Cybersecurity News: February 2023

Cyberattacks continued to harm organizations in February of 2023. From Google Ads spreading malware to a cyber incident affecting an FBI branch, these threats continue to highlight the need for strong cybersecurity strategies.

Prepare your defenses against cyber threats by reviewing our Cybersecurity Checklist: How Covered is Your Business?

Hackers Use Google Ads to Spread Trojan Malware

Users looking to download popular software programs such as Google Chrome, Firefox, Skype, and others unsuspectingly compromised their devices with trojan malware. They reached the infected websites through Google Ads.

Hackers purchased Google ad space and created websites with fake URLs similar to the legitimate ones to fool visitors. To reduce suspicions, the cybercriminals enabled the users to download the software they needed while also deploying the trojan.

The malware used in this instance was FatalRAT, a trojan that gives cybercriminals remote control over the infected device as well as ability to access files and record computer activity.

How can businesses avoid this type of malware? Employees should receive cybersecurity training to be able to recognize and avoid malicious links.

Related Blog: 5 Tips on How to Prevent Cybercrime for SMBs

FBI Deals with Cyberattack

The Federal Bureau of Investigation (FBI) discovered malicious cyber activity in its computer network. The cyberattack targeted systems in the FBI New York Field Office.

The bureau is still investigating the possible source of the attack and working to gain more information. The FBI said they have been able to isolate the incident, in a report to CNN.

This is not the first time the FBI has dealt with cybercrime. In 2021, hackers took control of its emails servers and used them to distribute spam emails to tens of thousands of addresses.

Since the malicious actors used a real FBI email address, recipients of these emails would have believed the emails were legitimate. The messages warned them that a threat actor had exfiltrated data from their devices.

To minimize such attacks, we recommend businesses take advantage of cybersecurity tools such as network security monitoring which regularly inspects your systems to detect any cyberattacks or breaches that might have slipped through the cracks.

Investigation Reveals Hackers Meddled in Elections

An international coalition of journalists uncovered a misinformation team led by former Israeli special forces operative, Tal Hanan.

The unit, which used the nickname “Team Jorge,” was made up of private contractors who used hacking and automated bots on social media to spread misinformation around political campaigns in the US, Europe, Latin America, and Africa.

In a secret recording filmed by the journalists, Hanan offers private services to gather intelligence by hacking users’ emails or social media accounts. Team Jorge also marketed its own social media misinformation platform known as Aims (Advanced Impact Media Solutions).

The misinformation team’s efforts had successfully influenced opinions on social media during various elections. In fact, Hanan claimed to have intervened in 33 presidential-level campaigns. He self-reported to have successfully influenced 27 of those.

To protect your own email and social media accounts, consider using MFA (multi-factor authentication). MFA requires a user to confirm their identity through the use of an authenticator app, a biometric, or a code sent to a device.

Even if basic account credentials like your username and password are compromised, MFA adds an additional layer of security so you can control who has access to your accounts and network.

Companies Continue to Invest in Cybersecurity Amid Rising Attacks

In 2022, companies spent up to 20% of their IT budgets on cybersecurity initiatives. However, cyberattacks and breaches are becoming more frequent and difficult to deal with.

One of the factors affecting organizations’ cybersecurity is the lack of trained professionals. This sector is facing a significant talent shortage that leaves companies without the resources to monitor their networks and train their workforce. In fact, more than 700 thousand cybersecurity positions still need to be filled in the US.

Cybercriminals are also becoming more adept at breaching networks. Data suggests that cyberattacks increased by 38% in 2022. With a gap in cybersecurity talent despite additional spending and increasing threats, it is no wonder that businesses are less prepared to deter attacks and to deal with successful ones.

For business leaders who wish to increase the security of their network, we recommend outsourcing cybersecurity. Services such as network security monitoring or a backup and disaster recovery plan can help minimize the damage of cyber threats.

Related Blog: 7 Challenges in Cybersecurity for Business

Bottom Line

Prevention and education are the best weapons against cyberattacks. Taking advantage of tools such as network monitoring and ensuring your employees understand best practices to avoid online scams or lures will reduce the risk of a data breach for your organization.

How is your company staying secure and building defenses to avoid attacks? Download DOT Security’s Cybersecurity Checklist: How Covered is Your Business? to begin strengthening your security standing.