“We discovered the scope and damage of these operations during investigations of what we thought were separate cases,” said Stuart McClure, CEO of Cylance.
Through custom and publicly available tools that use, among other methods, SQL Injection, spear phishing, water holing attacks and hacking directly through public websites, the attackers have been able to extract highly sensitive and confidential materials and compromise networks with persistent presence to such a severity that they have control over networks of victims in 16 countries.
The targets belong to five groups:
Oil and Gas/Energy/Chemical – Targets discovered include a company specializing in natural gas production, electric utilities organizations, as well as a variety of oil and gas providers. This group was a particular focus of the hackers.
Government/Defense – Targets discovered include a large defense contractor and major U.S. military installation. Cylance can confirm one of those targets was San Diego¹s Navy Marine Corp Intranet, where unclassified computers were hacked.
Airports/Transportation – Targets discovered include airports, airlines, automobile manufacturers, as well as transportation networks. The most concerning evidence collected was the targeting and compromise of transportation networks and systems such as airlines and airports in South Korea, Saudi Arabia and Pakistan.
Telecommunications/Technology – Targets discovered include telecom and technology companies in several countries.
Education/Healthcare – Targets discovered include multiple colleges and universities, often with an emphasis on medical schools. Large amounts of data on foreign students have been taken, including images of passports and social security cards.
An FBI “Flash” released earlier this week provides a fascinating window into the recent super-hacking attack that could be considered a harbinger of next-generation cyber-crime and cyber-warfare
“The malware used in the attack, which has been described by a Sony spokesperson as “very sophisticated,” is almost certainly the same as that identified in the FBI memo. That malware uses Microsoft Windows’ own management and network file sharing features to propagate, shut down network services, and reboot computers—and files named for key Windows components to do most of the dirty work of communicating with its masters and wreaking havoc on the systems it infects.
While the FBI memo provided a means to detect the “beacon” message used by the malware to communicate back to the command and control (C&C) servers used by the attackers who planted it, that information by itself may not protect targeted organizations. That’s because the malware only begins to broadcast back to the C&C servers once it’s been launched—and deletion of data on the targeted network has already begun.”
Read the entire article at ARS Technica
Organizations are increasingly exposed to a large number and variety of threats and risks to cyber security. Big Data will be one of the main elements of change by supplying intelligence-driven models.
Research firm Gartner says that big data analytics will play a crucial role in detecting crime and security infractions. By 2016, more than 25 percent of global firms will adopt big data analytics for at least one security and fraud detection use case, up from current eight percent.
Avivah Litan, vice president and distinguished analyst at Gartner said big data analytics enables enterprises to combine and correlate external and internal information to see a bigger picture of threats against their enterprises. It is applicable in many security and fraud use cases such as detection of advanced threats, insider threats and account takeover.
Energy companies in the US were hacked 79 times last year according to a survey by ThreatTrack Security.
The survey found that 35% of respondents reported endpoints on their network had been infected by malware that evaded their defenses during the last 12 months.
Moreover, 58% of respondents cited the complexity of malware as the most difficult aspect of defending their organization.
Of all respondents, 61% of energy companies said email is the biggest threat vector to allowing malware onto their systems.
We hear anywhere from 10 to 200 lies a day. And although we’ve spent much of our history coming up with ways to detect these lies by tracking physiological changes in their tellers, these methods have proved unreliable. Is there a more direct approach? Noah Zandan uses some famous examples of lying to illustrate how we might use communications science to analyze the lies themselves.
A survey of federal IT managers commissioned by the Fort Meade Alliance in both the civilian and defense sectors showed a shift in cybersecurity concerns – from outside actors to insider threats and a focus on the need to educate employees.
Cyber security awareness training can help solve many of the challenges we face with protecting information technology assets and our government’s most sensitive information and mission-critical systems,” said Deon Viergutz, president of Ft. Meade Alliance and director of cyber operations for Lockheed Martin Information Systems and Global Solutions.
A chain is only as strong as its weakest link. Computer security relies on a great number of links, hardware, software and something else altogether: you. The greatest threat to information security is actually people. Why strive to defeat encrypted passwords stored in computers, when those computers’ human users will turn them over willingly? The technique is known as social engineering. It could be a phone call at your desk “from IT” querying problems with your login details, or asking about those of our colleagues’. Or the more common technique of phishing – emails designed to solicit your credit card or login details by passing themselves off as legitimate emails from well-known banks or websites such as PayPal or eBay. This has evolved in spear phishing, in which known details about you personally gives the email even greater credibility. The latest ruse are emails purporting to be from the World Health Organisation about Ebola, with email subjects including:
- “Ebola Safety Tips – By WHO.”
- “What You Need To Know About The Deadly Ebola Outbreak,”
- “So Really, How Do You Get Ebola?,”
- “Is there ANY way to cure Ebola?”
- “The #1 Food Items You’ll Need In An EBOLA Crisis.”
But the link to the attached file which is described as health guidelines instead installs the DarkComet Trojan malware that gives attackers remote access to your computer. Any current event is fair game for cybercriminals if it can tempt you to click that link. Read more at: http://phys.org/news/2014-11-cybersecurity-weakest-link.html#jCp
Up until now, many people think that cyberattacks just amount to stolen credit card numbers or computer viruses or something. That’s not really the case. While your Mastercard and MacBook are valuable things to protect, the technology that relies on the industrial internet are much more valuable. That includes things like high-speed trains, water treatment facilities, and nuclear power plants. The list goes on and on.
The scary truth of all this is that the list is about to grow exponentially, as new internet-connected technology comes into play. The reality of the internet of things is that connecting more things to the internet means creating more vulnerabilities. “Current threats include economic transactions, power grid, and air traffic control,” Mark Nall, a program manager for NASA, told Pew. “This will expand to include others such as self-driving cars, unmanned aerial vehicles, and building infrastructure.”
More from Gizmodo.com by clicking here.
Digital technology has opened many new doors for organizations, enabling greater brand engagement and innovative customer experiences. But, at the same time, it has also exponentially multiplied the points of vulnerability for data breaches and theft of proprietary data. With the increased use, integration, and interconnection of mobile devices, security is even more imperative. This is particularly vital for marketers who must incorporate security into their strategic marketing plans and determine how new security solutions can deliver valuable customer insights.
One of the most important defenses any company has against cyber threats is a widespread and deeply rooted culture of security, shared by all employees, that is bolstered by exemplary leadership, regular training, strong policies and enforcement.