Over the last few years we have been noticing that Defense contractors have been observing and reporting attacks and the frequency and threats associated with these attacks has increased dramatically. While there are programs in place to share information between Government and industry, there is no common applications, systems or frameworks for the Defense contractors to protect their networks and resources, end users and IT systems.
Defense contractors have to spend large amounts of funding on securing and monitoring their infrastructure due to the constant barrage of attacks and ever changing techniques being employed.
Today's attack is a barrage of Ring Central themed phishing emails being reported specifically from defense contractors. We started seeing this activity on sensors at approximately 2AM EST and it has continued for the last 12 hours. We strongly suggest only accessing known and trusted links but customers utilizing the Jigsaw Security FirstWatch sensors are not vulnerable to this issue as all of the links being observed in the messages are already sinkholed. Even if a user were to click on the link the traffic will be dropped protecting the end user from attack.