Spear Phishing: A Quick Review
Spear Phishing is very common to the traditional Phishing but more targeted to a specific group. Spear Phishing is define as an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. Spear Phishing attempts are not typically initiated by “random hackers” but are more likely to be conducted by perpetrators out for financial gain, trade secrets or military information (SearchSecurity, 2005).
A typical Spear Phishing attack is conducted by a “Phisherman” (The person performing the attack) gains detailed information about you and your organization through websites, blogs, and social networking sites.
Then the “ Phisherman” sends out a specific and personal emails asking the user or “phish” (The person the attack is being conducted on) to enter their username, password, account number, access codes, pins, to a clone website. It seems very authentic since the information will be coming in the form of a familiar site or process. From there as in a typical Phishing attack, your information is captured leaving the user vulnerable to identify theft or financial lost.
A recent example of a successful Spear Phishing attack occur when there were news reports that the U.S. Chamber of Commerce was hack by Chinese hackers and an unspecified amount of data was access from the network for over a year undetected.
There ways of preventing being caught by a spear:
- IT and help-desk personnel will never ask for password, so never give out your password for any reason.
- Never reveal any personal information in an email
- Look for digital signatures
- Assume all unsolicited requests are Phishing attempts.
For more about interesting information Spear Phishing go to:
- http://www.fbi.gov/news/stories/2009/april/spearphishing_040109
- http://www.washingtonpost.com/business/technology/china-hack-of-chamber-of-commerce-highlights-spear-phishing-dangers/2011/12/21/gIQAia709O_story.html
- https://dps.mn.gov/divisions/otss/Documents/Spear%20Phishers%202011-03.pdf
SecurityOrb.com’s Top 10 Cyber Security Threat Predictions for 2012
2011 was an attention-grabbing year in the information security industry. We saw some interesting things such as mobile apps become a talking point as well as some Mac OS X malware. Furthermore, the issues pertaining insider threat, hacktivism, Stuxnet’s sibling Duqu, social networking site vulnerabilities as well as our share of zero-day attacks to name a few. So, what is in store for 2012 you ask?
10. Windows 7
Windows 7 has been out and in all since of the word a success as users are migrating away from Windows XP which is scheduled to reach end-of-life in April of 2014. We usually see an 18 to 24 months operational period before malware infections start to really come out. Data released by Microsoft showed that Windows 7’s malware infection rate climbed by more than 30% during the second half of 2010. We predict this trend will continue as the Windows 7 market share increases in 2012.
9. Apple Products
Talking about market share, apple has gains a substantial amount with the latest offering of their products that include the iPad, iPhone, iPod and computer based-systems. Hackers began targeting them in 2011 and will surely continue in 2012. For example, in 2011, Apple released an anti-virus application on its computer based operating to prepare due to trojan horses such as “OSX/Leap-A” and “Trojan-Downloader:OSX/Flashback.C” which debuted in 2011
8. Legacy and Unpatched Systems/Applications
Unfortunately, we have observed a high amount of legacy systems such as Windows XP with SP 1 and SP2, Windows 2000, 2003 SP1 and Mac OS X version 10.4 and below as well as older versions of adobe reader, flash and MS Office applications still in operation. As we know, hackers will continue to check and exploit old vulnerabilities.
We ask that you be aware of these issues and as always, make sure you have security controls such as host-based firewalls, anti-virus and anti-spyware applications installed, make sure they are updated at all times and use common sense to help protect your information and privacy.
7. (Spear) Phishing Attacks
Phishing is defined as the practice of using fraudulent e-mails and fake duplications of legitimate websites to extract financial data from computer users for purposes of identity theft, while Spear Phishing is define as an e-mail spoofing fraud attempt that targets a specific organization or user, seeking unauthorized access to confidential data. With the amount of information from social networking sites, people search sites, location based apps and the risk of stolen/lost devices. Cybercrooks will have a treasure chest of information to conduct sophisticated and targeted attacks on individuals.
6. Embedded Network Products (Cars, TVs and Refrigerators)
Cars aren’t just cars and TVs aren’t just TVs anymore. These devices as well as many home appliances are being fitted with network and Internet based access. Unsecured or poorly wireless access points as well as vulnerabilities in these devices themselves will act as another vector for cyber-crooks in 2012.
5. Hacktivism
Hacktivism is a combination of Hacker and Activism, and it is a form of online protest over political, religious or social ideas a group may not agree with. In the past, financial gain served as the primary motivation behind cybercrime, but we’re seeing a change from recent activities in 2011 from groups such as Anonymous and LulzSec. SecurityOrb.com predict with the upcoming US election, censorship bills such as SOPA and IP Protect, The Occuppy movement and more, These activities will increase as well as spawn copy groups with special interest to also become a factor. This will make consumer personal data be at risk since many times the information stolen is posted in a public forum.
