In recent weeks, the volume of malicious email carrying attachments has increased substantially. To entice recipients into opening those attachments, attackers are employing pitches across a wide range of subjects. In doing so, they are defeating the often doled out advice to not open attachments in email received unexpectedly.
One of the more striking examples of this is malicious email exploiting bad economic conditions, job loss, and potential loss of home. The combined legal and job categories comprised 33% of malicious email attachments over the past two weeks, with pitches ranging from bogus employment opportunities to court summons for evictions due to overdue payments.
Other legal-oriented email includes warnings of illegal use of software, copyright infringement, and criminal complaints for alleged non-payment of accounts.
Assuming you were in dire financial straits, it’s not difficult to imagine you would react to an eviction notice such as the following:
Read More »
Tags: Big Data, email security, phishing, security
Based on 25 years of professional experience in various businesses around the globe, I can say that many industry verticals have a pretty good state of safety culture as it relates to the health and safety of their employees. This is especially true for companies involved in high-risk businesses such as oil and gas, (nuclear) energy, manufacturing, chemicals, food processing, and so on. In such industries, it is pretty clear that there is a risk that something may blow up, hurt, or even kill people.
However, it seems that the next big driver for them is business alone, and they are not as focused on information or IT security when it comes to the logic side of security like bits and bytes, document handling of confidential information, and similar subjects. This is in stark contrast to their keen attention to physical safety and security issues.
It would seem intuitive that any organization with a commitment to safety by counting (and incentivizing) the hours (days, weeks, months, …) of safety-incident-free time should also be easy to convince that taking a similar approach to information security would be a good thing. But it is not that easy. Operations in these businesses are very physical, so it is not really in the mind-set of a rig guy or gal, a welder, a component mixer, machine operator, or similar, that another devastating incident (attack) could happen from “within” the system(s), by a human adversary committed to do harm in the interest of their nation state or paying agent. All those systems in the above mentioned industries that are working at the process level (sensors/actuators, process control, SCADA (supervisory control and data acquisition) are designed for efficient and effective, good performing, and reliable operation, but they were not really designed and built to resist logic attacks from a human smart guy who can outsmart almost every defense.
In industrial networks, spanning the areas of instrumentation, control bus, operations, business, or enterprise, the often cited Purdue reference model that provides for several “levels” or “zones” of abstraction and segregation can be used. A really good introduction can be found in the Secure Data Transfer Guidance for Industrial Control and SCADA Systems.
The main security points to address are:
Tags: encryption, information security, information technology, IT, network segmentation, physical security, security
If you were unable to attend Cisco Live! Milan, or weren’t able to attend all the sessions that interested you, Cisco has made the session videos and PDFs available on the Cisco Live! website. More videos are being added daily and all should be available by February 22, 2014.
The Cisco Live! website maintains a large on-demand library with presentations and video recordings from Cisco Live! events hosted from 2011 to present. After registering, anyone can view the presentations and embedded videos at their leisure. Your Cisco Live! account is not tied to your Cisco.com account, so those credentials will not work!
Exciting new announcements are made regularly at Cisco Live! In Milan, Chris Young, Senior Vice President of Cisco Security, took the opportunity to share that Cisco was opening up it’s TrustSec capabilities to other vendors. In his blog post, Kevin Regan highlights what this means to the community. Read More »
Tags: cisco live, cisco live melbourne, Cisco Live Milan, Cisco Live! San Francisco, security, training
As mobility becomes more pervasive, these concepts of cyber crime have become engrained in our work/life culture. These issues have earned national news headlines as governments across the globe grapple with how to build both secure and mobile-enabled infrastructures.
A few weeks ago, Cisco and Mobile Work Exchange released findings from a self-assessment tool that highlights some interesting statistics, enabling us to better understand mobile security best practices and vulnerabilities. The report specifically looks at government employees, 90 percent of whom claim to use at least one mobile device for work, and reveals that many government workers (41 percent) are putting themselves and their agencies at risk. Read More »
Tags: architecture, Cisco, CiscoMobility, future of mobility, infrastructure, mobile, mobile device, Mobile Government, mobile security, mobile workspace, mobility security, network, security, wi-fi, wifi, wireless
This post was co-authored by Andrew Tsonchev.
Two weeks ago we briefly discussed the role of dynamic DNS (DDNS) in a Fiesta exploit pack campaign. Today we further analyze and explore the role of DDNS in the context of cyber attack proliferation and present the case for adding an operational play to the incident response and/or threat intelligence playbook to detect attack pre-cursors and attacks in progress. Read More »
Tags: DDNS, dns, security, TRAC