There is no denying the fact that cybercriminals have been exploiting the trust of people in media agencies. However, the ongoing situations have seen an incredible surge in cybercriminals needing to utilize each possible way to target media agencies.
Aside from direct attacks, they have even misused brand names to create counterfeit identities, which are then used to target ‘potential victims’.
A couple of incidents throw light upon how and why these threat actors have set their sights on the media industry.
Some of them have been directly targeted generally through ransomware attacks.
Ritzau, the biggest independent news agency in Denmark, was targeted by a ransomware attack, prompting the compromise and encryption of more than one-fourth of its 100 network servers.
The computer servers at the Press Trust of India were also attacked by LockBit ransomware, which kept the agency from delivering news to its subscribers.
A few attackers very cleverly utilize the ‘pretense’ of media agencies to plan out their attacks.
Some time back, TA416 Able was found carrying out spear-phishing attacks by imitating journalists from the Union of Catholic Asia News, endeavoring to target the scope of victims, including diplomats for Africa and people in the Vatican.
Another incident happened when the U.S. seized 27 domain names that were utilized by Iran’s Islamic Revolutionary Guard Corps (IRGC) for carrying out secretive influence campaigns, in which a few domains were suspected to be veritable media outlets.
OceanLotus had set up and operated a few websites, professing to be news, activist, or anti-corruption sites consistently. Furthermore, they traded off a few Vietnamese-language news websites and utilized them to load an OceanLotus web profiling framework.
Subsequently keeping these events in mind, experts recommend having sufficient safety measures, like frequent data backups, anti-malware solutions, and implementing Domain-based Message Authentication, Reporting & Conformance (DMARC).
Furthermore, recommendations were made on carrying out tests to distinguish and eliminate the risks of domain spoofing.
You may be interested in...
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.