Spearphishing and Cyberterrorism

March 27, 2015

Writing in TechCrunch, Tom Chapman, director of cyber operations of Edgewave, describes how terrorists can apply the same techniques used against Anthem, Sony and many others to engage in cyberterrorism.

cyber terrorists

What could these technique be? Spearphishing. Learn more at our new blog.


11 Million Health Records Compromised With Deceptive Spelling

March 18, 2015

Premera, a leading health insurance company, has suffered a cyber breach impacting 11 million people. The company’s announcement says it has been the victim of a “sophisticated cyberattack.”

premera

What could this sophisticated attack have been?  Learn more at our new blog.


New White Paper – Spearphishing Countermeasures

March 17, 2015

We have released a new white paper entitled “Spearphishing Defense Using Deception Countermeasures.” This paper discusses how technical defenses (such as email filtering, malware detection, firewalls, limited user privileges, and system monitoring) leave systems unnecessarily exposed to phishing attacks because the human attack surface remains easily accessible and subject to successful attacks based on principles of psychology which are exploited using military deception. We propose deception countermeasures which modify the email interface, thereby making the user less susceptible to email-based deception. Learn more at our new blog.


Spoofing the Boss Cybercrime

March 13, 2015

Brian Krebs, writing in KrebsonSecurity, describes a scam in which criminals use email to impersonate company executives.

cyberthiefThe thieves use fake emails to issue bogus payment instructions to  finance and accounting staff.

Learn more at our new blog.


How Do Hackers Infiltrate Systems?

February 26, 2015

The accounts of tens of millions of Anthem members are stolen.  $1 billion are stolen from banks. Sony Pictures is compromised. The Chinese steal US military aircraft plans. The President of the United States decries the losses and appoints someone to fix the problem.  Yet, what is the problem?  Professor Arun Vishwanath, writing in  The Conversation tells us that the system resource being exploited over and over and over again isn’t some router or disk drive or program — it is you, the person operating the machine.

It's You!

It’s You!

 

Learn more at our new blog.


Three Months Later, State Department Hasn’t Rooted Out Hackers

February 20, 2015

Three Months Later, State Department Hasn’t Rooted Out Hackers. This headline from yesterday’s Wall Street Journal speaks volumes about cyber security.  Back in November of 2014, it was discovered that someone had compromised the unclassified email system of the U.S. State Department. Since that time, a process which Iconix calls “The Chase” has played out in which the good guys try to remove the bad guys from systems while the bad guys undertake to maintain their evil presence.  In this case, the National Security Agency is chasing Russian? infiltrators.

NSA Director Adm. Rogers

NSA Director Adm. Rogers

 

Learn more at our new blog.


Spearphishers Steal $1 Billion From Banks

February 15, 2015

The Telegraph is reporting that Kaspersky labs has uncovered “what is thought to be the biggest ever cybercrime with more than £650 million going missing from banks around the world.” The article relates a number of methods the attackers used to steal $1 billion from more than 100 financial institutions. Our favorite was instructing ATM machines to spit out cash.

fiterman

Learn more at our new blog.


Follow

Get every new post delivered to your Inbox.