Government organisations are being attacked with phishing emails
Technology
Conduct a full reset of usernames and passwords for all employees
ISLAMABAD (Dunya News) - It has been revealed that state institutions, ministries and government departments are being attacked by phishing emails.
The National Cyber Security Emergency Response Team (CERT) has issued an urgent advisory warning directing government organisations to stay on alert.
The advisory stated that the phishing emails were crafted to deceive users into compromising their credentials by clicking on malicious links or opening attachments.
These emails were traced to multiple public IP addresses and were designed to hide the identity of the attackers by using cloud-based services.
Forensic analysis had identified the nature of the attack, the tactics employed, and potential risks. Government organistions could take measures to mitigate the threats.
The advisory directed to implement advanced email filtering and anti-phishing solutions capable of detecting suspicious links, malicious attachments and domain spoofing attempts
These solutions should be integrated with threat intelligence feeds to automatically block known phishing domains and IP addresses.
It was instructed to deploy and enforce email authentication protocols to prevent attackers from sending phishing emails that appear to come from trusted government domains.
Advisory mandated the use of multi-factor authentication (MFA) for all email systems and sensitive applications to provide an additional layer of security against compromised credentials. This will ensure that even if login information is stolen, unauthorised access is prevented.
It had been advised to conduct a full reset of usernames and passwords for all employees who have interacted with the phishing email to eliminate potential access risks.
All organisations were encouraged to implement robust incident response plans to quickly identify and contain phishing attacks.
They must leverage threat intelligence platforms to continuously update your security tools with real-time data on known phishing campaigns and threat actors.
