SECURITY
SECURITY
SECURITY
IKEA targeted by attack that uses internal emails to distribute malware
Furniture giant Inter IKEA Systems B.V. has been targeted by an ongoing attack that uses internal emails to distribute malicious links and attachments.
The company warned employees of the attack on Friday, noting that the cyberattack is also affecting other IKEA organizations, suppliers and business partners. Phishing attacks targeting employees at companies are not that unusual, but where the attack on IKEA becomes interesting is that it’s described as a “reply-chain phishing attack.”
That involves those behind it intercepting legitimate emails from corporate addresses and then responding to them from other compromised corporate email accounts. In doing so, the attack is both harder to detect because it appears to come from within the company itself and, for employees, harder to notice.
“This means that the attack can come via email from someone that you work with, from any external organization and as a reply to an already ongoing conversation,” IKEA warned employees. “It is therefore difficult to detect, for which we ask you to be extra cautious.”
IKEA has publicly confirmed the attack, telling ITPro that actions have been taken to prevent damages and that a full-scale investigation is ongoing to solve the issue. The company added that it has no indication that customer data has been compromised.
“Employees have been trained to look out for email for nonofficial sources,” Purandar Das, founder and president of data security platform company Sotero Inc., told SiliconANGLE. “They will by nature tend to be less concerned about an email that purportedly is sourced from a fellow employee. What is concerning is the continued evolution of these attack strategies — leveraging a weakness in the email server to launch a phishing attack. The fact that the attackers have access to the email server and the emails could lead to more nefarious activities.”
Saryu Nayyar, chief executive officer of security information and event management company Gurucul Solutions Pvt. Ltd., noted that if you get an email from someone you know, or that seems to continue an ongoing conversation, you are probably inclined to treat it as legitimate.
“No business is safe from cyberattack — whether it’s for the purpose of ransomware, business disruption, or simply for spite, even seemingly innocuous companies are facing harm,” Nayyar added. “And this attack is particularly insidious, in that it seemingly continues a pattern of normal use.”
Photo: Kgbo/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
