Back to Email phishing

Email phishing

China-based hackers target US universities in pursuit of maritime military secrets

On March 5, 2019, the Wall Street Journal reported that the University of Hawaii, University of Washington, and Massachusetts Institute of Technology (MIT) are among 27 universities in the U.S., Canada, and Southeast Asia targeted by Chinese hackers as part of a detailed scheme to steal research about maritime technology being developed for military use.

According to iDefense, a cybersecurity intelligence unit of Accenture Security, targeted universities were identified by observing that the universities' networks were communicating with servers located in China. The culprit was a Chinese hacking group that researchers have given several names, including Temp.Periscope, Leviathan, APT40, and Mudcarp. The investigations revealed that the ongoing cyber campaign by China to steal U.S. military research dates back to at least April 2017. The cyberattacks were conducted via phishing emails that appeared to be sent from partner universities but were actually loaded with malicious software.

Don't want to make the news for the wrong reasons? Download ManageEngine Exchange Reporter Plus, an Exchange mailbox monitoring and reporting tool that wards off email-bound threats.

How ManageEngine can help

Exchange Reporter Plus provides a host of reports that help you locate suspicious emails, both sent and received, based on keywords in their subject or body. Often the content and sender of malicious emails comes across as valid, tricking users into opening these emails and clicking on links embedded in them, causing serious damage to the business. This is why email attachments deserve scrutiny.

With Exchange Reporter Plus, it's easy to set up filters to guard against malicious attachments—whether they're TXT, PPT, or BAT files.

You can locate emails based on:

  • Attachment name: Display all email messages in your organization that have an attachment with a specific name. Knowing the names of malicious files helps you take necessary steps to stop email-bound threats.
  • Attachment type: Identify mailbox content based on an attachment’s file format, so you can spot malicious software transfer over email.

Exchange Reporter Plus’ reports also provide details on the date an attachment was received. Any dubious attachment can be easily identified from these reports.

Attachments by file name keyword
Attachments by file extension keyword

In attacks where the content and sender information vary, you can customize mailbox content reports to include all the keywords these different emails use.

Latest DoS and DDoS attacks

Latest Brute force attack

Latest Crypto ransomware

Latest Advanced persistent threat (APT)

Compliance violation

Stay In The Know

Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.

Please enter a business email id
 

By clicking 'I’m interested', you agree to processing of personal data according to the Privacy Policy

© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.