ZDNet UK is reporting that British defense firms are being targeted by spearphishing attacks.
Cabinet Office Minister Francis Maude stated that British defense contractors were being targeted by a sophisticated campaign that uses highly targeted emails to compromise systems. The Minister announced that these attacks had been identified through a data sharing arrangement between business and government under the new UK cybersecurity strategy that was announced in November of 2011.
The Minister noted, “UK government networks continue to be regularly targeted by foreign intelligence agencies, or groups working on their behalf.”
At Iconix we strongly support efforts to quickly discover these “spy-phishing” attacks against government and industry. However, as important as detection and remedial action are, prevention is also important. While the Cabinet Office advanced education to fight this problem, the fact of the matter is that education is not effective against these highly targeted email attacks.