Presidential Executive Order On Cybersecurity

On February 12, 2013, President Obama issued an executive order regarding cybersecurity. One of the most useful tools in the cyber attackers' arsenal is email. Email was the means of attack used in simulated attacks conducted by the Department of Homeland Security for the Senate.  Email was the means of attack used against the White House Military Office, the Department of Defense, the U.S. Natural Gas Pipeline Infrastructure, Military Drone Contractors and many others. The reason that attacks use email is because deceptive emails are very effective method to deliver malware into organizations. Iconix has released a new whitepaper, Email [...]

2017-01-07T17:35:20-05:00February 15th, 2013|SP Guard, spear phishing|

Cyberattack on Aerospace

The U.S. aerospace industry is being attacked with zero day exploits of Adobe Flash. How did the attackers install the malware on victims' systems?  The attackers used targeted spearphishing emails.  In this case, the attackers sent an email with an attachment that was the schedule for an upcoming industry conference.  There was no reason for an aerospace engineer to doubt the validity of an email about an upcoming industry conference.  When the victim opened this attachment, the malware was installed.  This is the evil attachment: Of course, because the attachment looks completely benign, the victim has no idea what has [...]

2017-05-23T14:45:10-04:00February 11th, 2013|SP Guard, spear phishing|

New York Times and Wall Street Journal Hacked

It is being widely reported that the New York Times and the Wall Street Journal were the subjects of cyberattacks that compromised their networks.  These attacks appear to have infiltrated the networks with spearphishing emails.  CNN quotes Thomas Parenty, a former employee of the U.S. National Security Agency: To do a spear-phishing attack of this kind is a well-established move in attacks against Google and various U.S. defense contractors from China. You could say the tools are sort of stock-in-trade. How bad is this problem?  Secretary of State John Kerry, at his recent confirmation hearings, said foreign cyber-threats are “the modern day, [...]

2017-01-07T17:35:20-05:00February 1st, 2013|SP Guard, spear phishing|