What’s the first thing you think of when you hear of a cyber attack?
For the most part, people imagine hackers using lines and lines of code. They’re hunched over systems that resemble the computers in the Matrix, launching super-sophisticated attacks against international corporations and government agencies.
The truth, however, is much more simple. Phishing is something anyone with an email address could attempt and victims of malware become resources for other attacks.
Here are some reminders why technology alone is not enough to keep you and your business secure:
RSA SecurID Breach
Security experts are still guessing the true impact the breach had on security company RSA back in March 2011. RSA’s parent company EMC, spent $66 million recovering from the attack. Information about RSA’s SecurID two-factor authentication was compromised.
What is known is what RSA released in a blog post:
“The attacker in this cast sent two different phishing emails over a two-day period. They launched two ransomware campaigns; you wouldn’t consider these users particularly high profile or high value targets. The email subject line read ‘2011 Recruitment Plan’
“The email was crafted well enough to trick one of the employees to retrieve it from their Junk mail folder and open the attached excel file. It was a spreadsheet titled ‘2011 Recruitment plan.xls’
“The spreadsheet contained a zero-day exploit that installs a backdoor through an Adobe Flash vulnerability (CVE-2011-0609).”
What remains a mystery was what that information was. RSA released statements saying the breach could reduce the effectiveness in the SecureID source code. This was one of the first high-profile attacks against a security company that not only impacted the business, but thousands of other businesses as well.
Hidden Lynx Watering Hole in Bit9
In 2013, the “Hidden Lynx”, a cyberespionage group in China, used watering hole attacks to compromise Bit9’s digital code.
A watering hole is a more subtle phishing attack. Malware is injected into a legitimate website that organizations in the target industry are likely to visit. The Hidden Lynx are the kings of this type of phishing attack, behind not only this attack, but the VOHO attacks and Operation Aurora.
They accessed Bit9’s file signing infrastructure to sign malware and make it seem legitimate. It was used to attack not only Bit9, but three defense industrial-based organizations that were clients of Symantac (a cybersecurity company).
Target’s Third Party Take Down
Once again in 2013, attackers lifted a jaw-dropping total of 40 million credit and debit cards from retail megachain Target’s point-of-sale systems. This scam was not only devastating in scope and damage but also displayed just how dangerous an unwary business partner can be.
Investigators suspect the hackers initially gained access using Target’s network. They used credentials obtained from heating, ventilation and air-conditioning subcontractor Fazio Mechanical Services via a phishing email that included the Citadel Trojan.
Target makes sure that every store-greeter is well-trained , but they aren’t entirely safe against phishermen.
