Citizen Lab, an interdisciplinary laboratory based at the Munk School of Global Affairs, University of Toronto, Canada focusing on advanced research and development at the intersection of Information and Communication Technologies (ICTs), human rights, and global security, is reporting on a targeted attack using spearphishing that appears to be the work of the Islamic State of Iraq and Syria (ISIS). This attack was targeted at Raqqah is being Slaughtered Silently (RSS), a Syrian group of citizen journalists which focuses its advocacy on documenting human rights abuses by ISIS elements occupying the city of Ar-Raqah. The attack was the classic spearphishing cyberattack - an unsolicited e-mail containing a [...]
ICANN is responsible for the coordination of maintenance and methodology of the internet domain names. On December 16, 2104, ICANN announced: ICANN is investigating a recent intrusion into our systems. We believe a "spear phishing" attack was initiated in late November 2014. It involved email messages that were crafted to appear to come from our own domain being sent to members of our staff. The attack resulted in the compromise of the email credentials of several ICANN staff members. We are reminded yet again that deceiving users with spearphishing is an excellent means to infiltrate systems. ICANN couldn't stop phishing. Can you? [...]
SecurityWeek is reporting that a cyber attack which used spearphishing to gain system access has resulted in substantial damage to a steel plant in Germany. Control components and entire production machines suffered outages due to the attackers' actions. The outages prevented the plant from appropriately shutting down a blast furnace, leaving it in an undetermined state. This resulted in significant damage to the plant, [Germany's Federal Office for Information Security] noted in its report. This is yet another powerful demonstration of the impact of deceptive emails.
Writing in CNN Opinion, Professor Arun Vishwanath of the University at Buffalo discusses the ease with which hackers can invade networks using spearphishing. He writes: Hackers often enter networks through simple phishing attacks, attacks that these days are actually simpler but more insidious than the infamous Nigerian phishing scams. Now, instead of trying to persuade you to part with your money in exchange for a nonexistent financial windfall, emails from trusted sources ask you to check out a photograph, click on a hyperlink to an interesting story or enter your login on an official-looking webpage. Complying with any of these [...]
On December 2, 2014, the United States Patent and Trademark Office issued Iconix its sixth patent titled "RAPID IDENTIFICATION OF MESSAGE AUTHENTICATION." The abstract for U.S. Patent 8,903,742, dated December 2, 2014, states: "Techniques are presented for uniquely identifying authentication associated with messages.” Iconix filed the patent on October 10, 2011. Technology from this patent is used in all of the Iconix® offerings, including the Iconix Truemark® service, which helps protect consumer users from phishing attacks, and Iconix SP GuardTM, which protects enterprises from spear-phishing attacks. The Iconix services utilize the two main forms of email authentication – Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) – to [...]
The Canadian National Research Council has been compromised in a cyberattack. The Canadian National Research Council (NRC) is the Government of Canada's premier research and technology organization. The attack forced the shut down of NRC's computer network in July. The attackers sought to steal valuable trade secrets and intellectual property. The attack is being blamed on China. CBC News describes the details of the attack: The cyber response centre's report details the "exploitation cycle" of the attack, saying it began with the collection of valid email addresses for research council employees. Messages containing malicious links were then sent to the [...]
Cylance has just released its "Operation Cleaver" report. After two years of investigation, Cylance concludes: Since at least 2012, Iranian actors have directly attacked, established persistence in, and extracted highly sensitive materials from the networks of government agencies and major critical infrastructure companies in the following countries: Canada, China, England, France, Germany, India, Israel, Kuwait, Mexico, Pakistan, Qatar, Saudi Arabia, South Korea, Turkey, United Arab Emirates, and the United States. Cylance provides this map of the victims: Source: Cylance How did the attackers gain access to the targeted systems? Cylance reports that the attackers used SQL injection and Spearphishing. Spearphishing [...]
It is being widely reported in the press that Sony has been hacked again. Unreleased movies are now posted on line. Confidential HR data has been released. Employees have taken a step back into the 1980's, replacing email with telephones, handwritten notes and fax machines (Mommy, whats a fax machine?"). Nobody knows who did this, but the suspicion is that North Korea has done this in retribution for the pending release of a movie found objectionable by the PRK government. re/code has good coverage of this evolving story. How could the PRK infiltrate Sony networks? HP looked at this issue [...]