The information security industry has long operated with the premise of two, very different kinds of threats: indiscriminate, cyber criminal activity aimed at making money quick and sophisticated, targeted attacks intended to provide long term competitive advantage to another company (or economy), disrupt the operation of the target or provide a (future) strategic advantage in some kind of cyber conflict. But new research from FireEye suggests that the lines between sophisticated and unsophisticated cyber operations are blurred, making it hard for organizations to know if a given infection is merely bad luck, or evidence of a larger and more dangerous operation. Writing about a new financially motivated hacking crew called Fin6, FireEye said that the group, which targeted point-of-sale systems made off with “millions of payment card numbers.” Still, FireEye said that it couldn’t figure out how the group compromised its victims. “In Mandiant’s investigations of FIN6, the group already […]
In-brief: Following a security breach, Avid Life Media, the parent of Ashley Madison and other adult-focused hookup sites, said that it was on the trail of the culprits. The question is whether ALM and its various properties will survive the incident.
Bloomberg has a story on the collaborative, private sector effort to thwart an industrial hacking campaign linked to Chinese intelligence. The effort, which involved firms like FireEye and iSight Partners “demonstrates for the first time a private-sector model that they believe can move faster than investigations by law enforcement agencies,” the report said. From the article: The take-down largely bypassed traditional law enforcement tools, relying instead on cooperation between companies that are normally fierce competitors. Coalition members — which include Microsoft Corp., Cisco Inc. and Symantec Corp. — say they can act faster than governments because they operate global Internet systems and have business relationships with tens of thousands of companies. Read more via China-Linked Hacking Foiled by Private-Sector Sleuthing – Businessweek.
Headlines about “advanced persistent threats” and targeted attacks have organizations of all sizes concerned. Barely a week goes by without news of a new, stealthy campaign targeting executives, government leaders or platforms used by prominent organizations. But while APT-style and targeted attacks may have the attention of the boardroom, organizations still face a Herculean task determining when an attack they’ve detected is targeted, and when it is merely indiscriminate. To help answer that question, I “hung out” with two experts in detecting and analyzing malicious threats to enterprises. Anup Ghosh is the CEO and co-founder of Invincea, which makes malware detection tools that isolate threats on endpoints. Matt Hartley is the Senior Director, Intelligence Lab Services at iSIGHT Partners, a cyber threat intelligence firm. Both told me that, while targeted attacks are on the rise, awareness about them is also at an all time high. That can, sometimes, result in organizations […]