国安部披露：反华势力“钓鱼式”网络攻击，多家单位邮箱被控用

Core Points - A recent cyber attack targeting a government agency's work email system was conducted by foreign anti-China hostile forces, leading to multiple email accounts being compromised [1][2] - The attack involved phishing emails that allowed attackers to gain access to email accounts, which were then used to spread malware to other connected accounts, complicating defense efforts [2][3] - The targeted agency is a management department in a specific industry, which is of high interest to foreign espionage and hostile forces, posing significant risks to national security if sensitive information is stolen [3] Summary by Sections Cyber Attack Details - The attack was executed through technical means or phishing emails, allowing the hostile forces to gain login credentials for certain work email accounts [2] - Compromised accounts had their automatic reply functions activated, sending out infected replies to any incoming emails, thus expanding the attack's reach [2] Vulnerability Assessment - The targeted agency showed weaknesses in network security management, with issues such as shared accounts and poor permission management [3] - There was a lack of strict enforcement of security measures like mandatory encryption and regular virus scans on office terminals, leading to cross-infection risks [3] Recommendations from National Security Authorities - Emphasize the importance of security awareness and training to recognize phishing attempts and suspicious emails [4] - Recommend the use of strong passwords and two-factor authentication to enhance email account security [4] - Advise on improving endpoint protection by using secure email systems and ensuring all devices accessing work emails have updated antivirus software [4]