February 19, 2015 The IWC CIR is an OSINT resource focusing on advanced persistent threats and other digital dangers. APTs fit into a cybercrime category directed at both business and political targets. Attack vectors include system compromise, social engineering, and even traditional espionage. Summary Symantec ThreatCon Level 2 - Medium: Increased alertness This condition applies when knowledge or the expectation of attack activity is present, without specific events occurring or when malicious code reaches a moderate risk rating. There has been a rash of espionage and cyber-attack news leaks over the last few weeks. • Kaspersky found malware in the firmware of hard drives around the world. They issue with this is that at this point, no forensic tools can look at the system area or the code on the drive’s board. It takes special data recovery tools to get to that area, so this make it extremely difficult to detect. Some say this malware has ties to Stuxnet and the NSA. • The hacking group designated “Equation” has been infecting systems since at least 2001. The group’s attacks are some of the most sophisticated attacks seen so far. Some say there are ties to the NSA. • Last year, over 1 billion customer records were stolen from across the industries. • Hackers were reported to have stolen over 1 billion from US & European banks. • Encryption in America could be at risk. Department of Justice is a 1789 'All Writs Act' to try to force vendors into placing back doors into products so law enforcement can access them. extra tipS and videoS The first episode of CIR Special Report was release covering Anthem’s loss of 80 million customer medical records. This can come with possible HIPAA ramifications. The video focuses on responsibility while explaining some of the components of the HIPAA regulation dealing with securing sensitive data. You can view the video here: http://youtu.be/mc3oRBoR2jE. InformationWarfareCenter.com 1 | Page
8
Embed
February 19, 2015 Summary - Information Warfare Center€¦ · 19/2/2015 · February 19, 2015 . The IWC CIR is an OSINT resource focusing on advanced persistent threats and other
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
February 19, 2015 The IWC CIR is an OSINT resource focusing on advanced persistent threats and other digital dangers. APTs fit into a cybercrime category directed at both business and political targets. Attack vectors include system compromise, social engineering, and even traditional espionage. Summary Symantec ThreatCon Level 2 - Medium: Increased alertness
This condition applies when knowledge or the expectation of attack activity is present, without specific events occurring or when malicious code reaches a moderate risk rating.
There has been a rash of espionage and cyber-attack news leaks over the last few weeks. • Kaspersky found malware in the firmware of hard drives around the world. They issue with
this is that at this point, no forensic tools can look at the system area or the code on the drive’s board. It takes special data recovery tools to get to that area, so this make it extremely difficult to detect. Some say this malware has ties to Stuxnet and the NSA.
• The hacking group designated “Equation” has been infecting systems since at least 2001. The group’s attacks are some of the most sophisticated attacks seen so far. Some say there are ties to the NSA.
• Last year, over 1 billion customer records were stolen from across the industries.
• Hackers were reported to have stolen over 1 billion from US & European banks.
• Encryption in America could be at risk. Department of Justice is a 1789 'All Writs Act' to try to force vendors into placing back doors into products so law enforcement can access them.
extra tipS and videoS The first episode of CIR Special Report was release covering Anthem’s loss of 80 million customer medical records. This can come with possible HIPAA ramifications. The video focuses on responsibility while explaining some of the components of the HIPAA regulation dealing with securing sensitive data. You can view the video here: http://youtu.be/mc3oRBoR2jE.