Search on TFTC
FBI Issues Warning on State-Sponsored Email Hacks

FBI Issues Warning on State-Sponsored Email Hacks

May 6, 2024

FBI Issues Warning on State-Sponsored Email Hacks

In a recent joint cybersecurity advisory, the Federal Bureau of Investigation (FBI), the U.S. Department of State, and the National Security Agency (NSA) have alerted the public about sophisticated email-based attacks carried out by state-sponsored hackers. The advisory specifically identifies North Korean-backed hackers, linked to the country’s military intelligence agency known as Kimsuky, who are employing email authentication bypass techniques.

The hackers are reportedly impersonating figures such as academics, journalists, and researchers. According to the agencies' bulletin, the objective of these cyber actors is to "provide stolen data and valuable geopolitical insight to the North Korean regime by compromising policy analysts and other experts." The bulletin further explains that, "Successful compromises further enable Kimsuky actors to craft more credible and effective spear-phishing emails, which can then be leveraged against more sensitive, higher-value targets."

The statement emphasizes the threat posed by these activities, highlighting the hackers' intent to maintain "consistent access to current intelligence about the United States, South Korea, and other countries of interest to impede any perceived political, military, or economic threat to the regime’s security and stability."

The advisory details the tactics used by the hackers, including the creation of fake usernames and the use of legitimate domain names to impersonate individuals from trusted organizations. The hackers are not using the actual domain email exchanges of these organizations, but instead control the email addresses and domains, making verification by recipients difficult.

The FBI, State Department, and NSA have urged email users to update their email account’s DMARC (Domain-based Message Authentication, Reporting & Conformance) policies. Email services such as Gmail and Yahoo have confirmed that they will automatically implement stricter DMARC policies.

In a related matter, the FBI reported a significant increase in financial losses due to scams, particularly among older Americans. The FBI noted that losses reported by Americans over the age of 60 last year were up 11 percent from the previous year. Deputy Assistant Director James Barnacle of the FBI’s Criminal Investigative Division highlighted the severe impact of these scams, which can leave some victims destitute.

The Epoch Times Article


Current Block Height

Current Mempool Size

Current Difficulty