Chinese hackers attempted to phish emails related to the US government


All phishing emails were successfully marked as spam and filtered by Gmail in February.

Image: Adobe

Russian hackers are not the only malicious actors that the United States needs to be aware of from a cybersecurity perspective. According to Google’s Threat Analysis Group (TAG), several Gmail users linked to the US government were notified in February of an attempted phishing attack by a China-backed hacking group called APT31. Fortunately for government officials, the attempted attack was unsuccessful as all emails containing phishing links were automatically marked as spam and filtered by Gmail.

“Today we sent alerts to individuals who were targeted by government-backed attackers,” Shane Huntley, head of Google’s Threat Analysis Group wrote on Twitter. “We have no evidence that this campaign was related to the current war in Ukraine. In February, we discovered an APT31 phishing campaign targeting high-profile Gmail users associated with the US government. 100% of these emails were automatically classified as spam and blocked by Gmail.”

SEE: Google Chrome: Security and UI Tips You Need to Know (TechRepublic Premium)

When a government-sponsored hacker tries to send a malicious email, users will receive the alert below, warning them of a possible attack. According to Google’s support page, less than 0.1% of all Google Account users are attacked.

Photo: Google

On March 7, Google released an update on the site’s official blog page informing users about the various attack groups being backed by foreign governments such as Russia, China and Belarus. One of these groups, known as FancyBear/APT28, is a Russian-backed collective that attempted its own phishing attack on a Ukrainian media outlet, attempting to create a fake Blogspot login page to steal usernames and passwords. A Belarusian hacking group known as Ghostwriter/UNC1151 also carried out a similar attack against Ukrainian and Polish government and military organizations.

SEE: Password Breach: Why Pop Culture and Passwords Don’t Mix (Free PDF) (TechRepublic)

“All organizations, including government agencies, are targets of nation states and cybercriminals,” said James McQuiggan, security awareness advocate at KnowBe4. “By phishing people, they see it as the more accessible way into the systems and infrastructure. Accessing a government employee’s email address is easy to bypass the technology and gain access to government infrastructure and systems.”

To combat these attack attempts, McQuiggan recommends organizations keep their IT logs vigilant and alert employees to the potential threats organizations face from these various malicious actors.

“Companies need to maintain a strong security awareness training program and keep their employees regularly updated on the latest attack patterns and phishing emails,” said McQuiggan. “Employees can make the right decisions to identify and report potential phishing emails. This action creates a more robust safety culture and allows the organization to work towards being a key asset for the safety department.”

In addition to being aware of potential threats, it is important for organizations to invest in the best antivirus software available to add another layer of security. This extra buffer can give both businesses and their employees peace of mind when it comes to surfing the web and conducting business safely.


About Author

Comments are closed.