In this particular case, we see a common cybercrime attack methodology, mass spam, a social engineering hook and a downloader Trojan, crossing over into APT space, likely due to all of the recent press coverage of Mandiant and other APT-related investigations. This is further evidence of the constant evolution of online attacks based on current events.
The initial inspiration of my “Groove Theory of GRC” was Rocco Prestia, the bass player for the funk band Tower of Power. His definition, or lack thereof, of the term groove started my thought process on how very important things can exist without exact scientific explanation. In my last blog, I talked about combining Musicality and Performance to create a special musical experience and how GRC should strive for this powerful combination through Visibility and Accountability to result in Performance Optimization. Now I want to explore the complexities of any musical endeavor. While solo performances can be captivating, a full orchestra performing in perfect concert together is one of the highest forms of human collaboration and expression. So on to postulate #2:
Today, Norman and Shadowserver released a paper that revealed a large attack infrastructure in which they detailed an ongoing campaign, running as far back as September 2010. This campaign, reportedly run out of India, used spear-phishing attacks and multiple strains of malware to breach targets of interest and extract data.
A fair percentage of clients that I have provided incident response services to over the last 12 months are operating without security or oversight on the Internet, meaning not a single person employed at that organization is solely dedicated to working on security issues. While this is common for small companies and startups, these clients matured over the years to the point where they had hundreds or thousands of employees and even more computing devices on the network. What had not occurred, however, was the investment in security commensurate with the growth of the company.
Gone are the days when it was thought that size of the company matters to the cybercriminals. The latest PwC Information Security Breaches Survey 2013 shows that there has been a significant rise in the number of small businesses that were attacked by an unauthorized outsider in the last year – up by 22%. Interestingly large organizations only went up by 5%. The cybercriminal has moved on to stealing intellectual property or corporate secrets as that’s where the real money is and small companies become easy targets as many do not have the resources or budgets to fully protect their information.
It’s time to understand the differences between corporate secrets and custodial data.
ATMs enable us to get our cash on demand, for those of us who still use cash, and have come a long way since the first machines in the 1960s which dispersed a set amount of funds and sent back the bank card at a later date.
Convenient to consumers, yes – but to fraudsters, ATMs are seen as a way to get their hands on currency that isn’t theirs and unlike an online transaction can be harder to trace. As a cash-out point for many scams, fraudulent crimes and cyber-attacks the ATM has seen its fair share of unfriendly withdrawals.
The level and sophistication of advanced threats is a constantly moving target pitting the advantages of smart and patient attackers against security teams that often times can’t possibly know what to look for when an attacker employs specialized techniques and tools designed to cloak their movements. What happens when an attacker doesn’t have to rely on malware to infiltrate their target or when an attacker is able to successfully blend in like a legitimate insider? In this edition of the Speaking of Security Podcast, Tom Chmielarski, Practice Lead in RSA’s Advanced Cyber Defense Services shares some of the attack techniques he’s seen used in real breach cases, along with best practices used in the detection and defense of these advanced attacks.
Welcome to my second in a series of blogs based on what I term “The Groove Theory of GRC.” As you may or may not know (or infer from this series), I have been a musician for much of my life. Starting in grade school playing in the school band, I have enjoyed the gift of making music over many years. While I am no longer a “gigging” musician, I still pick up my craft and noodle at home often. One aspect of making music that I have enjoyed is the debate between musicality and performance. Is a great musician guaranteed to be a great performer? Are all great musical performers talented musicians?
In light of the recent events I’ve reflected on how valuable electronic health records (EHR) and health information exchange (HIE) participation can be in a time of crisis to immediately access critical life saving data on impacted victims. EHRs not only allow for first responders to quickly access victims’ healthcare information, but also allows for more accurate ambulatory, ER and clinical decision making in life or death situations.
By Limor S. Kessem, Cybercrime and Online Fraud Communications Specialist, RSA Although the title of this blog may call to mind the first line of quite a number of old jokes, it appears that hacktivists, phishers and the everyday Internet user have enough in common to raise concerns of financial fraud, especially in light of [...]