Page 22 - Cyber Warnings
P. 22
lure targets into giving them sensitive information. Attackers are expected to continue to
use these methods into 2017 to target users.
In the meantime, we must continue to put efforts into educating our colleagues on how to
make smart decisions online. Being pro-active on this front is paramount. Enlist a third-
party to test your organization's mettle when it comes to social engineering campaigns.
Use them to identify your employees that could use a little extra help protecting
themselves, and your company, online. The harder it becomes for an attacker to exploit
a weakness the more likely they will be to move onto to an easier target. The goal is to
make your organization just a little harder to get access to than the one across the
street.
III. The use of Cyber as a domain of war will further influence the advanced capabilities of
weaponized exploits as tools created by nation-state sponsored collectives are released, or
leaked, into the wild.
We all remember Stuxnet, the American-
Israeli cyberweapon that targeted Siemens
SCADA systems in order to fubar the
uranium enrichment infrastructure in Iran.
Can you believe that was roughly six years
ago already? Then Duqu in 2011, then
Flame in 2012, both variants relating to
Stuxnet. They were sophisticated, targeted,
and successful.
However, the inherent value of Stuxnet’s existence is questionable. Sure it did a thing,
and that thing had a purpose at the time, but five years later we have the Iran Nuclear
Framework Deal which pretty much sanctions the activity that Stuxnet sought to disrupt.
(assuming Iran always had peaceful intentions with their enrichment programs) So the
direct effects of the operation seem to be nill, yet the indirect effects are numerous.
The tool itself set a baseline blueprint for modeling future cyber attacks, creating
advanced malware, and leaving many wondering if it did more harm than good. Criminal
organizations that may not have had the resources to create a payload of that caliber,
but do have the chops to reverse engineer one, were delivered an excellent specimen to
analyze. Remember, that was six years ago, and since then malware has evolved
tremendously.
In August of this year, a group calling themselves the Shadow Brokers publicly dumped
teaser files of tools they claimed to have obtained that belonged to The Equation Group,
an NSA-linked hacking organization. They hosted an auction for the full release of their
collection, which seemed to get little interest. However, there was confirmation from
22 Cyber Warnings E-Magazine February 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
