API: Learn Who to Trust

Wednesday, November 8, 2017 @ 03:11 PM gHale


By Gregory Hale
Every week, it seems, brings a new series of attacks and a boatload of new victims, but what is at issue is people are becoming numb to the constant barrage of assaults.

What is also at issue is the bad guys are becoming more sophisticated and focusing their attacks on specific victims.

RELATED STORIES
API: Cyber-Informed Engineering
How to Find an APT Attack
Cyber PHA Secures Safety
IT/OT Convergence, a SANS Focus

“There is a rise of criminal groups on the dark web,” said James Morrison, a computer scientist at the FBI during his Tuesday presentation, entitled “Cyber Threat Landscape for the Oil and Gas Industry” at the 12th Annual API Cybersecurity Conference in Houston, TX. “They are targeting you, they are targeting subcontractors and your law firms.”

Another focus of attacks is coming from developing nations that want the technology and knowledge established countries and companies possess.

“We have become aware these guys are going after what you have. They are attacking your subcontractors. Companies have to start pushing cybersecurity down to them. They are becoming targets.”

During his talk, Morrison brought up various types of attacks. One of those attacks was an insider threat.

In one case he found an attacker was being hired out as a temp at one targeted company at a time and “was robbing the companies blind,” Morrison said. He would get into the system and find the key areas and take whatever he wanted.

Another insider threat problem is when a company announces layoffs.

“A company will announce on Wednesday they are laying off people on Friday and you have just introduced an insider threat problem.”

Another interesting attack was when a sandwich shop fell victim to an attack. An attacker found people would wear company badges when they visited the eatery at lunch time. The attacker would be able to get employee IDs from the badge and that would be the beginning of an attack.

An old, but true attack method is still strong today.

“Phishing is still a big thing,” Morrison said. “You know why it is still a big thing? Because it works.”

One other attack method reaching new levels is ransomware.

Ransomware will grow to a $5 billion business this year. “Ransomware is out of control,” he said.

A typical attack usually begins with a phishing email or a social engineering attack, he said.

One approach to fend off an attack is to back up your system.

“It all comes down to backups, but have you ever tested your back up?” Morrison asked. “A lot of companies don’t know if their back up works, so the companies end up paying – and sometimes it is in the millions of dollars.”

In the end to help fend off attacks, users have to understand and trust what they are doing and who they are doing it with.

“Who do you trust when it comes down to it,” Morrison said. “That is what it is all about. Watch those trust relationships.”



Leave a Reply

You must be logged in to post a comment.