19 Amazing Hacks

December 31, 2013

Read about 19 amazing hacks at our new blog.

Happy New Year!


Phishing – Favorite Tool of State Affiliated Espionage

May 3, 2013

Verizon recently released their 2013 Data Breach Investigations Report.

We encourage everyone who cares about network security to read the report. One statistic stands out from the rest:

Verizon 95%

The bad guys need credentials to do their dirty work. The most effective way to get credentials is to steal them using spearphishing. At Iconix we are dedicated to offering a real solution to this problem. That solution is SP Guard.

The Importance of Being Current

March 22, 2013

The widely report attacks on banks in South Korea provide a strong lesson in the importance of using up-to-date software.

Whois Team message

As the Los Angeles Times reports, the attack was not technically sophisticated.  Nevertheless, as the New York Times reports, the attack was extremely effective in causing havoc in South Korea.

Avast! has determined that this attack exploited non-current versions of Internet Explorer.   If the users had been using correctly configured versions of current software, instead of being damaged, the attack would have been stopped by the browser.


Director of National Intelligence warns US Senate — Cyber Is First On His List

March 13, 2013

Yesterday, March 12, James R. Clapper, the Director of National Intelligence, provided the United States Senate with the annual US INTELLIGENCE COMMUNITY WORLDWIDE THREAT ASSESSMENT.   The first threat in the report is Cyber. While we think it is important to read the entire discussion of Cyber, we think this excerpt provides a good summary of the situation:

Foreign intelligence and security services have penetrated numerous computer networks of US Government, business, academic, and private sector entities. Most detected activity has targeted unclassified networks connected to the Internet, but foreign cyber actors are also targeting classified networks. Importantly, much of the nation’s critical proprietary data are on sensitive but unclassified networks; the same is true for most of our closest allies.

  • We assess that highly networked business practices and information technology are providing opportunities for foreign intelligence and security services, trusted insiders, hackers, and others to target and collect sensitive US national security and economic data. This is almost certainly allowing our adversaries to close the technological gap between our respective militaries, slowly neutralizing one of our key advantages in the international arena.
  • It is very difficult to quantify the value of proprietary technologies and sensitive business information and, therefore, the impact of economic cyber espionage activities. However, we assess that economic cyber espionage will probably allow the actors who take this information to reap unfair gains in some industries.

It is now abundantly clear that one of the most important paths to compromising systems is social engineering that deceives personnel into compromising their systems.  Mandiant recently issued a comprehensive report detailing how APT attacks use spearphishing emails are used to infiltrate systems.  This chart, derived from data reported by Trend Micro, shows the prevalence of spearphishing in APT:

trend pie chart

Your personnel will receive malicious emails.  Your security hangs in the balance when an employee decides to click a link or open an attachment.  Telling employees to avoid suspicious emails is good advice.  The attackers use this same guidance — that is why cyberattackers use social engineering to craft emails that are not suspicious. IT must intervene in the email processing decision.  That is the role of SP Guard.  Using SP Guard, IT can determine a list of trusted senders and provide this information to staff at the moment the person is deciding to click or pass.  In the SP Guard environment, staff can, for example, easily distinguish a trusted HR email from a spoof HR email.

You can contact us at   408-727-6342,ext 3 or use our online form.