Federal agencies warn that hackers are targeting US think tanks

The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) warned Tuesday that major hacking groups are targeting U.S. think tanks.

The agencies put out an alert noting that advanced persistent threat (APT) hacking groups were mainly targeting think tanks and individuals involved with international affairs or national security policies.

The targeting involved malicious phishing emails, and attempted to exploit vulnerabilities in remote networks and other internet-connected devices.

“Given the importance that think tanks can have in shaping U.S. policy, CISA and FBI urge individuals and organizations in the international affairs and national security sectors to immediately adopt a heightened state of awareness,” the agencies wrote in the alert.

The agencies noted that the move to increased teleworking during the COVID-19 pandemic had increased the threat surface for attackers, including through the ability to target virtual private networks used to access secure work networks remotely.

“When successful, these low-effort, high-reward approaches allow threat actors to steal sensitive information, acquire user credentials, and gain persistent access to victim networks,” the agencies wrote.