The Cyber Threat in 2015: 10 Twists on Hackers’ Old Tricks

Eugene Sergeev/Shutterstock.com

Featured eBooks
Digital Transformation
Read Now

Federal IT Modernization Still a Major Challenge

Read Now

DHS’ next chapter as an enterprise services provider

Read Now

What's happening in health tech

Read Now
Aliya Sternstein By Aliya Sternstein,
Senior Correspondent

By Aliya Sternstein

|

From wiper attacks to cyber extortionists, here are some "old faves and new twists" feds should be mindful of.

Hacking trends are not like fashion fads. They don't go in and out each year. They withstand defenses by advancing, in terms of stealth and scope.

So there will be no 2015 "What’s Hot and What’s Not" list of cyber threats confronting federal agencies.

Instead, here is a list of hacker "Old Faves and New Twists" feds should be mindful of.

Old Fave #1: Distributed Denial of Service, or DDoS, attacks that shut down agency systems temporarily by bombarding them with bogus traffic

New Twist: Wiper attacks that destroy and leak government data. A wiper virus allegedly was used against Sony to copy and erase company hard drives

This development is not new. In 2012, bad guys wielded the so-called Shamoon virus to wipe clean 30,000 employee work stations at Saudi Aramco, Saudi Arabia’s state-owned oil company.

What is new is the potential magnitude of the devastation, says Dave Aitel, a former NSA computer scientist. "I would say this is the No. 1 threat that U.S. corporations, critical infrastructure, state-local governments and the federal government should be concerned with," he says.

Trend Micro Chief Cybersecurity Officer Tom Kellermann, a former World Bank data risk analyst, puts it bluntly: Now, "hackers burn the house down after burglarizing it.”

Experts still expect DDoS attacks to pose a threat, as they evolve in sophistication. There is a growing underground market for "rent-a-bots," hordes of hacked computers that criminals can borrow, for a fee, to amplify their attacks, Aitel says.

"DDoS extortion and DDoS as cover for a more serious attack," such as data removal, "are just a few updates on an old attack that should be taken seriously going forward," he says.  

Old Fave #2: Malicious insiders who leak data, like ex-federal contractor Edward Snowden and former soldier Chelsea Manning, who both exposed classified intelligence

New Twist: Unwitting insiders who leak data, including third-party contractors who leave network passwords lying around

"Everybody is worried about service providers, from the HVAC providers to professional services firms," says Alan Raul, lead for Sidley Austin's privacy, data security and information law practice. Target’s HVAC vendor, for example, allegedly fell for a phishing email that stole his passcode to the retailer’s payment system.

That said, Raul and other analysts stress agencies still should be worried about willful leakers. "Wikileaks, in my view, is one of the first cyber weapons we’ve seen," says Aitel, now chief executive officer of security consultancy Immunity, referring to the website to which Manning spilled secrets.

Old Fave #3: Retailer payment system infections that scrape credit card data

New Twist: Feds fight back with chip-and-PIN government purchase cards.

"If PIN and chip, or PIN and sign, were to come into force as the government has mandated for federal credit card usage," under an October presidential executive order, "that should make point-of-sale scraping less risky . . . with any luck, we will be moving away from that," says Raul, a former vice chairman of the White House Privacy and Civil Liberties Oversight Board.

Old Fave #4: Criminals bust agency networks to steal personal information so they can sell it to identity thieves

New Twist: Extortionists break into networks to steal business data so they can blackmail organizations with it. Ask Sony about this.

Criminal groups will find it harder to make money off filched IDs, as personal information becomes better protected and chip-and-PIN payment cards reduce fraud, says Chris Finan, former White House cyber adviser and cyberwarfare planner for the Defense Advanced Research Projects Agency.

However, as C-suites grow increasingly concerned about leaks denting reputations, hackers who hold sensitive data hostage will reap rewards, he says.

Old Fave #5: Piercing cloud servers to steal credentials stored in bulk on the Web

New Twist:  Raiding a multitude of individuals’ smartphones for data stored inside the device itself, in apps like ApplePay and Bitcoin wallets

“Consumers will increasingly host payment data on mobile devices as more convenient mobile payment methods gain adoption,” says Finan, now head of cyber startup Manifold Security. “Malware that rips payment credentials from mobile devices at scale will become more prevalent, as batch extraction from central servers becomes more difficult.”

Old Fave #6: Hackers redirect news website visitors, including federal employees, to evil, impostor websites

New Twist: Hackers pollute legitimate news sites with invisible malware that gloms on to government computers

Kellermann’s research points to a 600 percent increase in these “watering hole” attacks this year.

Old Fave #7: Attackers hijack systems remotely through the Web

New Twist: Attackers command systems through online and real-world trespassing

"Think a possible attack on an electrical substation," says Mike McNerney, a security consultant at Delta Risk who previously served as a cyber policy adviser for the secretary of defense.

Old Fave #8: Stealing intellectual property to use for competitive advantage, as in the many cases where Chinese nationals allegedly stole IP from U.S. companies and agencies

New Twist: "Using information itself as a weapon to embarrass, intimidate or extort,” McNerney says

Old Fave #9: Terrorist organizations, like al Qaida, recruit extremists through social networks

New Twist: Terrorists corrupt computer networks

"While a significant computer network attack capability -- at least on par with major nation states -- may not be within the reach of organizations such as ISIS in the very near term, they may increasingly turn to cyber extortion as a means to supplement their kidnapping and ransom business," says Frank Cilluffo, director of the Homeland Security Policy Institute at George Washington University. This could mean injecting "ransomware" that freezes a computer's data until the victim divulges certain information, in essence kidnapping data.  

Old Fave #10: Cyber gangs expand their criminal networks to move stolen IDs and cash

New Twist: Cyber gangs team with the real-world mafia to move product

"As the physical and cyber domain converge, so too will organized crime -- old criminal organizations will increasingly cooperate with their newer tech savvy criminal counterparts," says Cilluffo, who served as a special assistant to President George W. Bush. Russian organized crime “will take on even greater significance in both the cyber and physical domain in the days ahead.”

(Image via Eugene Sergeev/Shutterstock.com)

NEXT STORY: Merkel Aide Allegedly Hacked by U.S.-Made Spyware

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.