Thursday, May 31, 2012

Cyber Security: Flame Malware

In recent days there has been much press about the Flame malware being touted as the predecessor to Stuxnet.  I like this article for two reasons, both of which are in the title of the article.  Flame Malware: Boring, Bloated and Yet Still Effective. One thing we have seen over and over again is that many such cyber attacks due lack high levels of sophistication (boring).  On the flip side, hackers ‘targets of opportunities’ tend to lack adequate cyber security protection (attacks are effective).   

Flame Malware: Boring, Bloated and Yet Still Effective

Here are some interesting notes on the Flame malware, at present it is focused on the Middle East.  Flame is a sophisticated toolkit that leaves a backdoor, or Trojan, on computers and can propagate itself through a local network, just like a  worm does. According to a Kaspersky Lab, Flame can sniff network traffic, take screenshots, record audio conversations, log keystrokes and gather information about discoverable Bluetooth devices nearby and turn the infected computer into a discoverable Bluetooth device.




Tuesday, May 15, 2012

Cyber Security: US Corporate Espionage

FBI reports that cyber crimes have cost US companies over $13 Billion in corporate espionage.
If that was not bad enough, there have only been 8 cases of economic espionage convicted since 1996! 

http://www.wjla.com/articles/2012/05/fbi-cracks-down-on-economic-espionage-75896.html

Wednesday, May 9, 2012

Cyber Security: Natural Gas Pipelines under Cyber Attack

According to the Dept. of Homeland Security (DHS). US Natural Gas pipeline have been under sustained cyber attack since December.  The scope of these attacks is yet unkown and may also affect Canadian companies.

4-Month-Long Cyber Attack on Natural Gas Companies - Topix

Thursday, May 3, 2012

Cyber Security Advisor Newsletter

Volume 7 of the Invensys Critical Infrastructure and Security Practice (CISP) newsletter, focuses on Nation States.  While many companies may be focusing on internal threats or rogue hackers.  Recent research has found that IT professionaly globally view Nation-States as a Top-3 threat to their networks.

http://iom.invensys.com/EN/pdfLibrary/CISP%20Apr%202012%20vol%207%20Newsletter.pdf