Nation-state Hackers Breached 2 US Municipalities

Picture of Hodgson Consulting & Solutions

Hodgson Consulting & Solutions

Breach Alert

“Nation-state hackers breached the networks of two US municipalities last year, the FBI said in a security alert sent to private industry partners last week. The hacks took place after attackers used the CVE-2019-0604 vulnerability in Microsoft SharePoint servers to breach the two municipalities’ networks.” (, 2020) So what does this mean? “The FBI says that once attackers got a foothold on these networks, “malicious activities included exfiltration of user information, escalation of administrative privileges, and the dropping of web shells for remote/backdoor persistent access.” (, 2020) Reports indicate that these types of attacks are not unique, nor are they the firsts of their kinds. In fact, throughout 2019 this exact SharePoint vulnerability was recorded as “one of the most exploited security flaws.” Diving deeper, “neither agency named the perpetrators of these attacks, but US cyber-security firm Palo Alto Networks linked the two reports to APT27 (Emissary Panda), a hacking group with ties to the Chinese government. It is unclear if the same Chinese hacking group was also behind the attacks on the two US municipalities. ZDNet could not confirm any links between the FBI report and past APT27 activity and indicators of compromise.” (, 2020)

Outside of the federal government, on a more direct person-to-person scale, “there’s been a large rise in cyber criminals using a particular phishing technique to trick workers into unwittingly installing malware, transferring money, or handing over their login credentials.” (, 2020) According to reports, “in conversation-hijacking attacks, hackers infiltrate real business email threads by exploiting previously compromised credentials –perhaps purchased on dark web forums, stolen or accessed via brute force attacks – before inserting themselves into the conversation in the guise of one of the group.” (, 2020)

How it Could Affect You

While you may believe that it is the government’s job to protect government information and government assets, it is certainly a business owner’s responsibility to protect its company and employees from the phishing techniques noted above. That protection starts with education. Learning about the Dark Web, and how it works is a good starting point and a rather hot topic this day and age. You can equip yourself with more knowledge as well as your employees by joining us for our upcoming webinar on Thursday, January 23, 2020. This will be a great resource for you, as a business owner, as well as your employees. Sign up to attend today!

Hodgson Can Help

Don’t let not knowing be your excuse for falling for these common and frequent schemes of cybercriminals. Here at Hodgson Consulting & Solutions, we specialize in securing data and information loss prevention for companies with multiple locations and/or a remote workforce.  Contact us to receive a FREE 17-Point Confidential Technology Security Consultation and learn more about our Managed Security Service Plans. Contact our office today at 847-906-5005.

Share Post: