Monthly Archives: April 2014

Cyberespionage Expands

Verizon has just release their 2014 Data Breach Investigations Report.

Figure 6 shows the rapid growth of cyberespionage:

figure 6

Figure 61 shows a decline in spearphishing from 95% to 78%.

figure 61

So, what’s happening?  Is spearphishing on the way out?  Hardly.  Verizon writes:

It’s interesting that, while the array of tools is diverse, the basic methods of gaining access to a victim’s environment are not. The most prolific is the old faithful: spear phishing. We (and others) have covered this ad nauseam in prior reports, but for both of you who have somehow missed it, here goes: A well-crafted and personally/professionally-relevant email is sent to a targeted user(s), prompting them to open an attachment or click a link within the message. Inevitably, they take the bait, at which point malware installs on the system, a backdoor or command channel opens, and the attacker begins a chain of actions moving toward their objective. The proportion of espionage incidents incorporating phishing is lower than our last report (it was 95%), but not because of a drop in actual frequency. This is primarily due to a big increase in the use of strategic web compromises (SWCs) as a method of gaining initial access.

Using SP Guard, IT can determine a list of trusted senders and provide this information to staff in a simple and highly effective manner.

You can contact us at  408-727-6342,ext 3 or use our online form.

FireEye Releases 2014 M-Trends Report

FireEye has released the 2014 edition of the M-Trends report.  If you care about APT, you should read this report. If you don’t care about APT, you should read this report — then you will care about APT.  Spearphishing dominates the report as the infiltration means of choice.

There are two graphics from the report which emphasize a point we made in Time – It’s on the Attackers’ Side.

Time On Target

Time On Target

Time To Compromise

 

The lesson here is to deny time on target by interrupting the kill chain as early as possible. SP Guard disrupts the kill chain before the intrusion. To learn more you can contact us at  408-727-6342,ext 3 or use our online form.

What’s A Logo Worth?

With all the attention of hacking and malware and badguys, we sometime lose sight of the branding side of Iconix, our Truemark service. The core issue in branding emails and identifying trusted emails is the same — reliable identification of the source of the message. In our SP Guard security offering, knowing who sent the email helps recipients avoid being taking in by deception.  In the Truemark service, we put senders’ logos in the inbox to extend consumers’ engagement with the brands they love.

How valuable is a brand?  Do consumers really care about brands?  From a fascinating infographic by FinancesOnline.com:

brand value

Click here to see the entire infographic.

 

Targeted Attacks Up 91% in 2013 – Symantec

Symantec has released their 2014 Internet Security Threat Report. Some of the key findings:

  • 91% increase in targeted attacks campaigns in 2013
  • 62% increase in the number of breaches in 2013
  • Over 552M identities were exposed via breaches in 2013
  • 23 zero-day vulnerabilities discovered
  • 1 in 392 emails contain a phishing attacks

This Symantec infographic is particularly revealing:

 

Symantec Infographic

 

The attackers have modified their attack methodology to stay below the radar.  How can you defend against spearphishing when the attackers are creating fewer forensic artifacts?   You can implement a defense that works at the point of the attack – user deception. Iconix provides this layer of protection – we let IT give users simple visual indicators so that users can make better email processing decisions.

Using SP Guard, IT can determine a list of trusted senders and provide this information to staff in a simple and highly effective manner.

You can contact us at  408-727-6342,ext 3 or use our online form.

Somebody Hacked My Car!

Cyber attackers covet credentials — with user credentials the hacker becomes the user.

What happens when your car is a computer?  The Tesla S is a mobile computer.

tesla

 

 

Owners are provided with an app that lets them locate their car and open it. Nitesh Dhanjani, a corporate security consultant, recently discovered that the tried and true methods of hacking which steal credentials for computers (think — phishing) work to steal credentials for cars.  He reported his findings at a recent Black Hat conference in Singapore:

If a password is stolen or cracked, someone could locate and gain access to the car and steal its contents, but not drive it.

Why can’t they steal your car after they find it and unlock it?  Here, Tesla is one step ahead of the bad guys —  a key fob which only operates its assigned car must be present to drive the car.

It’s not just your car. Read about 19 hacks that will keep you night.