The Grave Consequences of Geopolitical Hacking

Critical infrastructure attacks are one of the pressing cyber concerns this year.

On the tragic week of September 11th I must remind you that the historic lesson of September 11th, is that non-state actors will use technology to attack critical infrastructures.  2015 has become a dark year wherein more cyberweapons have been distributed to actors who are not solely operating as criminals but also are paying homage to those regimes who protect them. Never before has the cyberspace become so hostile.

Forums within the dark web have facilitated the majority of the most significant attacks in 2015.  Many of these forums have become nationalistic as illustrated by our Russian Underground 2.0 report  that highlighted the activity of cyber militias and cyber-mercenaries. Recently, the United States government has suffered one of the most significant breaches in history’ a cyber event that was the greatest single act of espionage since post-Glasnost. The Office of Personnel Management breach was tremendously impactful as it illustrated the level to which a foreign regime would target the leadership of the US government. We must understand that the purpose of the breach was merely the reconnaissance stage of the modern kill-chain. With the data gleaned from this breach by our cold war adversaries, it’s now being utilized to actively hunt our nation’s elites with more sophisticated attacks. This was recently evidenced by the evolution’s seen from the Pawn Storm Campaign. The lesson’s to be learned from this breach are significant. Organizations must allow for offense to inform defense.

Today’s adversary conducts reconnaissance on his or her targets. Today’s adversary uses other attack vectors beyond spear phishing including watering holes; mobile attacks island hopping. The OPM breech was the first shoe to drop; now we must expect the second. This intrusion is ongoing. Mitigating dwell time on our networks will require the deployment of effective breach detection systems that are integrated with intrusion protection systems; mobile security; two factor authentication and virtual patching. Organizations cannot rely on silver bullets like FireEye, as werewolves are hunting us.



from Trend Micro Simply Security http://ift.tt/1iwNEx2
via IFTTT