Page 3 - index
P. 3
Ashley Madison Breach is Tip of the Iceberg
Friends,
This breach is making headlines, daily. The most interesting part of
this breach is how the email addresses are being broken down by
country, by company, by government agency.
This is the real news – being compromised is one thing but leading
your PII on an immoral cheaters dating site back to your company or
government agency is an even bigger issue. There will be continued
fallout on this throughout the year.
Both Gary Miliefsky, our Executive Producer and I believe this breach was not from a large
cybergang but possibly one or two insiders and most likely the one leading the hack could have
been a female IT consultant or employee. You just have to read through the messaging to see
how the writing style gives these tips or pointers. John McAfee did an excellent analysis on this
that shows we three are in agreement.
What’s really sad about this breach is that the exposure of the data is destroying lives – two
suicides have been attributed to this breach and there are many divorces under way. Stay
tuned on this matter as it continues to grow until so many government agencies cooperating and
an open offer of a reward, will lead to the capture of the Impact Team, aka, the Ashley Madison
hackers.
On that note, we’ve focused this edition on how to become more proactive against becoming
the next victim. Most PR folks and CIOs of breached organizations use the same false
messaging “it was a sophisticated attack” when in reality, a majority of breaches are due to
failed INFOSEC TRAINING against social engineering and spear phishing attacks as well as
improper guarding against ZERO-DAY malware and simple Remote Access Trojans (RATS).
So, again, we see the sophistication of breaches is simply a malicious insider or a victim
insider. In either case, these can be proactively defended against and mitigated.
Please enjoy this August edition with our thoughts and prayers going out to the Ashley Madision
breach victims – nothing is that serious that it is worth suicide and there are healthy alternatives
to divorce. This breach is the tip of the iceberg. It’s time you, the IT professional, become the
tip of the spear in proactivity, system and network hardening, cyber intelligence and best
practices for your entire organization so you too do not suffer a ‘sophisticated attack’ that
successfully breaches your organization and the theft of your confidential data.
To our faithful readers, Enjoy
Pierluigi Paganini
Pierluigi Paganini, Editor-in-Chief, [email protected]
3 Cyber Warnings E-Magazine – August 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide