Phishers Steal $100 Million

August 12, 2015

Federal authorities have shut down a ring of hackers who used techniques such as phishing to infiltrate newswire services to gain access to corporate press releases.

Sec Johnson

Homeland Security Secretary Jeh Johnson briefs the press, flanked by U.S. Attorney Paul Fishman and SEC Chair Mary Jo White.

The indictment alleges how the hackers users used phishing to infiltrate the newswire services and how they used anti-forensics to evade detection for five years. Using these press releases, the criminals were able to make money by quickly placing trades before the public had access to the information.  Learn more at our new blog.


Pentagon Spearphished

August 7, 2015

The Pentagon has been infiltrated by a spearphishing attack that targeted the Joint Chiefs.

pentagon

CNN is reporting that the unclassified email system used by 4,000 users on the Defense Department network has been down for more than 10 days following a sophisticated cyber attack that used spearphishing to compromise the system.

Learn more at our new blog.


Spearphishing? Deciding Isn’t Easy

July 29, 2015

Part of the fallout from the Office of Personnel Management (OPM) data breach is the need to provide identify protection services to the millions of compromised government employees. In its efforts to provide these services to compromised federal workers, the OPM contracted with a private company.  That contractor, CSID, sent an email with a link to enroll in identity protection services.

ArmyTimes reports that acting upon warnings from the Army Threat Integration Center, Fort Meade’s Cyber Security Network Defense Team identified a message from CSID as a spearphishing attempt. The Fort Meade Cyber Security Network Defense Team warned Army personnel to “close the message immediately and report it as spam to the Cyber Security Network Defense Team,” according to a warning posted on the Fort Meade Facebook page.

fort meade

The message has lots of spearphishing red flags to trigger a warning, but it was real.

Learn more at our new blog.


July 22, 2015

Yesterday, Aaron Boyd, a reporter at the Federal Times, wrote that someone tried to plant malware on his system through the use of a fake State Department email. Mr. Boyd wrote that he was able to determine that this attachment was being used to attempt to infect his system.

Fake-Fax

Fake Email Fax

What is unusual about this incident wasn’t the attack — it was the response of the intended victim. Mr. Boyd’s very careful approach to email is laudable — but it is also unusual.  Also yesterday, Ilia Kolochenko, writing in CSO, wrote about ease with which people can be tricked with fake emails.

Learn more at our new blog.

 


OPM – OMG! Update 2

July 13, 2015

OMP Director Katherine Archuleta resigned last week in the wake of the loss of millions of personnel records.

Here’s the latest tally of lost records according to the Washington Post:

Of those whose data was in the OPM background-check system, 19.7 million had applied for a security clearance. An additional 1.8 million were spouses, family members and other non-applicants, officials said.

Also exposed were 1.1 million sets of fingerprints, detailed financial and health records, and computer usernames and passwords that applicants used to fill out their security-clearance forms online.

Meeting with reporters last Thursday, FBI Director Comey said,

It is a very big deal from a national security perspective and from a counterintelligence perspective. It’s a treasure trove of information about everybody who has worked for, tried to work for, or works for the United States government.

No one is saying how the hack was pulled off. In a speech last week, Jeh Johnson, Secretary of Homeland Security, observed,

What amazes me when I look into a lot of intrusions, including some really big ones by multiple different types of actors, it often starts with the most basic active spear-phishing where somebody is allowed in the gate and penetrates a network simply because an employee clicked on something he or she shouldn’t have.

Secretary johnson-official-bio-web

Secretary Johnson

How do you keep people from clicking on something he or she shouldn’t have? That is where SP Guard from Iconix comes into help defend against spearphishing by providing employees with visual trust indicators, helping them tell real emails from clever attacks.


OPM – OMG! Update

July 1, 2015

OPM director Katherine Archuleta told the Senate  and the House Oversight and Government Reform Committee that stolen passwords for a federal contractor were used by hackers in the two cyberattacks targeting federal employee data.

opm director archuleta

 

Learn more at our new blog.


OPM – OMG!

June 25, 2015

Earlier this month, it was reported that the personnel records of 4 million federal employees had been compromised in a cyber attack on the Office of Personnel Management (OPM).  OPM is the US Government’s HR department. As events unfold, it now appears that this breach was much worse than first reported.  The Washington Times is reporting that the breach may involve records of 32 million Americans.

opm testifies

Office of Personnel Management Called Before Congress

Learn more at our new blog.


Follow

Get every new post delivered to your Inbox.