E3 – Hordes at the Gate – The Call of the Siren

“Don’t you think you are being a bit paranoid?” Greg asked Marty as the two exited the cafeteria.  “I mean, the DDOS attack was pretty severe. I think whoever was behind it accomplished their goal. Look at all the time and expense it took to control it. Not to mention the downtime, the annoyed customers,…

Read More

E3 – Hordes at the Gate – The Aftermath

Marty walked into the conference room and immediately sensed the buzz and tension.  He knew the debrief of the denial of service attack was going to be a long one but he didn’t anticipate this much friction.  The source of the stress wasn’t the actual attack or the mayhem that ensued to protect MagnaCorp from…

Read More

E3 – Hordes at the Gate – The Battle

The Hunter arrived on the wall of the fortress on the frontier out of breath. He had ridden through the night to get to the most active and dangerous part of the assault on the Kingdom’s walls. He leaned over the parapet and quickly surveyed the chaos below him. Within seconds an arrow whizzed past…

Read More

E3 – Hordes at the Gate – The Siege

The hulking figure dominating the corner of the crowded tavern was given a wide berth by the other patrons.  Even though the smoky room was packed with people, the table occupied by the massive man had plenty of space around it.  Several customers made obvious attempts not to trespass over the imaginary border circling the…

Read More

Understanding human triggers in fraudulent transactions

  Too often, discussions about fraud prevention emphasize the security controls organizations should put in place: risk engines, step-up authentication, biometrics… These are all necessary for a successful fraud prevention program, but we tend to minimize the ‘humans in the loop’ aka the end users. It’s human nature to have biases, and an effective security program should…

Read More
Image from a YouTube video posted by Johnny Adams on the report of a German steel mill cyberattack

Steel Mills and the Security of Critical Infrastructure

In late December, the German government issued a report about a cyber attack on a steel mill that resulted in significant damage to that facility. The attack has received extensive publicity since then, from the BBC to YouTube, including a detailed analysis of the attack by SANS. Many of these reports, such as the one…

Read More

2015 Year of Cybersecurity Consilience?

Art Coviello just sent out his annual end of year letter with the following 2015 predictions: 1.Nation-state cyber-attacks will continue to evolve and accelerate but damage will be increasingly borne by private sector 2. Privacy debate will mature 3. Retail is an ongoing target and Personal Health Information (PHI) is next 4. The Internet Identity…

Read More

Oops, They Did it Again…

Another day… another credit card breach letter in the mail …and yet another card to throw away….. While talking to my mailman the other day I noticed he lost some weight. Ironically, he thanked the many credit card breaches to his improved physical fitness. (guess there is a silver lining to anything) He also expressed…

Read More
Access Denied

Not Your Average Cyber Attack

I recently attended an industry conference.  During a break, I chatted with a group of attendees and learned something eye-opening.  The purpose of many cyber attacks is not necessarily to obtain intellectual property, PCI or PII data; many times, it’s to devalue a company by making small changes that impact management decisions and revenue.  Even…

Read More

A New Liberty Reserve Emerges

The takedown of Liberty Reserve in May 2013 was a major blow to many fraudsters who used the e-currency for years to launder their illicit gains. By the time the U.S. government took action, Liberty Reserve had been around for seven years and was reportedly responsible for the laundering of billions of dollars in transactions. More recently, yet another option for fraudsters seems to be materializing in what some are now calling “The New Liberty Reserve,” an e-currency known as LessPay.

Read More