Nation-State APTs Continue to Target U.S. Think Tanks; Sensitive Information Remains at Risk

Summary

Nation-state Advanced Persistent Threat (APT) actors continue to target US think tanks as a means of acquiring sensitive information. These adversaries have successfully compromised the think tanks by unsophisticated social engineering tactics and exploiting common vulnerabilities in networks, highlighting a significant security gap in the protection of sensitive national security information. Nation-state APT actors have sought access to US think tank organizations – which employ former US Government (USG) personnel who continue to engage with current USG officials on political, domestic, foreign, and economic policies – as a means to collect sensitive USG information, bypassing the need to target USG networks directly.

This FBI PIN contains an overview of the threat and recommended mitigation measures to assist organizations in guarding against the persistent malicious actions of cyber criminals.

Reporting

The NJCCIC encourages recipients who discover signs of malicious cyber activity to contact the NJCCIC via the cyber incident report form by clicking here.

Please do not hesitate to contact the NJCCIC at njccic@cyber.nj.gov with any questions.