How Do Hackers Infiltrate Systems?

The accounts of tens of millions of Anthem members are stolen.  $1 billion are stolen from banks. Sony Pictures is compromised. The Chinese steal US military aircraft plans. The President of the United States decries the losses and appoints someone to fix the problem.  Yet, what is the problem?  Professor Arun Vishwanath, writing in  The Conversation tells us that the system resource being exploited over and over and over again isn't some router or disk drive or program -- it is you, the person operating the machine. It's You! In Before decrying the latest cyberbreach, consider your own cyberhygiene, [...]

Three Months Later, State Department Hasn’t Rooted Out Hackers

Three Months Later, State Department Hasn’t Rooted Out Hackers. This headline from yesterday's Wall Street Journal speaks volumes about cyber security.  Back in November of 2014, it was discovered that someone had compromised the unclassified email system of the U.S. State Department. Since that time, a process which Iconix calls "The Chase" has played out in which the good guys try to remove the bad guys from systems while the bad guys undertake to maintain their evil presence.  In this case, the National Security Agency is chasing Russian? infiltrators. NSA Director Adm. Rogers How did these hackers get into the [...]

2017-01-07T17:35:13+00:00February 20th, 2015|Cybersecurity - General, SP Guard, spear phishing|

Spearphishers Steal $1 Billion From Banks

The Telegraph is reporting that Kaspersky labs has uncovered "what is thought to be the biggest ever cybercrime with more than £650 million going missing from banks around the world." The article relates a number of methods the attackers used to steal $1 billion from more than 100 financial institutions. Our favorite was instructing ATM machines to spit out cash.  How did they do it?  Clearly, they had to use pretty clever software and knowledge of the banks' systems. But, not matter how clever they are, the first problem is breaking into the banks systems.  How did they infiltrate the banks?  How did [...]

2017-01-07T17:35:13+00:00February 15th, 2015|Cybersecurity - General, SP Guard, spear phishing|

Anthem Breach – More Info, More Bad News

Brian Krebs, the author of the must-read Krebs on Security Blog, has reported new information about the Anthem breach. Krebs reports two new facts: The breach actually started in April 2014, not December 10, 2014, as previously reported. Thus, the January 27, 2015, discovery represented a breach of many months instead of a few weeks. The method of intrusion was spearphishing. This diagram from Crowdstrike is reproduced on Krebs on Security: Krebs observed that in this detailed diagram of the attack elements (right down to the IP addresses), one element is redacted. What could this redacted item be? Krebs concludes that it is the [...]

2017-01-07T17:35:13+00:00February 12th, 2015|Cybersecurity - General, SP Guard, spear phishing|

Anthem Breach – Good Luck Finds Attack

John Kindervag, an analyst with Forrester Research, quoted in the New York Times, made a key observation about the recent data loss at Anthem: “All cybercrime is an inside job,” he said, because the criminals are able to penetrate a database from the outside and act as an insider in gaining access to data, which is what occurred in the Anthem breach. The inside nature of the Anthem breach is detailed on Krebs on Security. Brian Krebs cites an internal Anthem memo:  On January 27, 2015, an Anthem associate, a database administrator, discovered suspicious activity – a database query running [...]

2017-01-07T17:35:13+00:00February 6th, 2015|Cybersecurity - General, spear phishing|

Mata Hari 2.0

It is hard to defeat technical system security. However,  it is easy to trick system operators into compromising system security. People are the weakest link in cybersecurity. Realizing that even rebel fighters need love, cyberwarriors supporting the Syrian regime used the oldest trick in the book -- feminine allure -- for cyberespionage. In a modern update of Mata Hari, Syrian cyberwarriors created a fake online persona and used it to trick a rebel fighter into compromising his system. Mata Hari 2.0 This is an excerpt from the online chat: With ill-gotten system access yielded through deception, forces loyal to Assad [...]

2017-01-07T17:35:13+00:00February 4th, 2015|Cybersecurity - General|