Addressing Cyber Threats to Oil and Gas Suppliers, researchers at the Council on Foreign Relations discuss cyber threats against the U.S. oil and gas industries. These threats are of two types -- cyber espionage and cyber sabotage. The authors relate the history of these attacks. They discuss some of the sensitive competitive information that has been stolen through cyber espionage. This data includes strategic plans, competitive bidding data and geologic data. Regarding cyber sabotage, the authors note that despite several attempts at creating physical damage to US infrastructure, cyber sabotage has only managed to incapacitate systems. The authors report that [...]

Today Iconix issued a new whitepaper entitled, Hackers'  Ten Secrets Revealed. In this whitepaper Iconix explains the ten secrets used by hackers to bypass cybersecurity to create an infiltration superhighway. You can download Hackers’ Ten Secrets Revealed for no charge at from the White Papers page on our website.

Examine these emails:             The first email resulted in a fake AP tweet that President Obama was injured in a bombing. That tweet caused stock market loses of $140 billion. The second email brought down the Israeli police. Did you notice that these emails were also suspicious? In the first one, the sender is a different co-worker than the person who signed the email. In the second one, although Benny Gantz, the purported sender, really is the head of Israeli defense forces, would he use a gmail account for official security communications? In the famous [...]

In the on-going battle between malware makers and security vendors, the malware makers are taking a page from the book of legitimate developers and are using QA to test their products to be sure the products are effective.  Unfortunately, in this case effective means effective in evading the tools designed to protect systems. Dancho Danchev, writing in the Webroot Threat Blog in a posting entitled,  How cybercriminals apply Quality Assurance (QA) to their malware campaigns before launching them, describes how online cyber crime tools that have been used by hackers since 2009.  This is a screenshot from one of these online [...]

For fans of intercollegiate football, the name Traveler means one thing -- the USC Trojans mascot. Traveler NetTraveler is a horse of a different color -- a trojan horse that is focused on stealing information. Kaspersky just reported its discovery of NetTraveler, malware that establishes Command & Control (C&C) servers on victim's machines for the purpose of stealing information. NetTraveler has been quietly stealing information since 2004. Kaspersky calculates that there are over 22 gigabytes of stolen data on the NetTraveler C&C servers. Kaspersky observed that 22 gigabytes is only a small fraction of what was stolen because Kaspersky [...]

It is being widely reported in the press that Chinese cyberspies have stolen designs of many leading edge U.S. weapons systems. F-35 Lightning II Joint Strike Fighter The Washington Post lists the stolen technology: The designs included those for the advanced Patriot missile system, known as PAC-3; an Army system for shooting down ballistic missiles, known as the Terminal High Altitude Area Defense, or THAAD; and the Navy’s Aegis ballistic-missile defense system. Also identified in the report are vital combat aircraft and ships, including the F/A-18 fighter jet, the V-22 Osprey, the Black Hawk helicopter and the Navy’s new Littoral [...]

In a detective story worthy of Sherlock Holmes, Norman has uncovered the cyberattack infrastructure that India appears to be using to spy on systems in Pakistan and elsewhere. Anyone interested in a real life IT detective story should read Unveiling an Indian Cyber attack Infrastructure. On March 17, 2013, the Norwegian press reported that Telenor, the Norwegian telecommunications company, had filed a complaint with the Norwegian police about suspected unlawful intrusion into Telenor's computer network.  The intrusion appeared to have been accomplished using --- you guessed it -- spearphishing.  Another example of the triumph of social engineering over technical defenses. As Norman [...]

In a recent blog posting, Seculert  discussed a new malware threat which they have dubbed "Magic Malware." Magic Malware uses a proprietary communications protocol which evades detection by evasion detection software which monitors regular communications protocols.  Seculert observed: This “magic malware” — as we’ve dubbed it — is active, persistent and had remained undetected on the targeted machines for the past 11 months. ... The real intention of the attackers behind this magic malware ... is yet to be known. As the malware is capable of setting up a backdoor, stealing information, and injecting HTML into the browser, we believe that [...]