'[ISN] In cyberattacks, hacking humans is highly effective way to access systems'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] In cyberattacks, hacking humans is highly effective way to access systems
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2012-09-27 8:32:05
Message-ID: alpine.DEB.2.02.1209270331470.14271 () infosecnews ! org
[Download RAW message or body]

http://www.washingtonpost.com/investigations/in-cyberattacks-hacking-humans-is-highly- \
effective-way-to-access-systems/2012/09/26/2da66866-ddab-11e1-8e43-4a3c4375504a_story.html


By Robert O'Harrow Jr.
The Washington Post
Zero Day
September 26, 2012

The e-mails arrived like poison darts from cyberspace.

Some went to the Chertoff Group, a national security consulting firm in 
Washington. Others targeted intelligence contractors, gas pipeline 
executives and industrial-control security specialists. Each note came 
with the personal touches of a friend or colleague.

"Attach[ed] is a quote for the Social Media training we discussed," said 
one message sent on July 3 to the vice president of EnergySec, a 
federally funded group in Oregon that focuses on the cybersecurity of 
the nation's power grid.

But like much of the digital universe, the e-mails were not what they 
seemed. They were cyberweapons, part of a devastating kind of attack 
known as "social engineering."

Emerging details about the e-mails show how social engineering — long 
favored by con artists, identity thieves and spammers — has become one 
of the leading threats to government and corporate networks in 
cyberspace.

[...]



--
ExpandingSecurity.com Live OnLine classes won&#8217;t wreck your schedule.
Get that cert and be done before 2012 ends. Last ISSAP 2012 class starts
Sept. 25th. Last 2012 CISSP and CEH starts Oct. 1:
CEH info signup: http://www.expandingsecurity.com/product/ceh-certified-ethical-hacker-online/
 CISSP info signup: http://www.expandingsecurity.com/product/cissp-live-online-10-week-course/
 ISSAP info signup: http://www.expandingsecurity.com/product/issap-information-systems-security-architecture-professional/ \




[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic