A large-scale Phishing attack campaign is ravaging the State of Washington's government offices.
A cybercrime group has the state of Washington in their sights. It's not just one agency or office either. They've hit
Attackers have successfully gained access to multiple state agencies, spreading malware and establishing a foothold from which they could deepen their attack.
Washington's Governor Jay Inslee stated at a press conference that their state's agencies are falling victim to a "large-scale, highly sophisticated" Phishing campaign. The attackers reportedly unleashed Trickbot malware.
While the state is handling multiple dilemmas -- an election, record unemployment, civil unrest, fires -- a broad scale compromise could be crippling.”
One hallmark of the Trickbot malware strain is its ability to harvest emails and login credentials. This means that the attackers can gain deeper access into the state agencies. But just as importantly, it means they could spoof government employees in additional attacks.
This creates the opportunity for "island hopping" by the cybercriminals. This quickly puts smaller organizations, public and private, at risk.
For instance, you get an email from your Supervisor of Elections regarding your polling location. Should be harmless, right? Especially if it appears to come from that representative's office - the right email address. This is the hard part about island hopping - the attackers can now impersonate the legitimate email sender and utilize their contacts to spread their attack.
The key indicator in these attacks usually come from a malicious domain in the email link, even if the email looks exactly like a real email from the government office.
This quickly becomes a very tricky attack to avoid.
The good news is that