Each wave employed various technical enticements and social engineering techniques to determine which threat against the government agencies, consultancies, and non-profits it was targeting in more than 20 nations fared the best.

NOBELIUM, the threat organization thought to be behind the widespread SolarWinds Orion attack, is blamed for this most recent spear phishing effort. NOBELIUM, also known as Cozy Bear and APT29, exhibits stealth and the capacity to modify their cybercriminal methods to elude discovery. Phishing emails from NOBELIUM include malware that may harm users by:

  • Contaminating endpoint devices on your network or a customer’s network
  • Spreading through your cooperating supply chain partners while waiting in the shadows to attack when you are less ready
  • Stealing sensitive information, such as trade secrets or login credentials
  • Compromising your reputation and client trust
  • Creating the foundation for more sophisticated ransomware that holds businesses hostage

By following the suggestions listed below, you can improve organizational security and lessen NOBELIUM’s effects:

  • Utilize deep learning to thwart threats before they cause harm.
  • With the help of cybersecurity professionals, monitor your infrastructure and sensitive data round-the-clock.
  • Add defense-in-depth security to anti-virus and perimeter protection.
  • After vendor notice, patch any application vulnerabilities as quickly as you can.
  • Keep backup data off-site and on a network that is fully independent from production data.
  • Make and keep an incident response strategy.
  • Turn off unused services and applications to minimize your attack surface
  • Put Multi-Factor Authentication (MFA) to use to prevent password reuse and compromised login information.
  • Make security awareness training available to all of your staff
  • Run vulnerability scans to identify security holes and assist you in thinking like an attacker.

To beat well-funded and skilled cybercriminals, adopt a proactive approach to cybersecurity. The talent pool of security analysts and specialists is not keeping up with the growth of these sophisticated threats. We are an extension of your team and offer round-the-clock protection against these persistent attacks with CYB3R-X and our 24/7 SOC. Let’s collaborate with your stakeholders to share previous results and achievements with related organizations.