Cyberwar – Live

February 19, 2013

Mandiant has posted this video showing a cyberwarrior in action:



Presidential Executive Order On Cybersecurity

February 15, 2013

On February 12, 2013, President Obama issued an executive order regarding cybersecurity.

One of the most useful tools in the cyber attackers’ arsenal is email. Email was the means of attack used in simulated attacks conducted by the Department of Homeland Security for the Senate.  Email was the means of attack used against the White House Military Office, the Department of Defense, the U.S. Natural Gas Pipeline Infrastructure, Military Drone Contractors and many others. The reason that attacks use email is because deceptive emails are very effective method to deliver malware into organizations.

Iconix has released a new whitepaper, Email – Preventing Deception. In this whitepaper we discuss how spearphishing works, how the email interface is susceptible to manipulation by bad guys and how the patented Iconix technology prevents deception in email.

Cyberattack on Aerospace

February 11, 2013

The U.S. aerospace industry is being attacked with zero day exploits of Adobe Flash.

How did the attackers install the malware on victims’ systems?  The attackers used targeted spearphishing emails.  In this case, the attackers sent an email with an attachment that was the schedule for an upcoming industry conference.  There was no reason for an aerospace engineer to doubt the validity of an email about an upcoming industry conference.  When the victim opened this attachment, the malware was installed.  This is the evil attachment:

Of course, because the attachment looks completely benign, the victim has no idea what has happened.

You can read more about this attack at AlienVault and FireEye.

Now that the attack has been discovered, a patch has been released. This attack reiterates the cycle of attack, discovery, remediation, which Websense  has termed the “sacrificial lamb” model — “where some user, somewhere, must become the first victim.”  At Iconix, we don’t subscribe to the sacrificial lamb model.  We believe that prevention is an important layer in the multi-layer defensive strategy.  SP Guard from Iconix provides the ability to distinguish real email from spearphishing attacks. You can contact us at 408-727-6342 ,ext 3 or use our online form.

New York Times and Wall Street Journal Hacked

February 1, 2013

It is being widely reported that the New York Times and the Wall Street Journal were the subjects of cyberattacks that compromised their networks.  These attacks appear to have infiltrated the networks with spearphishing emails.  CNN quotes Thomas Parenty, a former employee of the U.S. National Security Agency:

To do a spear-phishing attack of this kind is a well-established move in attacks against Google and various U.S. defense contractors from China. You could say the tools are sort of stock-in-trade.

How bad is this problem?  Secretary of State John Kerry, at his recent confirmation hearings, said foreign cyber-threats are “the modern day, 21st century nuclear weapons equivalent.”

Foreign Policy provides an interesting discussion of the pervasive nature of the ongoing cyber threat facing the United States.

While these attacks are widespread and vary considerably in their targets and their malicious code, they have one thing in common — they infiltrate the target by using emails that masquerade as trusted senders.  SP Guard from Iconix provides the ability to distinguish real email from spearphishing attacks. You can contact us at 408-727-6342,ext 3 or use our online form.