Information Security News mailing list archives
In cyberattacks, hacking humans is highly effective way to access systems
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 27 Sep 2012 03:32:05 -0500 (CDT)
http://www.washingtonpost.com/investigations/in-cyberattacks-hacking-humans-is-highly-effective-way-to-access-systems/2012/09/26/2da66866-ddab-11e1-8e43-4a3c4375504a_story.html By Robert O’Harrow Jr. The Washington Post Zero Day September 26, 2012 The e-mails arrived like poison darts from cyberspace.Some went to the Chertoff Group, a national security consulting firm in Washington. Others targeted intelligence contractors, gas pipeline executives and industrial-control security specialists. Each note came with the personal touches of a friend or colleague.
“Attach[ed] is a quote for the Social Media training we discussed,” said one message sent on July 3 to the vice president of EnergySec, a federally funded group in Oregon that focuses on the cybersecurity of the nation’s power grid.
But like much of the digital universe, the e-mails were not what they seemed. They were cyberweapons, part of a devastating kind of attack known as “social engineering.”
Emerging details about the e-mails show how social engineering — long favored by con artists, identity thieves and spammers — has become one of the leading threats to government and corporate networks in cyberspace.
[...]
-- ExpandingSecurity.com Live OnLine classes won’t wreck your schedule. Get that cert and be done before 2012 ends. Last ISSAP 2012 class starts Sept. 25th. Last 2012 CISSP and CEH starts Oct. 1: CEH info signup: http://www.expandingsecurity.com/product/ceh-certified-ethical-hacker-online/ CISSP info signup: http://www.expandingsecurity.com/product/cissp-live-online-10-week-course/ ISSAP info signup: http://www.expandingsecurity.com/product/issap-information-systems-security-architecture-professional/
Current thread:
- In cyberattacks, hacking humans is highly effective way to access systems InfoSec News (Sep 27)