Recent press reports tell us that Google has solved the phishing problem. These stories trace their source back to a posting on KrebsonSecurity dated July 23, 2018, entitled Google: Security Keys Neutralized Employee Phishing. Krebs summarizes the solution: The basic idea behind two-factor authentication is that even if thieves manage to phish or steal your password, they still cannot log in to your account unless they also hack or possess that second factor. This is clearly an important protection against a particular subset of the phishing problem -- use of stolen credentials. But it hardly neutralizes phishing. The day after describing [...]
On July 13, 2018, the Special Counsel indicted 12 Russian GRU agents for interfering in the 2016 U.S. presidential election. The indictment provides a detailed description of how spearphishing works. For example, paragraph 21 of the indictment states, ANTONOV, BADIN, YERMAKOV, LUKASHEV, and their co-conspirators targeted victims using a technique known as spearphishing to steal victims’ passwords or otherwise gain access to their computers. Beginning by at least March 2016, the Conspirators targeted over 300 individuals affiliated with the Clinton Campaign, DCCC, and DNC. Spearphishing attacks systems by attacking the users. SP Guard provides users with defenses against these attacks.
Today our OpEd, DMARC Will Not Make Email Secure, was published in Infosecurity Magazine. We hope you find it interesting.
On May 7, 2018, the FBI published its report of online crimes, 2017 Internet Crime Report. This vis summaries the FBI's findings: The largest losses were attributed to the Business Email Compromise/Email Account Compromise in which the victim is tricked into sending money to criminals. This crime is almost exclusively committed using deceptive emails. Deceptive emails are also used to commit other internet crimes such as data breaches, identity theft, phishing, and ransomware. SP Guard fights email deception by helping users identify suspicious emails.
The FBI warns that cyber criminals are sending phishing emails that impersonate the FBI! Why does this scam work? Because it is easy for cyber criminals to create very convincing emails that appear to come from the FBI. The FBI gives some examples here. How big a problem is fake email? What are the big cyber crime problems? Check in next week when we discuss the FBI's recently released 2017 Internet Crime Annual Report.
Today the House Permanent Select Committee on Intelligence released its Report on Russian Active Measures. This report describes the measures the Russians took to interfere in elections in the United States and Europe. Starting on page 22 and ending on page 28 the Committee explains in detail how the Russians conducted their cyberattacks. With the exception of the introductory and concluding text, the only unredacted materials are this box on page 23: And the caption "Attribution is a Bear" on page 26. A discussion of Guccifer, a Russian hacking persona, follows the redacted discussion of how the Russians conducted their [...]
The business email compromise (BEC) is a phishing scam in which the bad guy uses deceptive emails to trick accounting personnel into misdirecting money. The FBI calls BEC a $5 Billion scam. It is now being reported that Lazio, an Italian professional soccer club, lost €2 million to phishers. The phishers sent an email to Lazio which demanded payment of a player transfer fee to Feyenoord, another professional soccer club. Unknown to the victims, the bank to which they sent the money was not Feyenoord's bank account.
On Friday, March 23, 2018, the United States Justice Department charged nine Iranians with the cyber theft of massive amounts of U.S. intellectual property. Quoting from the Justice Department press release: The defendants were each leaders, contractors, associates, hackers-for-hire or affiliates of the Mabna Institute, an Iran-based company that, since at least 2013, conducted a coordinated campaign of cyber intrusions into computer systems belonging to 144 U.S. universities, 176 universities across 21 foreign countries, 47 domestic and foreign private sector companies, the U.S. Department of Labor, the Federal Energy Regulatory Commission, the State of Hawaii, the State of Indiana, the [...]
The Office of the Director of National Intelligence (ODNI) recently released a new Cyber Threat Framework. Our commentary regarding the ODNI's framework was just published by the Small Wars Journal. You can download a pdf version from our website.
Yesterday the Department of Homeland Security issued an alert entitled, Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors. The alert warns about how the Russians are seeking to interfere with critical U.S. infrastructure using cyber tools. How bad is the problem? This is a screen shot reconstruction of Russians gaining unauthorized access to an industrial control system. DHS used Lockheed's 7-Stage Cyber Kill Chain framework to describe the details of the Russian threat. Reconnaissance. The Russians researched their targets for information to use in spearphishing emails. There were two classes of targets. There are "staging targets" which were [...]