Spearphishing? Deciding Isn’t Easy

July 29, 2015

Part of the fallout from the Office of Personnel Management (OPM) data breach is the need to provide identify protection services to the millions of compromised government employees. In its efforts to provide these services to compromised federal workers, the OPM contracted with a private company.  That contractor, CSID, sent an email with a link to enroll in identity protection services.

ArmyTimes reports that acting upon warnings from the Army Threat Integration Center, Fort Meade’s Cyber Security Network Defense Team identified a message from CSID as a spearphishing attempt. The Fort Meade Cyber Security Network Defense Team warned Army personnel to “close the message immediately and report it as spam to the Cyber Security Network Defense Team,” according to a warning posted on the Fort Meade Facebook page.

fort meade

The message has lots of spearphishing red flags to trigger a warning, but it was real.

Learn more at our new blog.


July 22, 2015

Yesterday, Aaron Boyd, a reporter at the Federal Times, wrote that someone tried to plant malware on his system through the use of a fake State Department email. Mr. Boyd wrote that he was able to determine that this attachment was being used to attempt to infect his system.

Fake-Fax

Fake Email Fax

What is unusual about this incident wasn’t the attack — it was the response of the intended victim. Mr. Boyd’s very careful approach to email is laudable — but it is also unusual.  Also yesterday, Ilia Kolochenko, writing in CSO, wrote about ease with which people can be tricked with fake emails.

Learn more at our new blog.

 


OPM – OMG! Update 2

July 13, 2015

OMP Director Katherine Archuleta resigned last week in the wake of the loss of millions of personnel records.

Here’s the latest tally of lost records according to the Washington Post:

Of those whose data was in the OPM background-check system, 19.7 million had applied for a security clearance. An additional 1.8 million were spouses, family members and other non-applicants, officials said.

Also exposed were 1.1 million sets of fingerprints, detailed financial and health records, and computer usernames and passwords that applicants used to fill out their security-clearance forms online.

Meeting with reporters last Thursday, FBI Director Comey said,

It is a very big deal from a national security perspective and from a counterintelligence perspective. It’s a treasure trove of information about everybody who has worked for, tried to work for, or works for the United States government.

No one is saying how the hack was pulled off. In a speech last week, Jeh Johnson, Secretary of Homeland Security, observed,

What amazes me when I look into a lot of intrusions, including some really big ones by multiple different types of actors, it often starts with the most basic active spear-phishing where somebody is allowed in the gate and penetrates a network simply because an employee clicked on something he or she shouldn’t have.

Secretary johnson-official-bio-web

Secretary Johnson

How do you keep people from clicking on something he or she shouldn’t have? That is where SP Guard from Iconix comes into help defend against spearphishing by providing employees with visual trust indicators, helping them tell real emails from clever attacks.


OPM – OMG! Update

July 1, 2015

OPM director Katherine Archuleta told the Senate  and the House Oversight and Government Reform Committee that stolen passwords for a federal contractor were used by hackers in the two cyberattacks targeting federal employee data.

opm director archuleta

 

Learn more at our new blog.


OPM – OMG!

June 25, 2015

Earlier this month, it was reported that the personnel records of 4 million federal employees had been compromised in a cyber attack on the Office of Personnel Management (OPM).  OPM is the US Government’s HR department. As events unfold, it now appears that this breach was much worse than first reported.  The Washington Times is reporting that the breach may involve records of 32 million Americans.

opm testifies

Office of Personnel Management Called Before Congress

Learn more at our new blog.


President – Cyber Will Get Worse

June 9, 2015

Last week it was revealed the about 4 million former and current federal employees were impacted by a data breach at the Office of Personnel Management.

Yesterday morning at a press conference in Germany, the President said, “We have known for a long time that there are significant vulnerabilities, and that these vulnerabilities are going to accelerate as time goes by, both in systems within government and within the private sector.”

As if acting on cue, a few hours after the President’s prediction that things would get worse, things got worse. Brig. Gen. Malcolm B. Frost, U.S. Army, announced that the Army’s official website had been hacked:

“Today an element of the Army.mil service provider’s content was compromised.”

army

 

Learn more at our new blog.


4 Million Fed Employees Compromised – Office of Personnel Management

June 8, 2015

The personnel records of about 4 million current and former federal employees were compromised in a cyberattack on the Office of Personnel Management. This attack is being attributed to China.

Office_of_Personnel_Management_in_Washington_D.C._2012

Learn more at our new blog.


Follow

Get every new post delivered to your Inbox.