Attackers Communicate via Outlook in Cyber Attack on German Federal Government

, ,

In the case of the so-called Bundeshack, attackers, most likely from Russia, recently carried out a cyber attack on the German Federal Foreign Office. The perpetrators captured small amounts of data and only a single-digit number of documents. As far as is currently known, a total of 17 computers were affected by the malware attack. 

The Süddeutsche Zeitung yesterday published new details on the cyber attack on the German government . Would it have been possible to fend off the cyber attack?

The criminals probably communicated with the Outlook client on the infected computers of the federal government for months. Specially prepared attachments in emails were used as the medium. It is not yet known whether the malicious code then manipulated the email client directly or accessed the downloaded email attachments.  

How to Fend off Cyber Attacks 

This is once again proof that intelligent attachment management is essential in the context of email security. Even though it is not yet known how exactly the commands in the email attachments were evaluated by the malware, NoSpamProxy would have made the cyber attack either impossible or at least much more difficult to carry out.  

NoSpamProxy lets you convert attachments to emails from unknown senders to a harmless PDF, or quarantine it. Emails containing unknown attachments should be rejected in any case. To assess whether a sender is trustworthy or not, NoSpamProxy considers the communication history. In addition, the user protected by NoSpamProxy can simply send an email to a recipient to signal his or her trustworthiness. 

/by
BMWi study on encryption identifies hurdlesE-Mail Verschlüsselung mit der Initiative "Mittelstand verschlüsselt!" - einfach, günstig, sicher, für jedenInfo IconHow to use SPF-authenticated servers in “Corporate email servers”