Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    "Berserk Bear", The Russian Hackers Playing ‘Chekhov’s Gun’ With US Infrastructure

    iStock-1220985010In an advisory warning published last week by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the government notified the public of a sophisticated Russian hacking group called Berserk Bear.

    The group allegedly carried out a broad hacking campaign targeting US state, local, and territorial government agencies, as well as several aviation sector organizations. According to the report, hackers breached at least two of the targeted networks. The news is alarming as it points to Russian interference in the 2020 elections, although the scope of the campaign is largely unknown.

    Beserk Bear has a history of intrusions on the US and its infrastructure, although it is difficult to determine the threat that the group poses to US national security. Although the group has gained leverage inside global infrastructure ranging from nuclear power plants to electric distribution utilities, the group rarely uses their access to cause disruption.

    Therefore the threat actor group has been referred to as Checkhov’s gun, hanging on the wall without ever being fired. Berserk Bear’s ability to gain access to sensitive information yet refrain from launching ransomware, malware, botnets, or Trojans, attacks points to the idea that they may be planning a much bigger, disastrous attack. More at WIRED

     

     

    Return To KnowBe4 Security Blog

    Can hackers spoof an email address of your own domain?

    DSTAre you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO Fraud", penetrating your network is like taking candy from a baby.

    Now they can launch a "CEO fraud" spear phishing attack on your organization, and that type of attack is very hard to defend against, unless your users are highly ‘security awareness’ trained.

    Find out now if your domain can be spoofed. The Domain Spoof Test (DST) is a one-time free service. Run this test so you can address any mail server configuration issues that are found.

    Try To Spoof Me!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/domain-spoof-test/

    Topics: Cybersecurity

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews