Army Cyber Command Employees Targeted In Ransomware Phishing Emails
Army Cyber Command was forced to issue an alert to warn government employees not to open emails that appear to come from the “Office of Personnel Management” earlier this week. The emails were phishing emails sent by an unidentified hacker, or hacking group, designed to extort digital currency called bitcoin from the recipients of the email. The brazen data thieves even targeted members of the Army Cyber Command, a branch of the army that conducts integrated electronic warfare, information and cyberspace operations.
The body of the email warned the recipients that their bank accounts had been comprised and that further action was needed on their part. The recipients were then directed to open an attachment containing malicious malware. The attachment contained a Windows-based ransomware known as “Locky” that was first discovered in February 2016 by a group of security researchers from Leesburg, VA.
Once the attachment was opened and the malware was unleashed, the recipients would be offered the opportunity to purchase a decryption key that would fix their computer. A decryption key for this type of malware normally costs .5 bitcoin, or approximately $360.
Army Cyber Command spokesperson Charles Stadtlander told employees and civilians to remain vigilant while online and used the incident as a reminder as to why the Army Cyber Command exists. He told reporters:
“Warnings like this serve as a reminder that cyberspace is a crowded domain where malicious actors exist among Americans conducting their everyday social lives, finances, and business. These actors consistently attempt to impact both US military and civilian systems, and Army Cyber command as well as our fellow military and US government cyber defenders exist to deter attackers.”