{"id":418,"date":"2012-12-24T10:26:24","date_gmt":"2012-12-24T15:26:24","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=418"},"modified":"2012-12-24T10:26:24","modified_gmt":"2012-12-24T15:26:24","slug":"security-experts-warn-of-january-effect-cyberattacks-pcworld","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2012\/12\/24\/security-experts-warn-of-january-effect-cyberattacks-pcworld\/","title":{"rendered":"Security experts warn of 'January Effect' cyberattacks"},"content":{"rendered":"

\"\"<\/a><\/p>\n

The world didn’t end with the Mayan calendar. But it still might be a good idea for those in the information security business to be wary of this time of year.
\nJeffrey Carr, an author on cyberwarfare and founder and CEO of Taia Global, noted in a post on Infosec Island this week that he has noticed a major breach or act of cyber warfare that kicks off the New Year\u2014every year since 2009.
\nCarr calls it “The January Effect,” a well-established term in the investment world that refers to an expected price rise in securities after the first of the year. The effect, he said, is viewed as an opportunity for the bad guys.
\nHe listed four major events as evidence:
\nDecember 2008 – January 2009: Operation Cast Lead, a land war between Israel and Hamas that included thousands of simultaneous cyberattacks.
\nDecember 2009 – January 2010: Google and 20-plus other companies were breached.
\nJanuary 2011 (approximate) – March 2011: RSA was breached sometime early in 2011, and announced it on March 17, 2011.
\nJanuary 2012: A hacker announced that he had Symantec’s source code for Norton and other products.
\n“It may start in December and then get publicized in January, or happen in January and get publicized a bit later but it has happened four years in a row now so I fully expect it to occur once again,” he wrote.
\n[See also: The 15 worst data security breaches of the 21st Century]
\nSome other security experts say they don’t dispute the events presented, but aren’t sure they stand out as all that different from other major attacks during the rest of a given year.
\n“The facts are what they are,” said Jody Westby, CEO of Global Cyber Risk. “What is missing is any comparison with other months of the year. Was January really that different? We have had so many high profile incidents, in part because they are now more openly reported and media picks up on them more.”
\nAlways hacking season
\nJohn Prisco, CEO of Triumfant, agreed that there are major attacks at the beginning of the year, but said hackers never take a break. “If you look at the year-round nature of some of the major breaches in 2011 and 2012\u2014Sony, Epsilon, Global Payments, SC Dept. of Revenue\u2014clearly, they didn’t all happen in January.”
\nCarr told CSO Online that while major attacks are ongoing, those he cited were unique. “Operation Cast Lead, which contained a military and a cyber component, is very rare,” he said. And the two involving RSA and Symantec are unique because they happened to major security firms.
\nHe said it makes sense that attackers would ramp up their efforts at this time of year because people are on vacation. “You’ve got second- and third-tier security people working, while those in the first tier are enjoying the holidays,” Carr said.
\nThere is agreement that holiday season vacations are a factor. “There are more people logging into company networks from home computers, which are not as secure as corporate computers, during the holiday season, and cybercriminals know that there are few IT staff working during the holiday,” said David Nevin, vice president at TaaSera. “So, it’s a good time to launch an attack. It’s not really a January Effect, it’s a Global Holiday effect.”
\nBut Mike Murray, managing partner of MAD Security and also of the Hacker Academy, said he thinks it is more a matter of everything slowing in December and then picking up in January. “Even the bad guys take vacations,” he said. “So, we have fewer cybersecurity resources looking for stuff happening right now, and fewer bad guys trying to do damage. But everybody comes back in early January.”
\nCarr said he has no idea what the next attack will be, or where it will come from. Since writing his post he has heard no rumors. “Any serious attack is not going to be discussed in a public forum,” he said. But, as he concluded in his post, he’s “confident that it’ll be something impressive.”
\nvia Security experts warn of ‘January Effect’ cyberattacks | PCWorld<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

