Threat Focus: Cyber-Physical Attacks & The Joys of Tax Season Scamming Begin!

In this reporting period, the the Gate 15 Threat and Risk Analysis Cell (TRAC) honed in on four notable areas of concern in Wednesday’s Threat Dashboard‘s Threat Focus, informed by our daily reporting on the global, all-hazards threat environment: the recent Quebec attack, which highlighted a week of increased anti-Muslim incidents; phishing related attacks; cyberattacks and physical impacts; and, the continued concerns around the spread of Avian Flu.

Elaborating on and adding to two of those areas in Thursday’s Torpedo ReportDave PounderKristi Horton and the team focused in on two areas more deliberately. Addressing cyber attacks bridging the cyber-physical divide, “This week was a reminder that cyberattacks can have physical impacts and further caused worry about the potential for future attacks. A ransomware incident at a high end ski resort in Austria prevented guests from using their electronic room keys to enter their rooms disrupting operations until the ransom was paid. This is one of the few documented incidents where a cyber-attack had physical impacts, and the potential for similar type cyber-physical attacks against critical infrastructure, and organizations in general, has grown strong enough to cause worries among cyber insurance companies… We assess with high confidence this type of activity, whether initiated through ransomware or another cyber-related means, will continue to increase and disrupt physical operations. The increasing complexity of these attacks further indicates attackers are looking for bigger targets and bigger effects.” The section continues and provides additional detail and perspective.

And, a new year means new tax filings, and cybercriminals are already finding ways to scam individuals and organizations. “Tax season brings out the best in cyber criminals. The desire for quick and easy money and the increasing number of taxpayers filing their returns electronically make for easy targets. But the attacks are not just limited to individuals, organizations are becoming big targets. Texas and Tennessee school districts recently fell prey to variants of the annual IRS scam. Supporting the desire for W2s is that stolen W2s are popping up and being sold on the Dark Web for up to $20 a record which could make for a potential lucrative return for criminals. This is in addition to the threat from the ever popular CEO-scam. One man combined a tax scam with the CEO-scam and impersonated a CEO in order to obtain tax data from employees, and another man was arrested for running a CEO email spoofing campaign wherein he stole over $500K from a Kansas construction company. These incidents are coupled with a new type of phishing attack which incorporates PDF attachments containing malicious links.” The complete Torpedo includes additional analysis and preparedness ideas.

The complete Torpedo Report includes additional background and analysis as well as some preparedness and operational ideas for leaders to consider. This week’s reports and previous releases can be linked to from the “Reports” tab of this website.

To help leaders maintain active threat situational awareness, we distribute our (free!) daily paper and the above mentioned weekly products. Our team hopes they can help you achieve a sound background as you assess your organizational risks and then apply a threat-informed, risk-based and prioritized approach to preparedness and operations. If you’re not already signed-up, subscribe to our free products and receive them directly! Free reports include our daily paper, the Gate 15 SUN, with additional detail, focus and analysis in the weekly Threat Dashboard and Torpedo Report.

Follow our Gate 15 team on Twitter: @Gate_15_Analyst; and our Gate 15 page on LinkedIn and subscribe to our free daily and weekly products!