Political machinations often end up leading to phishing attacks. We’ve seen it before. The Sony Pictures film The Interview, a comedy about two journalists tasked with killing North Korea leader Kim Jong Un, ultimately led to a massive breach of the studio that US intelligence officials attributed to a North Korean hacking group called DarkSeoul, which is known to use spear phishing attacks. In 2018 a major phishing attack focused on the World Cup and fake vacation rentals and trips to Moscow. Now a new political dispute is leading experts to warn about possible phishing attacks.
In recent months there have been news reports of U.S. government cyberattacks against power grids in Russia and Iran. In many ways it does not matter if these attacks are real or not; what matters here is the perception that they are real and ultimately what the Russian and Iranian governments will do in retaliation against the attacks.
There is a strong possibility that hacking groups, be they state-sponsored or simply highly motivated criminals, will attack American organizations in retaliation. A likely attack target would be an employee at a critical infrastructure facility in the United States, or perhaps a government agency such as the Dept. of Energy or Defense. This would hardly be a unique situation; a published report from last year said the Defense Department faces 36 million email attacks daily. The past fall the Congressional Research Group issued a report about electric grid cybersecurity, including how the Energy Department is protecting the grid and actions the government is taking to improve security.
One can reasonably expect a much higher number of state-sponsored phishing and spear phishing attacks during this heightened political saber-rattling age. If your organization is involved in the critical infrastructure industry, you should take extra precautions and double-down on your employee training efforts to protect your network, its data, and the customers you serve. If you are not in one of these industries, you still should double-down on your cybersecurity precautions. Just because you might not have the biggest target on your back, that does not make you immune from a potential attack. It just means you need to be cleverer than your attackers because they are out there and your company has a very high possibility of being subject to some type of cybersecurity attack. And remember, with cyberattacks, company size doesn’t matter — you are as likely to be attacked if you are in a small company as you are in a large one. Train your staffs. Make your attack profile as small as possible. And most importantly, remember that the odds are a bad actor is probably on your network right now so you should assume you are under attack and respond accordingly.