Information Warfare: Spear Phishing at the Pentagon

Archives

December28, 2006: The U.S. Department of Defense is suffering yet another Internet based attack. This one is a "spear phishing" offensive. "Phishing" (pronounced "fishing") is when a hacker sends out thousands, or millions, of emails that look like warnings from banks, eBay or PayPal, asking for you to log in (thus revealing your password to the hackers, who have set up a false website for this purpose) to take care of some administrative matter. The hacker then uses your password to loot your account. "Spear phishing" is when the emails are prepared with specific individuals in mind. The purpose here is to get specific information from, say, a bank manager, or someone known to be working on a secret project. The thousands of spear phishing emails sent to military personnel is worrisome, because it means someone is looking for defense related data, including classified stuff. Most people don't fall for phishing attacks, but the hackers know that some will. The recent spear phishing attack included messages with a PowerPoint attachment. That file, if opened, installed a virus on the users computers, and created access, to the users network, for the hackers who carried out the spear phishing campaign. Military personnel are trained to watch out for things like phishing attacks, but hackers only need to get a few victims to fall for it. The Department of Defense has publicized this spear phishing attack in order to encourage any military personnel, who may have fallen for it (or think they did) to report that as soon as possible.

 


Article Archive

Information Warfare: Current 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 2006 2005 2004 2003 2002 2001 2000 1999 


X

ad
0
20

Help Keep Us Soaring

We need your help! Our subscription base has slowly been dwindling. We need your help in reversing that trend. We would like to add 20 new subscribers this month.

Each month we count on your subscriptions or contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage. A contribution is not a donation that you can deduct at tax time, but a form of crowdfunding. We store none of your information when you contribute..
Subscribe   Contribute   Close