Spear-Phishing Attack on U.S. Think Tanks
Within hours of the official results of this tumultuous and divisive election, U.S. officials said that Russian hackers began an organized cyber-attack on U.S.-based policy think tanks. Multiple cyber security experts reported that they had discovered a “spear phishing” campaign that they successfully linked to the Russian government. Spear phishing campaigns typically involve sending a malware-infected email to targeted personnel within specific organizations. This tactic requires some previous knowledge of the target that makes it more believable. This particular email was replicated to look like it was sent from Harvard University and delivered to members of D.C.’s most prominent think tanks under the subject line “Why U.S. Elections are Flawed, 11/09”. Within the body of the email, there was a link that claimed to lead the viewer to the document, but instead was the source of the malware. If clicked, the malware would have infected the recipient’s computer, giving the attacker access to their computer and data. Think tanks are especially appealing targets for hackers because of their close relationships with American politicians and other government employees. Federal law enforcement is still investigating this attack.