We have posted our second video on our new YouTube channel. In this video, we discuss using SP Guard to identify attacks before systems are compromised. You see us discuss time fairly often. This is because APT is a race -- it is a race between the spies trying to exfiltrate information and the defenders seeking to stop the spies before the exfiltration. As the United States Senate told us earlier this week, the spies are winning this race. Of course, please check out our YouTube channel.
On September 17, 2014, the Senate Armed Services Committee released a declassified version of its report Inquiry into Cyber Intrusions Affecting U.S. Transportation Command Contractors. In the report the Committee detailed intrusions into key US defense transportation assets. This passage from page viii is representative of the Committee's findings. What is the sophisticated cyber method used by these APT actors? Spearphishing. The classic cyber-intrusion method in which the attacker sends the intended victim a deceptive email. Taking the action called for in the deceptive email initiates a chain of events which compromises systems. After this chain of events is initiated, cyber defenders [...]
We just launched the Iconix YouTube Channel. Check out our first video in which we discuss "1% Defenses" -- how you can help protect your organization against the small number of dangerous emails that evade email defenses. You may notice a new look for SP Guard in the video. More on this exciting new implementation choice later.
A recent blog posting by Cyveillance, the cyber intelligence company, discusses the fake airline ticket scam that you may have been hit with. This is what the email looks like: This is the classic email infiltration attack -- create a message that triggers Vishwanath's response triad: Perceived Relevance Urgency Habit Cyveillance provides an excellent discussion of the malware delivered in this attack. They also provide this closing observation: The moral of this story is to always beware of unsolicited email and definitely don’t open attachments from unknown sources. The moral of the story discloses the most important tool in the attacker's arsenal: [...]
The FBI and Secret Service are investigating a cyber attack on the largest bank in the United States, JP Morgan. ABC News reports: What was the "hack" used in this advanced attack? SANS Institute, the cyber security research and training organization reports: You will not be surprised to learn that this attack, like many such attacks these days, began with a carefully and artfully crafted bait message sent via e-mail. Elaborate security defeated with a deceptive email - spearphishing. Spearphishing is nothing more than deception perpetrated in email. It is easy to deceive email recipients. Letting users decide which emails to [...]