet fuel to U.S. troops in Southeast Asia.
The conspirators made fake email accounts and designed fraudulent web pages similar to the General Services Administration (GSA) website. From June to September 2018, the cybercriminals sent phishing emails to various DoD vendors, tricking agents into visiting the phishing websites and divulging confidential credentials.
Security-aware and skilled employees are an organization’s first line of protection against data vulnerability exploitation.
Technically, any organization (even the U.S. government) is continuously at risk of cyberattacks and email security attacks.
Protect your business and data with the best email and cybersecurity tools to protect your data.
This is all the email and cybersecurity news we have his week. Stay cyber-safe and see you in our next recap!