• Middle Eastern and African governments targeted in cyber-espionage attacks
• Attackers using unique credential theft and email exfiltration techniques
• Goal is to obtain sensitive information related to politicians, military activities, and foreign affairs
According to a recent report, governmental entities in the Middle East and Africa have been facing waves of sustained cyber-espionage attacks. These targeted attacks are using never-before-seen and rare credential theft and Exchange email exfiltration techniques.
The primary objective of these attacks is to obtain highly confidential and sensitive information related to politicians, military activities, and foreign affairs ministries. The report indicates that the attackers responsible for these cyber-attacks want to obtain as much information as possible to gain an advantage in their own geo-political strategies.
While the report didn’t attribute the attacks to any specific group, it notes that many of the tools and techniques used are similar to those employed by APT groups known to operate in the area.
This is not the first time that governments in the region have faced targeted cyber-attacks. Such attacks are commonplace in the geopolitical landscape of the region, and governments have been taking measures to bolster their cybersecurity defenses in recent years.
The report highlights the need for continued efforts to enhance cybersecurity and protect sensitive government information from falling into the hands of attackers. However, it also takes a lighthearted approach to the matter, joking that the attackers might be in for a rude awakening when they realize that “the most sensitive and confidential information they can obtain might be last week’s lunch order from a team building meeting.”Original Article: https://thehackernews.com/2023/06/state-backed-hackers-employ-advanced.html