A maliciously coded e-mail masquerading as a White House Christmas card was a sinister move by hackers to steal sensitive documents from US law enforcement and military officials, according to cybersecurity analysts. The bright red and green holiday greeting, with the decorated Christmas tree, was sent out in late December and claimed to be from the ``Executive Office of the President.'
Cyber threat analysts said it was targeted at government officials, particularly those who are involved in computer crime investigations. While it is not clear yet how many people got the e-mail or how many documents were siphoned from their infected computers, analysts said there has so far been no evidence that any classified data was taken.
The targeted e-mail attack comes as the US government is desperately trying to beef up its cybersecurity after the release of thousands of State Department cables and military documents by the WikiLeaks website. Federal authorities want to improve technology systems and crack down on employees to prevent the theft or loss of classified and sensitive information.
A memo distributed this week by the White House Office of Management and Budget instructs federal agencies to complete assessments of system gaps and weaknesses as well as plans to upgrade networks and websites by January 28. The agencies must detail whether they have adequate procedures for workers accessing classified materials, how they determine who is given that access, and whether they use psychiatrists or sociologists to measure if employees are happy or grumpy and could pose a security threat.
The e-mail prompted recipients to cmick on a link, which would then download the ZueS malware a well-known malicious code that is often used to steal passwords and other online credentials, primarily to poach Internet banking information. The malware was created several years ago and is widely available for criminals to acquire and adapt. It has been used to steal millions of dollars.
Comments
Comments are closed.