Phishing and Spearphishing Trends

The Guardian is reporting on the decline of phishing -- random emails intended to deceive such as the Nigerian millionaire scams -- and the increase in spearphishing -- targeted emails that are customized to deceive particular recipients. The article quotes Seth Berman, executive managing director at Stroz Friedberg: The weakest link in computer security is the individual user and they may not realise how easy it is to be fooled into being that weak link … phishing emails are becoming increasingly elaborate and are now successfully used to obtain trade secrets, commercially sensitive information and intellectual property. The article concludes that [...]

2017-01-07T17:35:19-05:00July 25th, 2013|SP Guard, spear phishing|

You Can’t Fire Cannons At The Internet

The Wall Street Journal is reporting that US internet providers cooperated with the United States Government to block Chinese IP addresses that were used in cyber attacks.   Click to Go To Video The cooperation of US internet providers implemented a key cyber-defense doctrine of the United States -- Information Sharing.  Information sharing was ordered in the President's February 12, 2013 executive order.  The core concept of information sharing, as this graphic from US-CERT shows, is that by sharing information about cyber-threats, the threats can be quickly identified and prompt remedial action can be taken to defend [...]

2017-05-23T14:34:31-04:00July 22nd, 2013|SP Guard, spear phishing|

Researchers Infiltrate Bank Using Spearphishing

The Korea Herald is reporting that researchers from the Korea Advanced Institute of Science and Technology, working as white hat attackers, we able defeat bank security in just a couple of weeks. The simulated cyber attack, led by Lim Chae-ho, professor of information security at KAIST, worked as follows: When an official of the bank opened an email sent by the hackers, malware hidden in the email quickly infiltrated the computers in the network, neutralizing the antivirus system and threatening to disrupt the bank’s data and service systems entirely. The Korea Herald reports that North Korea using using a force of [...]

2017-01-07T17:35:19-05:00July 19th, 2013|SP Guard, spear phishing|

Cyber threats to US Oil and Gas Infrastructure

Addressing Cyber Threats to Oil and Gas Suppliers, researchers at the Council on Foreign Relations discuss cyber threats against the U.S. oil and gas industries. These threats are of two types -- cyber espionage and cyber sabotage. The authors relate the history of these attacks. They discuss some of the sensitive competitive information that has been stolen through cyber espionage. This data includes strategic plans, competitive bidding data and geologic data. Regarding cyber sabotage, the authors note that despite several attempts at creating physical damage to US infrastructure, cyber sabotage has only managed to incapacitate systems. The authors report that [...]

2017-01-07T17:35:19-05:00July 4th, 2013|SP Guard, spear phishing|

Hackers’ 10 Secrets Revealed

Today Iconix issued a new whitepaper entitled, Hackers'  Ten Secrets Revealed. In this whitepaper Iconix explains the ten secrets used by hackers to bypass cybersecurity to create an infiltration superhighway. You can download Hackers’ Ten Secrets Revealed for no charge at from the White Papers page on our website.

2017-01-07T17:35:19-05:00July 4th, 2013|SP Guard, spear phishing|

The Nobel Prize and Spearphishing

Examine these emails:             The first email resulted in a fake AP tweet that President Obama was injured in a bombing. That tweet caused stock market loses of $140 billion. The second email brought down the Israeli police. Did you notice that these emails were also suspicious? In the first one, the sender is a different co-worker than the person who signed the email. In the second one, although Benny Gantz, the purported sender, really is the head of Israeli defense forces, would he use a gmail account for official security communications? In the famous [...]

2017-01-07T17:35:19-05:00July 4th, 2013|SP Guard, spear phishing|