APTs Target US Think Tanks
NJCCIC Alert
Original Release Date: 12/3/2020
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued an alert identifying ongoing cyber intrusions by advanced persistent threat (APT) actors targeting US think tanks. Attack vectors range from low-effort capabilities such as spearphishing emails, to more advanced techniques such as the exploitation of vulnerable web-facing devices and virtual private networks (VPNs). APTs have also been able to regain footholds in compromised networks, despite successful removal. Additionally, researchers identified attempts by North Korean government-aligned threat actors to infiltrate at least nine health organizations, including Johnson & Johnson and vaccine developer Novavax Inc. CISA and the FBI advise organizations to immediately adopt a heightened sense of awareness.
Recommendations
The NJCCIC urges organizations to implement mitigations outlined in the CISA and the FBI joint advisory. Organizations are encouraged to implement a defense-in-depth cybersecurity strategy that includes layered defenses, following the principle of least privilege, establishing a comprehensive data backup plan, and the use multi-factor authentication.
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.