Sophisticated Attack on Nuke Lab - Spam and Phishing Lures Still Malware Threat
The browser is a prime method for distributing malware, especially through drive by downloads from compromised sites. This doesn't mean email is no longer a problem as a couple of stories make clear. The first is from the New York Times and the second is from SearchSecurity.
The NYT reports this morning that Oak Ridge National Laboratory in Tennessee was subject to "sophisticated attacks" including 1,100 targeted emails to employees.
“At this point, we have determined that the thieves made approximately 1,100 attempts to steal data with a very sophisticated strategy that involved sending staff a total of seven ‘phishing’ e-mails, all of which at first glance appeared legitimate,” he [Thom Mason, laboratory director] wrote in an e-mail message sent to employees on Monday. “At present we believe that about 11 staff opened the attachments, which enabled the hackers to infiltrate the system and remove data.”
No classified data was compromised but the investigation into the breach is still under way.
The US-CERT advisory, which was not made public, stated: “The level of sophistication and the scope of these cyber security incidents indicate that they are coordinated and targeted at private sector systems.”The US-CERT memo referred to the use of e-mail messages that fool employees into clicking on documents that then permit attackers to plant programs in their computers. These programs are then able to copy and forward specific data — like passwords — to remote locations.
The second story of the day about emails, social engineering and human error summarizes on view on the threats in this way:
"You could have the best practices in place … but we find in more cases than not that its human error, not machine error that causes the problems you see today," Kessler [a computer forensics expert and accounting fraud investigator] said.
The article goes on to argue that the type of sophisticated, targeted attack on the Oak Ridge lab is not an anomaly:
Today nearly everyone is affected by cybercriminals, Kessler said. The latest report supports Kessler's observation. Global spam volumes have doubled this year to 120 billion messages daily, according to a new report from Cisco Systems-owned ironport Systems. And the messages are getting more sophisticated as spammers target employees with email that looks valid but is designed to spread malware and steal sensitive information.
What do you do when best practices are not enough? Kessler recently bought insurance to mitigate the threat of a data breach.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
