Even after data breaches at multiple agencies and overall vows to do better on cybersecurity, government employees continue to be duped by cyber attackers’ phishing emails. A New York Times report today says over the past month, Iranian hackers successfully used spear phishing emails — specifically designed messages meant to convince a victim to enter account credentials — against State Department officials to gain access to their social media and email accounts. Staffers only discovered their accounts were compromised when Facebook alerted them to suspicious activity. Apparently none of them used two-factor authentication. Iran allegedly targeted these government workers, who focused on Iran and the Middle East, to gain access to their friend network, which presumably consisted of others in the agency.

Apparently none of them used two-factor authentication

Iranian hacking efforts date back to more than a year ago with a major escalation in efforts after the Stuxnet virus destroyed possibly 1,000 of the country’s nuclear centrifuges. That was in 2012. More recently, an Iranian cyberattack was blamed for more than $40 million in damages at the Sands Casino in Las Vegas this past year. From May 2014 and until this summer, iSight Partners, a cybersecurity consulting group, and Check Point, an Israeli cybersecurity company, detailed Iranian hackers’ use of social media to steal government credentials, similarly to this most recent campaign. In these past instances, attackers often posed as reporters and members of a fake news agency to gain access. Their phishing attempts succeeded more than a quarter of the time. However, that effort died down around the signing of the Iranian nuclear deal this past summer. It wasn’t until August that they picked back up.