Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Officials: Washington Being Targeted by Phishing Campaign

Washington state is among those being targeted by a “large-scale, highly sophisticated” nationwide phishing campaign, the office of Gov. Jay Inslee said Thursday.

Washington state is among those being targeted by a “large-scale, highly sophisticated” nationwide phishing campaign, the office of Gov. Jay Inslee said Thursday.

At a press conference Thursday, Inslee said that the state is taking proactive measures to protect state systems, but he said that no ransomware activity has occurred among the agencies targeted, and no state services have been impacted.

“We’re using every resource at our disposal to prevent these criminals — and that’s what they are — from potentially putting us in that position,” Inslee said.

Inslee and other officials wouldn’t provide specifics about the phishing activity, citing security reasons, but said a recent uptick in efforts had caused concern.

“We’ve seen a ramp up in activity over the past week, which is why we are taking the proactive measures we’re taking to make sure that we’re doing the due diligence that we need to do to protect the state and the state assets and resources,” said James Weaver, the state chief information officer. Weaver said that no personal information was obtained in any of the recent phishing efforts.

Weaver said that private and public entities across the country have been subjected to phishing attacks, and that the state is working with the Department of Homeland Security and other federal partners to combat the attacks. Inslee announced that he was activating the state’s emergency operations center and the National Guard’s cybersecurity team.

“We take this very seriously and it’s been all hands on deck,” Inslee said.

Weaver and Vinod Brahmapuram, the state chief information security officer, said that they haven’t seen any indicators that there were attempts to exploit the state’s election infrastructure but said they would continue to work with Secretary of State Kim Wyman.

“We will continue to work very collaboratively as we look at what we’re seeing as well as the activities that they may be seeing to make sure we are doing a coordinated and comprehensive response,” Weaver said.

An email from Inslee’s office said that an indicator in the current phishing campaign is that the sender’s email address doesn’t match the person supposedly sending the email.

Brahmapuram said that these phishing efforts are prevalent across the globe, and “that’s why it’s important for all of us to be so vigilant.”

“We cannot let our guards down, we have to always pay attention to what is coming through, what we click, what we do,” he said.

Related: U.S. Election Administrators Failed to Implement Phishing Protections: Study

Related: The Evolution of Phishing: Welcome “Vishing”

Related: CISA Warns of Phishing Emails Delivering KONNI Malware

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.