The need for an iron-clad email security solution is once again making headlines.
On October 3,the US Department of Justice (DoJ) reported that, working with Trustwave partner Microsoft, it had disrupted a Russian government-based scheme to steal Americans’ sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials.
The DoJ partially unsealed a warrant authorizing the seizure of 41 internet domains used by Russian intelligence agents and their proxies to commit computer fraud and abuse in the United States. The department worked in tandem with a Microsoft civil action to restrain 66 internet domains used by the same actors, the DoJ said.
“Today’s seizure of 41 internet domains reflects the Justice Department’s cyber strategy in action – using all tools to disrupt and deter malicious, state-sponsored cyber actors,” said Deputy Attorney General Lisa Monaco.
According to the partially unsealed affidavit filed in support of the government’s seizure warrant, the seized domains were used by hackers belonging to, or criminal proxies working for, the “Callisto Group,” an operational unit within Center 18 of the Russian Federal Security Service (FSB). The group committed violations related to unauthorized access to computers, obtaining information from US government departments or agencies, unauthorized access to protected computers, and causing damage to protected computers.
The Callisto Group conducted an ongoing and sophisticated spear-phishing campaign to gain unauthorized access to the computers and email accounts of the US government and other victims, the DoJ said. Their targets included US-based companies, former employees of the US Intelligence Community, Department of Defense and Department of State employees, US military defense contractors, and staff at the Department of Energy.
Spear phishing is a highly targeted form of phishing attack where the attacker sends a personalized email or message designed with specific information tailored to trick the targeted individual or organization into revealing sensitive information or clicking on a malicious link.
It is essential to understand that there are multiple steps organizations can take and that services are available to help protect against email-based attacks.
Trustwave SpiderLabs Research Manager Phil Hay shared some actionable advice for organizations looking to stay ahead of advanced email threats.
“The traditional approach of security in layers works really well,” Hay said. “Knowing what’s right for your environment, training your organization, testing new tools in parallel with your existing devices and software, and having a tool that can carry out a set policy is key.”
No single tool will completely protect you against email attacks - instead, an organization must have a strong process, good training, and tools to help ensure there’s defense across multiple levels.
Top Email Security Recommendations:
Trustwave MailMarshal offers a sophisticated multi-layered approach to email security to reduce false positives and protect against spam, gateway attacks, viruses, phishing attempts, and malicious URLs embedded in an email. In addition, it provides complete email protection against phishing, spear–phishing, and business email compromise (BEC).
MailMarshal provides layered protection against email-based threats, capturing all forms of threats to protect your environment and reduce the burden on your security team.