{"id":7685,"date":"2015-02-27T10:00:41","date_gmt":"2015-02-27T15:00:41","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=7685"},"modified":"2015-02-27T10:00:41","modified_gmt":"2015-02-27T15:00:41","slug":"hackers-impersonating-it-staff-popular-tactic-in-data-breaches-fireeye-finds","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2015\/02\/27\/hackers-impersonating-it-staff-popular-tactic-in-data-breaches-fireeye-finds\/","title":{"rendered":"Hackers impersonating IT staff popular tactic in data breaches, FireEye finds"},"content":{"rendered":"

\"\"<\/a><\/p>\n

Fresh FireEye research suggests that today’s cyberattackers are becoming smarter about the systems they seek to break, and are commonly using impersonation and social engineering to tap into the most common weakness in the security chain — employees.<\/p>\n

Within FireEye’s sixth annual M-trends report, which tracks the threat landscape and emerging threat actors, the firm says that cybersecurity has now gone beyond the boardroom and has entered the mainstream thanks to the number of high-profile security breaches in 2014. While companies are taking less time to discover a data breach, hackers are smarter about the way they conduct themselves — and a lack of basic security safeguards are leaving businesses vulnerable.<\/p>\n

Over the past year, companies and organizations including US retailer Target, Sony, Staples and JPMorgan have been struck by separate cyberattacks leading to the loss of millions of customer and employee records — including sensitive data, credit cards and personal information which could be used in identity theft.<\/p>\n

Not only do security breaches potentially cost businesses a fortune in damage control, forensics and security improvements, but these firms are also left with a hefty bill in granting affected consumers credit monitoring services and compensation.<\/p>\n

See also: Anthem data breach cost likely to smash $100 million barrier<\/p>\n

The report suggests that a common thread in these data breaches is a lack of basic security protocols, such as two-factor authentication. Retailers may believe their virtual machines are safe, but without two-factor authentication safeguards, a single stolen credential — taken through phishing campaigns or social engineering — can leave an entire network vulnerable.<\/p>\n

“As the events of 2014 demonstrated, there is no such thing as perfect security,” said Kevin Mandia, SVP and COO of FireEye. “Based on the incidents that Mandiant investigated in 2014, threat actors have continued to evolve, up their game, and utilise new tools and tactics to compromise organisations, steal data and cover their tracks.”<\/p>\n

The “M-Trends 2015: A View from the Front Lines” research includes a number of key findings, such as the drop in the average time a company takes to detect a data breach. FireEye’s Mandiant cyberforensics team says that the number of days it takes to discover a breach fell from 205 days in 2014, from a previously estimated 229 in 2013 and 243 in 2012. However, network intrusion can still go undetected for years — in one case, a company which contacted Mandiant in 2014 had been breached for over eight years without knowing.<\/p>\n

As cyberattacks increase in complexity and sophistication, companies do not always have the security teams and expertise in-house to detect them. Another trend across the past 12 months is increased reliance on outside, specialist security companies to detect breaches.<\/p>\n

In 2014, only 31 percent of organisations discovered they were breached via their own resources — down from 33 percent in 2013 and 37 percent in 2012.<\/p>\n

Social engineering, phishing campaigns and the impersonation of legitimate IT personnel are also on the rise. The security firm says that through 2014, FireEye observed hackers impersonating IT staff in 78 percent of phishing schemes directed at companies, in comparison to just 44 percent in the previous year.<\/p>\n

Several highlights of new and more innovative tactics employed by cybercriminals targeting a business are below:<\/p>\n

