New research has found that the Emotet malware strain has increasingly been targeting the United State's government and military.
The malware that spreads via email has been infecting organizations across the globe since as far back as 2014, but researchers at Cisco Talos recently discovered that the US government is the latest victim to compromised.
The discovery was made by closely examining the patterns of outbound email associated with the malware.
The malware's successful compromise of at least one US government employee snowballed into what researchers describe as a "rapid increase" in the number of infectious Emotet messages directed at the .mil and .gov TLDs in December 2019.
The malware took a break during the holiday season but is back once again wreaking havoc. Cisco Talos claims that the upward trend in the number of messages directed at .mil and .gov has "continued into January 2020."
Emotet works by stealing someone's email, then impersonating the victim and sending copies of itself in reply. The malicious emails are sent through a network of stolen SMTP accounts.
Recipients, fooled into thinking they are receiving a message from a friend or colleague, open the email and are in turn infected with Emotet.
NNT suggests adopting CIS Control 8: Malware Defenses to defend against the threat of malware. Malware is a huge problem and it puts everyone at risk, so organizations are encouraged to adopt the security control early on in their security and compliance journey.
New Net Technologies (NNT) is now part of Netwrix