Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Hackers Invade German Ministries of Defense and Foreign Affairs

    Stu Sjouwerman | Feb 28, 2018
    GE_For_Aff

    Foreign hackers have invaded secure networks of various German government departments. According to German and Dutch media, the Ministries of Foreign Affairs and Defense were among the targets. The authorities say that the government departments involved have improved their network Security.

    Sources within the German security services say to German media that the hackers belong to the Russian group APT28, which is also known under the name Fancy Bear. It is not known what data has been captured. The German security services would have known about the data breach since the end of last year.

    Western Targets

    APT28 is held responsible for cyber attacks on Western targets, such as the Democratic Party in the US, NATO, the White House, the Doping Authority WADA and the international team that is investigating the disaster of flight MH17.

    Russia has always denied involvement in such attacks in the past. There is no reaction from the Kremlin to the latest accusations from Germany.

    Russian APT28 is known to harness EternalBlue; NSA's Windows SMB exploit which made the WannaCry ransomware and Petya so effective — and are using it to spread laterally in cyber attacks against hotels in Europe. (By the way, did you apply the MS17-010 patch yet?)

    Researchers at FireEye posted that they uncovered a malicious document sent in spear phishing emails to multiple companies in the hospitality industry, including hotels in at least seven European countries and one Middle Eastern country in early July. Successful execution of the macro within the malicious document results in the installation of APT28’s signature GAMEFISH malware.

    Free Phishing Security Test

    Did you know that 91% of successful data breaches started with a spear-phishing attack?

    Cyber-attacks are rapidly getting more sophisticated. We help you train your employees to better manage the urgent IT security problems of social engineering, spear-phishing and ransomware attacks. Take the first step now. Find out what percentage of your employees are Phish-prone with our new, improved free test. 

    Get Your Free PST Now

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/phishing-security-test-offer

    Topics: Cybercrime

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All

    Get the latest insights, trends and security news. Subscribe to CyberheistNews.