[7] Other defense techniques include utilizing complex passwords and passkeys to access websites as well as biometric information to protect data from attacks.
[8] Additionally, websites can enhance protection by disabling or removing vulnerable software, such as Flash and Adobe Reader, which are commonly targeted in cyber attacks.
In December 2012, the Council on Foreign Relations website was found to be infected with malware through a zero-day vulnerability in Microsoft's Internet Explorer.
Energetic Bear began utilizing Havex in a widespread espionage campaign targeting energy, aviation, pharmaceutical, defense, and petrochemical sectors.
[14] Havex exploited supply chain and watering-hole attacks on ICS vendor software in addition to spear phishing campaigns to gain access to victim systems.
[24] Experts provided a detailed technical analysis along with a long list of Indicators of Compromise (IoCs) involved in the campaign, but none could be traced back to an Advanced Persistent Threat.
Further, the nature of the civil suit was a failure to comport relevant documents as part of a FOIA request to the various agencies.ACLU and Privacy International et al v. United States Agencies docket available on Courtlistener.com