RSA 2015 – Lessons from 1919

We attended the RSA Conference in San Francisco this week.  There are two giant convention halls filled with latest in information security.  In addition to the in-booth presentations, there are continuous presentations and panels discussing security.  Jeh Johnson, the Secretary of the Department of Homeland Security, was a keynote speaker. Yet, in this sea of the new, the most interesting thing was something patented almost a century ago. In the NSA’s booth (yes, that NSA) was this: A wooden box about the size of a toaster oven — an Enigma machine.  The Enigma machine was patented in 1919.  The Germans [...]

2017-01-07T17:35:10+00:00April 24th, 2015|Cybersecurity - General, SP Guard, spear phishing|

APT30 – Decades Long Cyberattack

This week, FireEye released their latest APT report - APT30: The Mechanics Behind a Decade Long Cyber Espionage Operation.  The sub-title summarizes the findings: How a Cyber Threat Group Exploited Governments and Commercial Entities across Southeast Asia and India for over a Decade. What are the surprises in APT30? There are no surprises in APT30.  The bad guys engage in anti-forensics to avoid detection. APT30 tells us that the bad guys use spearphishing to make their initial infiltration: APT30 LEVERAGES MAJOR POLITICAL TRANSITION AS PHISHING LURE CONTENT IN CAMPAIGN GEARED TO KEY POLITICAL STAKEHOLDERS This is a sample of the lures used to [...]

2017-01-07T17:35:10+00:00April 17th, 2015|Cybersecurity - General, SP Guard, spear phishing|

Russians Access President’s Schedule

Russian hackers used compromised systems at the Executive Office of the President to access the President's schedule. How could Russian hackers get to the President's schedule?  CNN reports: As in many hacks, investigators believe the White House intrusion began with a phishing email that was launched using a State Department email account that the hackers had taken over, according to the U.S. officials. All the advanced cyber-defenses used to protect the White House were defeated by tricking users with deceptive emails. Spearphishing is not a casual hit and miss activity, it is the precise application of Military Deception. This is the [...]

2017-01-07T17:35:11+00:00April 8th, 2015|Cybersecurity - General, SP Guard, spear phishing|

Cybersecurity Is No Joke – It Is A National Emergency

On April Fools' Day President Obama issued an executive order entitled, "BLOCKING THE PROPERTY OF CERTAIN PERSONS ENGAGING IN SIGNIFICANT MALICIOUS CYBER-ENABLED ACTIVITIES." This was not an April Fools' prank. In the executive order the President observes that cyber-enabled threats "constitute an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States." In the executive order, the President declares a national emergency to deal with this threat. It is well-known that the most common method used by foreign powers to infiltrate U.S. Government systems is spearphishing.

2017-01-07T17:35:13+00:00April 3rd, 2015|Cybersecurity - General, SP Guard, spear phishing|