4. Digital Wallet Systems
Google Wallet and other digital wallet systems will become more visible and gain greater acceptance in 2012 as vendors push the idea to consumers. In concept, the technology is very similar to current near-field communication architectures that are in play with one difference, the mobile device. Hackers will be able to access the same data as the legitimate apps to conduct fraud.
3. Social Media
social media platforms such as Twitter, Facebook and Goggle+ will continue to be a focal communication and expression medium for people and businesses in 2012 as it was in 2011. Cybercrooks will look to take advantage of the “Trust” factor associated with social media relationships to pursue their agenda of fraud and cybercrimes by stealing login credentials and conducting advance data mining for sophisticated attacks on individuals as well as companies.
Furthermore, in 2011, the security field observed numerous poisoned links to hot news topics such as “Osama Bin Laden Death Pictures”, “Amy Winehouse” to the “Royal Wedding” on Facebook and Twitter. SecurityOrb.com predicts these issues will increase and become more sophisticated and automated in some cases such as the Twitter mouse over incident or the Guy Fawke on Facebook. In fact, in 2012, we forecast Facebook-based attacks will increase and Facebook will be forced to sit up and take notice. Specifically, Facebook will implement new security solutions on their site to avoid losing disgruntled users. This has already begun as Facebook has partnered with WebSense for URL scanning.
2. Mobile Devices
This is #1 on most lists. 2012 will see an increase in malware distribution on smart phones and tablets with the Android-based devices carrying the load.
1. The Human Element
All too often, we find the weakest link in security is not technology, but the people who use it. It maybe from a disregard of good technology practices to honest mistakes. Through security awareness and information sharing, we hope to reduce this threat.
Happy New Year
SecurityOrb.com would like to wish the InfoSec community a wonderful and safe Happy 2012 New Year!
The Stop Online Piracy Act (SOPA) Delayed into 2012
The Stop Online Piracy Act (SOPA) introduced in October has been delayed until sometime in 2012. SOPA’s goal is to aid with the ongoing dilemma of copyright infringement, pirating, and/or the counterfeiting of intellectual property many US based media companies are facing by foreign and some domestic websites.
The scheme behind SOPA is to disable or withhold services from infringing sites by requiring Internet search providers, payment processors and other Internet related entities to deny services.
Support for the legislation is coming from media organizations such as the Motion Picture Association of America (MPAA) and the Recording Industry Association of America (RIAA) while tech industry giants such as Google, Yahoo, and Facebook to name a few are opposed to the bill.
The tech industry feels protecting content is a worthy goal and should be pursued, but fears the content within the bill can lead to unintended consequences. For example, copyright holders would be able to find fault on a website, contact law enforcement officials, and get websites shut down or denied services. Furthermore, tech companies such as Google could face punishment if a pirated TV show is uploaded to YouTube.
SOPA is a change from the current process based on the 1998 Digital Millennium Copyright Act, which expect companies to “act in good faith” when a copyright holder asks them to remove pirated content. However, under SOPA, sites could be punished first place and Internet companies are worried that they could be held liable for users’ actions.
While the media industry states online piracy websites such as The Pirate Bay which operates outside of the U.S. allows illegal downloads of movies, music and other digital content leads to U.S. job losses by depriving content creators income.
A similar bill to SOPA titled the Protect IP Act, was approved by a Senate committee in May of 2011, and is now pending before the full Senate. In addition, a bipartisan group of House members has proposed an alternative bill titled the Online Protection and Enforcement of Digital Trade Act (OPEN).
Even though both the media organizations and tech companies have suitable reasoning for supporting and opposing the bill, I think the tech industry and small bloggers and media organizations are at the most risk if this bill where to past. If a media organization accuses them of using their content in an inappropriate manner, request for that site to be denied of service, many of them do not have the resources for legal services to rectify the matter, thus allowing the media industry full power.
11th Annual DoD Cyber Crime Conference 2012
EARLY REGISTRATION ENDS DEC. 31
11th Annual DoD Cyber Crime Conference 2012
Hyatt Regency Atlanta, Atlanta, GA
Pre-Con Training: Jan. 20-23 | Conference: Jan. 23-27 | Exposition: Jan. 24-26
www.DoDCyberCrime.com
REGISTER TODAY to learn from the experts about revolutionary technologies and techniques for exposing and preventing cyber crime. Hotel space is filling up quickly, so make your reservations now.
