More Promo Cyber Attacks Reported; Western Officials Point to Russia

The Russian government is supporting cyberattacks against Western targets that range from individuals to small businesses and large corporations, said cybersecurity officials in the U.S. and United Kingdom. Issued earlier this week, the warning about the Kremlin’s alleged attack campaign comes at a time in which a growing number of North American promotional products companies said they’re being targeted by malware viruses that can cripple computer networks, email and phone systems.

Counselor reported Tuesday that several promo industry firms had been victimized by the virus, which was launched, in at least a couple instances, by clicking a link in an email asking to confirm shipping information. The email appeared to be from a customer, but was in fact from hackers.

Since Counselor’s Tuesday report, additional ad specialty companies, including both suppliers and distributors, said they have been targeted by malware attacks. In some cases, the threat was identified before it could be launched.

High Caliber Line (asi/43442) was among the companies that spoke with Counselor on the record about the attacks. The Irwindale, CA-based supplier’s IT team beat back a “TrickBot” virus that first struck on April 12th. The virus was accidentally launched again Monday, and seemed to be battled into submission by its IT pros. However, the virus was able to regenerate from a computer at a second facility that had not been cleaned, giving High Caliber Line a third round of trouble. Still, the company’s IT team ultimately defeated the malware and installed a next generation of anti-virus protection. Things are back to normal now. “The last (week) has been one of the most stressful in my 35-plus year career,” Les Dorfman, executive vice president of High Caliber Line, told Counselor.

According to cybersecurity officials in the U.S. and U.K., state-sponsored Russian hackers are targeting millions of computer networks throughout the world in attacks aimed at routers, switches and firewalls. The onslaught could be for espionage, to steal intellectual property, and/or to gain control of computer equipment from which future attacks can be launched.

“We hold the Kremlin responsible,” Jeanette Manfra, assistant secretary for cybersecurity at the Department of Homeland Security, was quoted as saying in USA Today.

Officials encouraged companies and individuals to take added precautions to protect their computer networks. This includes changings passwords, updating anti-virus protection and otherwise strengthening devices to stop them from being overrun by hackers.

In elaborating on the attacks, U.S. and U.K. cyber officials said the Russians could be seeking to spy on companies and people, stealing their intellectual property and important data used to run businesses. Additionally, the Russians could be establishing a type of cyber beachhead from which they could launch infrastructure-debilitating attacks on banks, utilities and manufacturing concerns in the lead up to a military conflict with the U.S. and U.K. Such a scenario has long been feared by Western military officials. “This is a global threat," Manfra said.