Numerous state-sponsored threat actors frequently launched spear phishing attacks against European Union entities last year, according to a new report from the EU’s Emergency Response Team (CERT-EU).
“In 2023, spear phishing remained the predominant initial access method for state-sponsored and cybercrime groups seeking to infiltrate target networks,” the report says.
“This sophisticated form of phishing involved highly targeted and personalised e-mail campaigns, meticulously crafted to deceive specific individuals within organisations. In Union entities or their vicinity, as well, spear phishing was the most observed method to attempt initial access. We have analysed 177 such attacks, that we found notable.”
The threat actors often used lures that were themed around EU organizations and impersonated real people.
“A number of adversaries used specific lures related to EU affairs, in their attempts to deceive users in our vicinity,” the researchers write.
“Some threat actors sent spear phishing e-mails containing malicious attachments, links, or decoy PDF files that originally were internal or publicly available documents related to EU policies....To make the spear phishing message even more credible, the attackers often impersonated staff members of Union entities or of the public administration of EU countries. These attacks targeted not only Union entities but also public administration in EU countries. This shows a significant interest by some adversaries to gather information related to various EU political matters."
The threat actors put a great deal of effort into researching their targets and crafting tailored social engineering attacks.
“Whatever the goal of the attack was, the threat actors dedicated time and resources in preparatory phases such as reconnaissance and social engineering,” the report says.
“Reconnaissance involves gathering intelligence about Union entities: the role of certain staff members, their contact lists, the documents or information they usually share with their stakeholders. Social engineering manipulates human psychology, and in the context of spear phishing against Union entities, social engineering aims to craft believable deceptive messages by leveraging information acquired from previous attacks or exposed on unsecured IT assets to increase the likelihood of successful infiltration.”
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Infosecurity Magazine has the story.