In the WSJ of Dec 22, 2016 there is an article that hides the real headline. It talks about the research done by CrowdStrike which shows that the DNC hack was done by a hacker group known as Fancy Bear. This group works for the Russian military intelligence agency, known as the GRU, and was one of two Russian hacker outfits that stole emails from the DNC earlier this year.
The GRU was involved in the recent war in the Ukraine, and used Fancy Bear for a particulary devious hack.
In the Ukrainian operation, CrowdStrike found, the hackers altered a smartphone app that had been developed by a Ukrainian artillery officer to help better aim ordnance. The weaponry used by Ukrainian forces was antiquated, and the app employed GPS to help improve its aim and accuracy.
The app was shared widely in online military forums and adopted by many artillery units, the company determined.The Russian hackers, though, turned the app into a kind of homing beacon and could have used it to locate the position of the Ukrainian units, CrowdStrike found.The company discovered no conclusive evidence that the Russian military used the hacked app that way but noted that Ukrainian artillery forces suffered significant losses in combat along the front line.
Here is what CrowdStrike concluded: "For Ukrainian troops, artillery forces have also shouldered a heavy cost. In 2 years of conflict, they have lost nearly 50% of their artillery pieces and over 80% of D-30 howitzers, far more than any other piece of Ukrainian artillery."
“The ability of this malware to retrieve communications and gross locational data from an infected device makes it an attractive way to identify the general location of Ukrainian artillery forces and engage them,” the report said.
You can draw your own conclusions, but my point is that these days if you download the wrong app in the wrong situation, it can can get you killed -- literally. I guess that security awareness training in those situations is a life-or-death kind of thing. Glad we are only exposed to hacking in an office environment.
Free Domain Spoof Test
Can hackers spoof an email address of your own domain?
Are you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO Fraud", penetrating your network is like taking candy from a baby.
Would you like to know if hackers can spoof your domain? KnowBe4 can help you find out if this is the case with our free Domain Spoof Test. It's quick, easy and often a shocking discovery. Find out now if your email server is configured correctly, many are not!
Don't like to click on redirected buttons? Cut & Paste this in your browser: