India Cyberattacks Pakistan — Using Spearphishing

A recent article posted at techviral describes how Indian cyberattackers are using spearphishing to attack Pakistani and UAE websites. The post discusses how the Indian hacking groups called the Shakti Campaign and the VVV use deceptive emails to gain control of targeted computers.

Learn more at our new blog.

Bad Guys Are Smart

On November 10, 2015, the Justice Department announced the indictment of four men for a “hacking,” securities fraud, and other crimes. In announcing the indictments, Manhattan U.S. Attorney Preet Bharara said, “The charged crimes showcase a brave new world of hacking for profit. It is no longer hacking merely for a quick payout, but hacking to support a diversified criminal conglomerate. This was hacking as a business model.”

The indictment alleges that the conspirators used servers in Egypt, the Czech Republic, South Africa, Brazil and other countries as a launchpad to attack some of the largest financial firms based in the U.S. The indictment alleges that the defendants “hacked” networks, stole customer data about tens of millions of people and used the stolen data to run a massive stock manipulation scheme. But making millions of dollars from stock fraud wasn’t enough — so, it is alleged, the conspirators also ran other criminal businesses including Internet gambling, malware distribution, bogus online products businesses, and an illegal Bitcoin exchange.

Learn more at our new blog.

Spearphishing Solution – Prosecute Victims

In a recent Wall Street Journal interview, Adm. Mike Rogers, the Director of the NSA, suggested that people who fall for spearphishing attacks, such as the four people who compromised the Joint Staff, should be subject to court-martial.

Will this work?  Learn more at our new blog.