The State of Washington is currently embroiled in a large-scale phishing campaign, although it doesn’t seem yet to involve any form of ransomware. Multiple state agencies have been infected however, with malware through an assault described as “sprawling” and “sophisticated.”
The phishing emails were disguised as “legitimate email from state agencies, financial institutions and other people and organizations.”
From Governor Jay Inslee’s Office, Mike Faulk explained last week that the state began receiving “large volumes of phishing emails,” designed to trick the user into downloading malware or entering private credentials. Notorious malware strains such as Trickbot and Emotet were involved and have infected numerous agencies.
During a recent press conference, Governor Inslee detailed the onslaught and explained his “administration has activated the state’s Emergency Operations Center, responsible for coordinating with state, local, federal and private stakeholders to effectively respond to public emergencies.”
Inslee also reassured the public that state services do not appear to be seriously affected, although precautions are necessary, so certain applications will be temporarily offline for maintenance.
The attack only adds turmoil to a divided nation, with an upcoming presidential election on the way. State services remain uncompromised, but Governor Inslee is taking a defensive approach, “we intend to be very alert and aggressive to defend ourselves. We are standing up our emergency operations center so that we can use the full emergency resources and power [of the state] against this nefarious attack.”
Election systems were thought to be a target of this attack, however officials don’t believe Washington’s government was specifically at risk, or even the desired target. VoteWA.gove remains secure and available for the public safety to use.
According to WaTech, Washington’s IT agency, Similar phishing campaigns have been discovered across the country in both the public and private sectors.
Phishing emails continue to be the primary avenue used to trick users into downloading an infected document, click an infected link, or unknowingly type in sensitive credentials, allowing hackers to access and steal personal information.
DarkHound SecOps is a leader in the cybersecurity field and provides free cybersecurity training to help your business avoid an attack. Time lost is money lost. Contact DarkHound today (714) 266-3790.
-Emmy Seigler
Image Source: https://www.pexels.com/photo/photo-of-seattle-skyline-1796730/