Let's dig in deeper to understand the threat of this scale of cyber crime. Part 2/2 - My full post: geekbeacon.org/announcements/preview-ru-hacking-cyber-attacks-pt-2-how-theyre-doing-it-why-should-we-care/ " In cyberspace, a volunteer Ukrainian cyber army, hacktivists and cybercriminals are battling for impact in an increasingly chaotic information war." #cyberattack #cybersecurity
Video Chapter Guide:
0:00 - Intro, About Me
0:41 - Phishing and Spearphishing
1:58 - Spearphishing
4:55 - Physical Access
5:43 - Credential Stuffing and Bruteforcing
7:18 - How to Use Privacy Best Practices
11:58 - How Russian and Ukraine are Handling Things - The IT Army!
15:04 - Use a VPN!
I love the newest Data Broker episode from John Oliver! He discusses how much data brokers know about us, what they’re doing with our personal information, and one….unusual way to change privacy laws.
Transcript excerpt: What we've learned is that a series of cleared defense contractors, or CDCs, have been extensively infiltrated with lurker accounts. A CDC is a private entity that has been given clearance by the Department of Defense to access, receive, or store classified information. So the contractors that work with our nation's military, who have access to some of the most current and most sensitive information available, have been subject to credential stuffing as well as spear-phishing campaigns. Credential stuffing is something I've explored before, but it was long enough ago that I'm gonna go over it again real quick. You know those widely publicized data breaches from megacorps like Facebook or LinkedIn? If compromised, all your tenda data nuggets such as account access information like username and password combos are traded or sold from huge lists. An attacker takes this access data and applies it to other services in massive batches in the hopes that some users will have used the same credentials. So if you're reusing username and password combinations, or even just passwords, you're a viable target to this kind of tactic. Even though credential stuffing has a surprisingly low rate of success, because attackers can automate the process with bots they can launch more attacks more quickly the overall volume can make it worth it. Even if the profitable data the attackers acquire isn't something immediate like credit card or banking information, other sensitive information can be used later in more effective phishing attacks. As an end-user, one of the best and most effective things you can do to protect yourself from credential stuffing attacks is to always avoid password reuse! It seems obvious, but you'd be surprised how many people slip into the habit. In addition to using a unique, strong password with each service, enabling two-factor authentication when available provides an extra layer of security. I even have an awesome video on password reuse and why you shouldn’t do it.. But anyway…
Over the course of two years, hackers have been successfully targeting CDCs that handle contracts for the US Department of Defense and intelligence community. These lurkers have maintained access to networks, often for months, gathering and exfiltrating huge quantities of data. I'm talking about emails between employees, between the companies and other companies, documents relating to the company's products and research. CDCs that have information relating to the most current technological and scientific workings of the United States Department of Defense and so, so much of it has been harvested. Everything from proprietary details to specific technologies, infrastructure plans, even development and deployment timelines for US weapons-platforms. The Cybersecurity and Infrastructure Security Agency, (CISA), released a joint cybersecurity advisory with the FBI and NSA, imploring private sector partners and the public to "implement good cyber hygiene".