Lately, a handful of friends and colleagues told me they received an email that claiming that a malicious hacker had installed malware on their computer through a porn site. The email showed one of the recipient’s passwords and explained that the hacker has access to the recipient’s webcam and has a log of all of their keystrokes. Then the hacker gives the recipient two choices:
Ignore the email and a video of the recipient, visiting the porn site will be sent to all of the recipient’s contacts.
Or, pay a ransom in bitcoin, and the hacker will delete the video.
This email scam that has been a popular phishing attack in 2018. As cybersecurity reporter, Brian Krebs, blogged about back in July, “Here’s a clever new twist on an old email scam that could serve to make the con far more believable.”
If you happen to receive one of these emails…
Securing endpoints has always been a challenge as they have been a favorite target of attackers. The problem of vulnerable computers goes far beyond securing your computer and home network. Any Internet connected computer that has been compromised, could be used as part of a botnet to attack and take down other Internet systems or even slow down large parts of the Internet. Cybersecurity is bigger than all of us and is the responsibility of everyone for the good and welfare of the Internet at large.
Over my career, in addition to teaching computer science at the undergraduate and graduate levels at numerous universities, I have also created and managed some corporate cybersecurity education programs. In both I've found that getting the more critical concepts across to people is most effective when the message is personalized and can be applied at home as well as in their work.
Why Network Segmentation Makes Sense in Your Home
Network segmentation is a simple concept that has been used by network administrators for decades, but only recently have we seen a real need to apply this concept in the home. There are a number of contributing factors:
1. The rapid growth of Internet of Things (IoT) devices being added to home networks.
Phishing attacks have long been an effective way for attackers to trick people into divulging sensitive information or infecting a system with malware. Malware can give an attacker remote access to protected systems and networks, encrypt a user’s data and charge a ransom to decrypt the data, or use that system as part of an attack against other systems.
In March of 2017, Google stated that its machine learning models now can detect and stop spam and phishing with 99.9% accuracy. However, this is a cat and mouse game that has been played for years by the spammers/phishers on one side and the spam filter developers on the other side. Once the defenses get better against the latest spam attack methods, the spammers change their tactics to bypass the filters.
Below is an example of a fairly obvious spam email
Use firewalls and firebreaks (network segmentation): Place devices behind firewalls to protect them from untrusted networks, such as the Internet. And, use network segmentation—splitting a network into separate networks that are isolated, not connected—so a compromise in one part of the network won’t compromise the other (i.e. human resources and finance). This works much like a firebreak, which is…
As I am sure you have heard, the FBI is recommending that anyone with a home router or small office router, reboot them. If you are not familiar with this FBI recommendation, then there are a few links at the end, to get you up to speed.
The reason for the FBI's reboot recommendation is that a piece of malware, named VPNFilter, has infected hundreds of thousands of routers all across the Internet. Rebooting an infected router forces the malware to reload which will initiate an attempted connection to malware command and control (C&C) servers. The FBI has already taken control over some, if not all of the C&C servers so the reloading of the malware will do two things.
Phishing is the use of social engineering to obtain personal information for the purposes of identity theft. Phishing typically comes in the form of an email, disguised to look as if it was sent by a trusted source, and requesting personal information or authentication credentials.
As the tools to detect phishing become more effective, the phishing attacks themselves are becoming increasingly advanced and more difficult to identify.
This paper will show how a recent phishing attack from October 31, 2012, is representative of the type of attack that is not detected by spam filters and is likely to trick many recipients.