Comment

What is DNS Hijacking?

Keeping your internet property safe from hackers is hard enough on its own. But as WikiLeaks was reminded this week, one hacker technique can take over your entire website without even touching it directly. Instead, it takes advantage of the plumbing of the internet to siphon away your website's visitors, and even other data like incoming emails, before they ever reach your network

On Thursday morning, visitors to WikiLeaks.org saw not the site's usual collection of leaked secrets, but a taunting message from a mischievous group of hackers known as OurMine. WikiLeaks founder Julian Assange explained on Twitter that the website was hacked via its DNS, or Domain Name System, apparently using a perennial technique known as DNS hijacking. As WikiLeaks took care to note, that meant that its servers weren't penetrated in the attack. Instead, OurMine had exploited a more fundamental layer of the internet itself, to reroute WikiLeaks visitors to a destination of the hackers' choosing.

Comment

Comment

Powergrids infiltrated by Hackers

Power Grids in Turkey, Switzerland and the US were infiltrated by a hacking campaign Dragonfly 2.0.  But the latest collection of power grid penetrations went far deeper: Security firm Symantec is warning that a series of recent hacker attacks not only compromised energy companies in the US and Europe but also resulted in the intruders gaining hands-on access to power grid operations—enough control that they could have induced blackouts on American soil at will.

Symantec on Wednesday revealed a new campaign of attacks by a group it is calling Dragonfly 2.0, which it says targeted dozens of energy companies in the spring and summer of this year. In more than 20 cases, Symantec says the hackers successfully gained access to the target companies’ networks.

Comment

Comment

Cybersecurity Help Wanted: Asperger People

People with Asperger Syndrome have distinct advantages when it comes to combating cyber crime.

Frédéric Vezon has Aspergers. He’s president at ASPertise, an application development, big data and cybersecurity services company that has offices in Paris and Montreal.

Asperger people — as Vezon calls them — bring distinct advantages when it comes to combating cyber crime. In an email interview, he explained why. His reasons are below.

Comment

Comment

APT (Advanced Persistent Threat)

Introduction

APT, formerly known as the Advanced Persistent Threat, is the buzzword that computer security specialists and everyone else is using.Companies are concerned about it, the government is being compromised by it and computer security specialists are using it in every presentation they give.

One of the main reasons organizations are broken into today is because they are fixing the wrong vulnerabilities. If you fix the threats of 3 years ago, you will lose. APT allows organizations and computer security specialists to focus on the real threats that exist today.

While APT is important, we need to clear the smoke and hype, focusing on why it is important and what it means to you. Instead of just using it as a buzz word, if we understand the core components of APT, we can use it to improve our security. In APT, threat drives the risk calculation. Only by understanding the offensive threat will an organization and their computer security specialist be able to fix the appropriate vulnerabilities.

Comment