What you need to know
- Microsoft highlighted how Vietnamese government-backed hackers used cryptocurrency-mining to go undetected.
- A Microsoft report states that state-backed hacking groups are trying out more traditional cybercrime.
- A group known as BISMUTH utilized coin miners as part of an attack.
Microsoft on Monday highlighted a growing trend of state-sponsored hackers disguising themselves as financially motivated hackers rather than being motivated by espionage. The company illustrated this by sharing from the Vietnamese group BISMUTH (via ZDNet). A group known as BISMUTH recently tried a new tactic that centered around crypto mining, which is different than their normal method of attack.
The Microsoft Defender team (opens in new tab) explained on Monday:
In other words, Microsoft says that while BISMUTH remains primarily an espionage outfit, it won't turn down any money it receives from crypto ransom. It also helps if targets — once they locate BISMUTH-planted malware — write it off as "less alarming" and "commodity" intrusions.
Microsoft's security team does have a few takeaways from this little story that users in all walks of life could take heed of. The company reminded users to be careful about what they share on social media, as it could lead to vulnerability to spearphishing attacks. Microsoft also encourages users to make use of Office 365's spam filtering settings so that emails with malware and spam are blocked.
In the incident that a user is hacked, the company notes that users should be using multi-factor authentication combined with strong passwords. Once again, there are a lot of tips in the post that remain relevant even if you're not an espionage target from the world governments.
The biggest takeaway here remains that a secure network is as strong as its weakest link. As BISMUTH illustrates, protecting against highly sophisticated attacks alone is inefficient.
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.