The world didn’t end with the Mayan calendar. But it still might be a good idea for those in the […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7,10],"tags":[655,950],"class_list":["post-418","post","type-post","status-publish","format-standard","hentry","category-security","category-technology","tag-malware","tag-security-2"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-6K","jetpack-related-posts":[{"id":7685,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/02\/27\/hackers-impersonating-it-staff-popular-tactic-in-data-breaches-fireeye-finds\/","url_meta":{"origin":418,"position":0},"title":"Hackers impersonating IT staff popular tactic in data breaches, FireEye finds","author":"NCCT","date":"February 27, 2015","format":false,"excerpt":"Fresh FireEye research suggests that today's cyberattackers are becoming smarter about the systems they seek to break, and are commonly using impersonation and social engineering to tap into the most common weakness in the security chain -- employees. Within FireEye's sixth annual M-trends report, which tracks the threat landscape and\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5579,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/05\/13\/linux-gets-fix-for-code-execution-flaw-that-was-undetected-since-2009-ars-technica\/","url_meta":{"origin":418,"position":1},"title":"Linux gets fix for code-execution flaw that was undetected since 2009","author":"NCCT","date":"May 13, 2014","format":false,"excerpt":"Maintainers of the Linux kernel have patched one of the more serious security bugs to be disclosed in the open source operating system in recent months. The five-year-old code-execution hole leaves computers used in shared Web hosting services particularly vulnerable, so users and administrators should make sure systems are running\u2026","rel":"","context":"In "Linux"","block_context":{"text":"Linux","link":"https:\/\/nccomputertech.com\/techtalk\/category\/linux\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/05\/rockhopper_penguin_sick-640x807.png?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/05\/rockhopper_penguin_sick-640x807.png?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/05\/rockhopper_penguin_sick-640x807.png?resize=525%2C300 1.5x"},"classes":[]},{"id":7570,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/02\/05\/malicious-advertisements-on-major-sites-compromised-many-many-pcs\/","url_meta":{"origin":418,"position":2},"title":"Malicious advertisements on major sites compromised many, many PCs","author":"NCCT","date":"February 5, 2015","format":false,"excerpt":"Attackers who have slipped malicious advertisements onto major websites over the last month have potentially compromised large numbers of computers. Several security vendors have documented attacks involving malicious advertisements, which automatically redirect victims to other websites or pages that silently attack their computer and install malware. \u201cWe certainly see malvertising\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6649,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/10\/16\/security-firm-discovers-windows-zero-day-claims-russian-hackers-used-it-to-target-nato-ukraine\/","url_meta":{"origin":418,"position":3},"title":"Security firm discovers Windows zero-day, claims Russian hackers used it to target NATO, Ukraine","author":"NCCT","date":"October 16, 2014","format":false,"excerpt":"A Russian hacking group has been exploiting a security flaw in Microsoft Windows to spy on NATO, the Ukrainian government, the European Union, an American academic organization, and companies in telecommunications and energy sectors, according to cyber intelligence firm iSight Partners. The group, which has been active since at least\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3013,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/07\/25\/cybercrime-drains-up-to-140-billion-from-the-us-economy-anually\/","url_meta":{"origin":418,"position":4},"title":"Cybercrime drains up to $140 billion from the US economy anually","author":"NCCT","date":"July 25, 2013","format":false,"excerpt":"A new study from the Center for Strategic and International Studies, with help from McAfee, has revealed the cost of cybercrime on the United States economy: as much as $140 billion and half a million jobs each year. Or at least \"that's our best guess\", according to James Andrew Lewis,\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7480,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/01\/20\/nsa-secretly-hijacked-existing-malware-to-spy-on-n-korea-others\/","url_meta":{"origin":418,"position":5},"title":"NSA secretly hijacked existing malware to spy on N. Korea, others","author":"NCCT","date":"January 20, 2015","format":false,"excerpt":"A new wave of documents from Edward Snowden's cache of National Security Agency data published by Der Spiegel demonstrates how the agency has used its network exploitation capabilities both to defend military networks from attack and to co-opt other organizations' hacks for intelligence collection and other purposes. In one case,\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/01\/grand-peoples-study-house-computer-lab-640x436.jpg?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/01\/grand-peoples-study-house-computer-lab-640x436.jpg?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/01\/grand-peoples-study-house-computer-lab-640x436.jpg?resize=525%2C300 1.5x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/418","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=418"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/418\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=418"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=418"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=418"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}