Read more: Hackers impersonating IT staff popular tactic in data breaches, FireEye finds | ZDNet<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Fresh FireEye research suggests that today’s cyberattackers are becoming smarter about the systems they seek to break, and are commonly […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7,10],"tags":[247,455],"class_list":["post-7685","post","type-post","status-publish","format-standard","hentry","category-security","category-technology","tag-cyberattacks","tag-hacking"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1ZX","jetpack-related-posts":[{"id":7586,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/02\/06\/sneaky-linux-malware-comes-with-sophisticated-custom-built-rootkit\/","url_meta":{"origin":7685,"position":0},"title":"Sneaky Linux malware comes with sophisticated custom-built rootkit","author":"NCCT","date":"February 6, 2015","format":false,"excerpt":"A malware program designed for Linux systems, including embedded devices with ARM architecture, uses a sophisticated kernel rootkit that\u2019s custom built for each infection. The malware, known as XOR.DDoS, was first spotted in September by security research outfit Malware Must Die. However, it has since evolved and new versions were\u2026","rel":"","context":"In "Linux"","block_context":{"text":"Linux","link":"https:\/\/nccomputertech.com\/techtalk\/category\/linux\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8751,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/11\/16\/state-sponsored-cyberspies-inject-victim-profiling-and-tracking-scripts-in-strategic-websites\/","url_meta":{"origin":7685,"position":1},"title":"State-sponsored cyberspies inject victim profiling and tracking scripts in strategic websites","author":"NCCT","date":"November 16, 2015","format":false,"excerpt":"By Lucian Constantin | PCWorld Web analytics and tracking cookies play a vital role in online advertising, but they can also help attackers discover potential targets and their weaknesses, a new report shows. Security researchers from FireEye have discovered an attack campaign that has injected computer profiling and tracking scripts\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8385,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/06\/04\/security-breaches-a-monthly-headache-for-firms-deliberate-targeting-on-the-rise-cost-of-cleaning-up-doubles\/","url_meta":{"origin":7685,"position":2},"title":"Security breaches a monthly headache for firms, deliberate targeting on the rise, cost of cleaning up doubles","author":"NCCT","date":"June 4, 2015","format":false,"excerpt":"Image: Wessel du Plooy\/iStock A growing number of companies are being subjected to increasingly sophisticated attacks on their systems, as the cost of recovering from these assaults continues to rocket. According to the 2015 Information Security Breaches Survey report commissioned by the UK government, 90 percent of large organisations reported\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6833,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/11\/12\/ios-security-hole-allows-attackers-to-poison-already-installed-iphone-apps\/","url_meta":{"origin":7685,"position":3},"title":"iOS security hole allows attackers to poison already installed iPhone apps","author":"NCCT","date":"November 12, 2014","format":false,"excerpt":"Security researchers have warned of a security hole in Apple's iOS devices that could allow attackers to replace legitimate apps with booby-trapped ones, an exploit that could expose passwords, e-mails, or other sensitive user data. The \"Masque\" attack, as described by researchers from security firm FireEye, relies on enterprise provisioning\u2026","rel":"","context":"In "Apple"","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/11\/masque-attack-example-640x613.jpg?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/11\/masque-attack-example-640x613.jpg?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/11\/masque-attack-example-640x613.jpg?resize=525%2C300 1.5x"},"classes":[]},{"id":6341,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/09\/02\/why-hackers-may-be-stealing-your-credit-card-numbers-for-years\/","url_meta":{"origin":7685,"position":4},"title":"Why hackers may be stealing your credit card numbers for years","author":"NCCT","date":"September 2, 2014","format":false,"excerpt":"While conducting a penetration test of a major Canadian retailer, Rob VandenBrink bought something from the store. He later found his own credit card number buried in its systems, a major worry. The retailer, which has hundreds of stores across Canada, otherwise had rock-solid security and was compliant with the\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2988,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/07\/22\/data-breaches-hit-2-5-million-in-california-in-2012-report-says\/","url_meta":{"origin":7685,"position":5},"title":"Data breaches hit 2.5 million in California in 2012, report says","author":"NCCT","date":"July 22, 2013","format":false,"excerpt":"In the first report of its kind, California's Attorney General, Kamala D. Harris, revealed last week that 2.5 million people\u2014roughly 6.5 percent of the state's population\u2014were exposed by data breaches in 2012. California has always been the go-to state for innovative technologies. A law passed in 2009 requires data breaches\u2026","rel":"","context":"In "Networking"","block_context":{"text":"Networking","link":"https:\/\/nccomputertech.com\/techtalk\/category\/networking\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/7685","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=7685"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/7685\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=7685"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=7685"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=7685"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}