funsec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Cyber Spies Target Silent Victims

From: 劉主任培文 <pwl () icst org tw>
Date: Wed, 12 Sep 2007 12:52:40 +0800
End users are almost sitting duck when bad guy using spear phishing as a tool to penetrate. 
We have observed this kinds of attacks in Taiwan government network for more than 3 years.

Perry Liu

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Paul Ferguson
Sent: Wednesday, September 12, 2007 12:04 PM
To: funsec () linuxbox org
Subject: [funsec] Cyber Spies Target Silent Victims

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Via Forbes.com.

[snip]

The U.S. Department of Defense confirmed last week that cyberspies have been sifting through some government computer 
systems. What wasn't said:
The same spies may have been combing through the computer systems of major U.S. defense contractors for more than a 
year.

"There's been a massive, broad and successful series of attacks targeting the private sector," says Alan Paller, 
director of the SANS Institute, a Bethesda, Md.-based organization that hosts a response center for companies with 
cybersecurity crises. "No one will talk about it, but companies are creating a frenzy trying to stop it."

Paller believes that the 10 most prominent U.S. defense contractors--including Raytheon, Lockheed Martin, Boeing, and 
Northrop Grumman--have, for the past 14 months, been the victims of the same sort of cyberespionage that has recently 
plagued the Pentagon.

He and other experts warn that the classified military technology research held by these private sector companies is 
even more vulnerable to hackers than the data stored on government computers. And while the U.S. government publicizes 
its security breaches, researchers say these commercial contractors almost always keep their data losses out of the 
public eye.

[snip]

More:
http://www.forbes.com/2007/09/11/cyberspies-raytheon-lockheed-tech-cx_ag_09
11cyberspies.html

- - ferg


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFG52URq1pz9mNUZTMRApuCAJ4xKL2VTFrq6h/8QjDmyxtMTqyY6QCgkZ2N
5EPnzP1c4CtClx08Lo/hsLw=
=GaDW
-----END PGP SIGNATURE-----

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet  fergdawg(at)netzero.net  ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: