Jefferson Lab Identified as Cyber-victim

Yesterday, we wrote about the compromise of three U.S. National Laboratories

Venture Beat has now identified the third facility.  That facility is Jefferson Lab in Newport News, Virginia.

On July 6, 2011, General Michael Hayden, USAF Ret., spoke before The Potomac Institute for Policy Studies on cybersecurity.  General Hayden is a former director of the CIA and the NSA.  Discussing the cyber-attacks such as these, General Hayden said, “If we don’t act boldly, something really bad is going to happen.”  Michael Tiffany, Chief Architect at Recursion Ventures, also spoke. He observed, “Today the people who are succeeding at these types of attacks are the ones who are try the hardest. It’s actually not very difficult.”  

We see how easy it is to launch a spear-phishing attack.  Data to customize the email content is readily available on the internet.  Social networking sites make personal information very accessible.  Differentiating real email from fake email is almost impossible.  Lt. Col. Gregory Conti, a computer security expert at West Point observed:   

What’s ‘wrong‘ with these e-mails is very, very subtle. They’ll come in error-free, often using the appropriate jargon or acronyms for a given office or organization.

This is where SP Guard from Iconix comes into play.

SP Guard modifies the email client’s display to provide a visual indicator of the identity of the sender of email. This is an example from Outlook, the popular business email client, in which a company called “MyCo” is marking their internal messages as well as those from trusted partners such as their law firm.  Note especially the last message, though seemingly benign, is a spear-phishing message and is not marked as authentic:

SP Guard Inbox

SP Guard provides the email recipient with three easy to recognize confirmations that a message is really an internal email or from a trusted counterpart:

  1. List View. There is an integrity indicator in the list view of the email client.
  2. Message. The open message has a further indicator of authenticity.
  3. Mouseover. Mousing over the authentication indicator in the message prompts the display of a certificate that further identifies the sender.

SP Guard is available now from Iconix.

To learn more, visit us at http://www.iconix.com/business/spearphishing.php.

Advertisements

Comments are closed.