Targeting Work Email Accounts
When targets open a phishing email containing a malicious attachment—a malware used as a backdoor to gain persistence on a victim’s machine—the compromised account “could be used to spread disinformation or pro-state propaganda, provide disinformation during times of war or pandemic, or be used to influence a politically charged atmosphere” said the article.In the data collected by Proofpoint, the worldwide attempt to target or leverage journalists and media personas in a variety of campaigns, including those well-timed to sensitive political events in the United States, started in early 2021.
Targeting Social Media Accounts
According to the report, besides journalists’ work email accounts as the most common locus of attack, targeting social media accounts of journalists and their media can also have significant consequences.For example, in 2013 the stock market dropped more than 100 points in roughly two minutes following a hacker taking over the official Associated Press Twitter account and posting a tweet claiming President Barack Obama had been injured in an attack on the White House, said the report.
Impersonation
Another tactic used by the hackers includes posing as a journalist to lure academics and foreign policy experts worldwide with the possibility of public recognition. The report believes that it’s “likely in an effort to gain access to sensitive information.”Suggestions
Proofpoint concluded that from intentions to gather sensitive information to attempts to manipulate public perceptions, the knowledge and access that a journalist or news outlet can provide is unique in the public space.The report suggests that journalists be “aware of the broad attack surface—all the varied online platforms used for sharing information and news”—to prevent oneself from becoming a victim; and “ultimately, practicing caution and verifying the identity or source of an email can halt a hacker’s attack in its nascent stage.”
