Oregon.gov domain gets blacklisted after another government employee falls for phishing email
The state of Oregon’s technology department is scrambling to fix a security issue that has essentially cut off its email communications. The Oregon.gov domain was blacklisted by several email providers, including MSN, Hotmail and Outlook after a computer at the Oregon state department was hijacked to deliver millions of spam emails.
The security issue arose after an employee of the Oregon state department reportedly clicked on a phishing email, which ended up giving the attacker access to the state’s computer systems. Oregon state officials said the hackers hijacked the infected computer and generated over 8 million spam emails from the Oregon.gov email address, Oregon Live reported.
As a result, multiple email providers have blacklisted the Oregon.gov domain as spam.
Following the attack, the Department of Administrative Services (DAS) reportedly suggested that Oregon state employees use alternative email addresses to communicate with the public. DAS is now reportedly working with the Department of Enterprise Technology Services and the Enterprise Technology Office to find a solution.
However, the incident indicates that phishing attacks are still rampant and in this case, successful in allowing hackers access to valuable assets.
“Attackers love to steal users’ email log-in credentials from organizations such as the state of Oregon as this access can be used to quickly pivot the attack to breach other organizations that regularly do business with the state. This technique forms the basis of many supply-chain style attacks,” Mimecast security expert Matthew Gardiner told Infosecurity Magazine.