This the only program that brings together legal, information technology, investigative, and digital forensic communities for an open and interactive forum to facilitate information sharing, hands-on digital forensics training, and team building on issues facing the DoD, as well as Federal, State and Local governments and their industry partners within the cyber crime arena.
CONFERENCE FEATURES
• Pre-Conference Hands-on Digital Forensics Training Courses (attorneys can earn CLEs), including
SANS Lethal Digital Forensic Techniques and Memory Analysis
• Classified Cyber Threat Session
• 21 Concurrent Breakout Sessions
• Forensic Tool Expo
• 80+ Exhibitors
• DC3 Digital Crime Scene Challenge (new to the 2012 Conference!)
• 6th Annual DC3 Digital Forensic Challenge Awards Presentations (challenge occurs prior to
conference: www.dc3.mil/challenge)
BREAKOUT TRACKS
The conference team has developed targeted breakout tracks focusing on Digital Forensics, Defense Industrial Base, Information Assurance, Law Enforcement/Counterintelligence, Legal, and Research and Development.The tracks include almost 200 sessions and provide attendees with a forum to discuss issues and solutions, learn new tools of the trade, get an overview of the new technologies driving the industry, and more. Attendees are encouraged to attend sessions from all tracks.
CONFERENCE AGENDA
CONFERENCE SPEAKERS BLOG
CONFERENCE REGISTRATION
Online Conference Registration Deadline: January 13, 2012 REGISTER NOW
ACCOMMODATIONS
Visit the TRAVEL page of the Web site for details about accommodations and travel.
EXHIBITING & SPONSORSHIP OPPORTUNITIES
Exhibit space and sponsorships are selling out very quickly. For vendor opportunities at this event view the EXHIBITOR PROSPECTUS.
Visit the event Web site for detailed event information: www.DoDCyberCrime.com
CONTACTS
Attendance: Sharla Warren, (703) 740-1950, SWarren@GovernmentMeetings.com
Speaker Services: Marnie Herren, (703) 740-1933, MHerren@GovernmentMeetings.com
Wipe Your Tech Devices Before Giving Them Away….
As the holiday season steadily approaches, many individuals are planning to upgrade their current technology devices with the latest and greatest on the market. For example, individuals who currently possess an older iPhone such as the 3gs or iPhone 4 are eyeing the new iPhone 4s with the Siri feature. While android-based users have a tons of options to be excited about with the resent releases of the Nexus, RAZR and Galaxy smart phones totting the new Android 4.0 operating system titled Ice Cream sandwich. Then you have to take into consideration other tech gadgets and devices such as tablets, e-readers, netbooks, laptops and computers.
A recent survey conducted by the Public Broadcasting System (PBS) stated 49% of parents plan to give their kids a technology device this upcoming Christmas and many of these devices will be their old hand me downs.
With that said, SecurityOrb.com, an information security and privacy awareness site recommends that before you give away or throw away any of your electronic devices, make sure you wipe them clean. A disk/memory wipe is a secure manner to remove all existing data on a hard drive and memory card so the data cannot be retrieved.
This is important when you take into consideration the types of information we store on our smart phones these days such as pictures, account information, contacts etc.
Giving a device to a kid without properly wiping it clean can lead to issues to put your personal information at risk such as theft or lost of the device. Furthermore, it may also be costly experience if your credit information is tied into the manufacture’s app market space. Numerous apps maybe downloaded on your dime.
The same consideration should also take place if you plan to get rid of other technology such as an old computer. You want to wipe the hard drive before deposing of the system. Identity theft scammers know this is a great source to obtain information to fuel their malicious activity. Using software such as Disk Wipe can erase all disk data and prevent recovery of that data and it is free too. The EPA also has a list of recommended locations to dispose of your electronic devices in a safe and environmentally friendly manner.
Please remember, before wiping your data on an old device be sure to conduct a backup or transfer all information to the new device. Some services allow you to backup the contents of your mobile device to a cloud for safekeeping.
Below are some tips on how to conduct a hard reset or total disk wipe on some of the more popular devices. I urge you to review your manual or check on the manufacture’s website for a more detailed procedure.
Android phones: Steps to implementing a factory data reset can be done by going to:
Menu -> Settings -> Privacy -> Factory data reset.
BlackBerry phones: Steps to implementing a factory data reset can be done by going to:
Options -> Security Options -> General Settings -> Menu -> Wipe Handheld.
iPhones: Steps to implementing a factory data reset can be done by going to:
Settings -> General category -> Reset
