535 Connecticut Ave. Suite 104
Norwalk, CT 06854
Empire State Building
350 Fifth Avenue, 59th fl.
New York City, NY 10118

Featured Article

November 27, 2017

40% of Government and Military Figures Targeted by Fancy Bear Russian Cyberattack Clicked Links

In what has to be a wake-up call for corporate America, a recent AP story on Russian hackers targeting U.S. military and government officials showed 131 people out of 312 clicked Russian Fancy Bear links sent to them or about two in five.

Here are some takeaways:

Even at the highest levels in our government, the FBI did not always notify people were breach targets or had been breached. The reasons for this could be perhaps not tipping off the hackers or that the FBI is short-staffed - a senior official admits they are overwhelmed.

This would make sense as a few AP reporters did a good amount of investigating and seem to have been the first entity to have done so.

Here is an excerpt:

The AP found few traces of the bureau’s inquiry as it launched its own investigation two months ago.

In October, two AP journalists visited THCServers.com , a brightly lit, family-run internet company on the former grounds of a communist-era chicken farm outside the Romanian city of Craiova. That’s where someone registered DCLeaks.com, the first of three websites to publish caches of emails belonging to Democrats and other U.S. officials in mid-2016.

DCLeaks was clearly linked to Fancy Bear. Previous AP reporting found that all but one of the site’s victims had been targeted by the hacking group before their emails were dumped online.

Yet THC founder Catalin Florica said he was never approached by law enforcement.

“It’s curious,” Florica said. “You are the first ones that contact us.”

THC merely registered the site, a simple process that typically takes only a few minutes. But the reaction was similar at the Kuala Lumpur offices of the Malaysian web company Shinjiru Technology , which hosted DCLeaks’ stolen files for the duration of the electoral campaign.

The company’s chief executive, Terence Choong, said he had never heard of DCLeaks until the AP contacted him.

“What is the issue with it?” he asked.

Back in 2014, FBI Director Jim Comey has said all of the Fortune 500 has been hacked by the Chinese – that was three years ago. Today, there are a lot more attackers with better methods of attack.

We wanted to be able to tell you when the FBI determines they should contact someone about hacks or potential hacks. We asked them but their press contact who did not immediately respond. We also asked other sources in the know and will update this post with positive responses.

The bottom line is, all companies and individuals are targets of international hacking and you have to take every precaution to protect yourself. 

Remember, 70% of people said they will stop doing business with a company if they experience a breach. There is a lot at risk.

Here are some of the areas all organizations looking to promote a cybersecurity culture need to focus on.

1.    Cybersecurity training must be done regularly.

2.    Auditing and documentation must be performed regularly to ensure systems are secure.

3.    Anomaly detection should be running constantly to detect threats as they emerge.

4.    Penetration testing shows if systems can easily be reached from the outside. Here is a case where this test might have saved two company’s’ reputations from being destroyed.

5.    Network forensics for when a breach eventually occurs. The bad guys always seem to get in eventually.

6.    An action plan to follow when a breach does occur. Once it happens, few will have the clear heads needed to “wing it” correctly. Equifax botched it’s response in what is being called a PR catastrophe.

To ensure your organization is safe – even if you have internal IT, hire an experienced MSP or MSSP like Apex Technology Services.







Comments powered by Disqus

Related Articles