hackers

now browsing by tag

 
 

Hackers #access patient #data at #Oklahoma State #facility

Source: National Cyber Security – Produced By Gregory Evans

Hackers attacked Oklahoma State University Center for Health Sciences, and some 279,865 individuals have been notified that their protected health information may have been compromised.

The organization learned on Nov. 7, 2017, that an unauthorized party had gained access to data on the computer network that contained Medicaid billing information. The university removed the data from the network and the unauthorized access was terminated; and forensic specialists were called in to help determine the extent of compromise.

The investigation could not determine with certainty whether patient information was accessed, the university told affected patients in a notification letter.

Compromised data included patient names, Medicaid numbers, healthcare provider names, dates of service and limited treatment information, along with one Social Security number. To date, there is no indication of inappropriate use of patient information, according to the university.

“At OSU Center for Health Sciences, we care deeply about our patients,” the notification letter states. “Patient confidentiality is a critical part of our commitment to care, and we work diligently to protect patient information. We apologize for any concern or inconvenience this incident may cause our patients.”

A dedicated call center has been established for patients to get more information, and patients are urged to be on alert for any healthcare services they incur that they did not actually receive from their providers, and immediately contact their providers and Medicaid.

The university is not offering credit monitoring services to affected individuals, since no financial information was exposed; the one individual whose Social Security number may have been compromised was given credit protection services.

The post Hackers #access patient #data at #Oklahoma State #facility appeared first on National Cyber Security .

View full post on National Cyber Security

When Spies Get Hacked… Hackers Steal Customer Data from Android Spyware Company

When hackers get hacked” should become the tagline of 2018. After several other similar incidents, it is now the turn of an Android spyware maker that advertises its spyware to be used against children and employees. A target of a vigilante hacker, the company known as SpyHuman offers surveillance software for Android devices that enables its users to intercept phone calls, text messages, track GPS locations, read messages on WhatsApp and Facebook, and use the target device’s microphone.

It now appears that a hacker has stolen customer text messages and call metadata from the spyware company. Call metadata includes phone numbers the target devices dialled or received calls from along with their duration and dates. Hackers managed to access over 440,000,000 call details through exploiting a basic security flaw in the website.

advertisement:

nso-pegasusRELATEDControversial Israeli Spyware Firm Robbed by Its Own Employee Who Tried Selling Code for $50 Million!

“These spy apps should be out of market, most people spy on girls and [their] data image […] always sensitive,” the hacker wrote in a message that was obtained by Motherboard. “No one have rights to do that and same these apps and provider making money by doing this.”

While SpyHuman sells its spyware as a tool to monitor children and employees, it’s mostly used to illegally spy on partners and spouses without their consent. “Several review websites and social media posts do push the app for such purposes, and archives of particular SpyHuman pages include phrases such as ‘know if your partner is cheating on you,’ and suggests monitoring your husband’s texts in case he is having an affair,” the publication reports.

The company gave the following (non)explanation when asked about how it makes sure its software isn’t being used for illegal surveillance:

staff-surveillance-2RELATEDMicrosoft Exposes FinFisher Gov Spyware – Says Windows Defender ATP Can Now Detect the Notorious Spyware

“As a precaution, at an initial stage of our app installation, we always ask users that for what purposes they are installing this app in the target device. If they select child or employee monitoring then our app stays hidden and operate in stealth mode. Otherwise, it will create visible Icon so that one can know that such app is installed on his/her devices.”

As is apparent, since its users can always select a child or an employee – which in itself raises several questions – they don’t necessarily have to reveal if they are using the product for spying on people, mostly partners, without their consent.

– If you are a victim of spyware or technology-facilitated abuse, this is a very comprehensive resource list offering guidelines and help.

The post When Spies Get Hacked… Hackers Steal Customer Data from Android Spyware Company appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Belgrade #Suspect #Arrested over Being #Part of #Hackers’ Group ‘The #Dark #Overlord’

Officials from Serbia recently detained a Belgrade resident who’s doubted as belonging to a hacking group named DarkOverlord or The Dark Overlord.

The resident, a man aged 38, uses the initials “S.S” for his name and is a Belgrade citizen.
Except for these, nothing about his identity is known.

The Federal Bureau of Investigation has kept silent giving no remarks about the arrest. However, Serbian officials state they executed the detention when they were conducting an operation for exposing the people using the moniker “The Dark Overlord” online.

Running active from 2016, DarkOverlord has gained notoriety for hacking schools and medical providers to seize their personal files followed with blackmailing the institutions into paying money if they don’t want their information to be sold on the underground world. Earlier, the hackers had apparently seized addresses, phone numbers and Social Security Numbers belonging to innumerable medical patients that could’ve been utilized for committing ID-theft. In.pcmag.com posted this, May 17, 2018.

Beginning from June 2016, The Dark Overlord infiltrated the systems of 50-or-so victims, stealing a variety of data such as intellectual property and crucial health information followed with demanding ransoms in exchange of leaving the filched data safe.

The hackers’ syndicate is well-known with regards to executing one cyber-crime series spanning 2-yrs and comprising extortion along with hacking followed with revealing episodes contained in a Netflix sequence namely “Orange-is-the-New-Black” and also breaking into U.S. school computers as well as threatening the country’s students with murder.

At times the crooks weren’t satisfied with hacking they’d start physical violence threat against the hacked entities. During 2017, an infamous campaign carried out in USA included breach of systems of high schools and then theft of personal data to be followed with holding those data for ransoms. And in case the schools did not pay up, the gang would find out the contact details of staff and students from the filched data and then threaten them.

It’s not clear whether The Dark Overlord group consists of one person or several individuals. However on Twitter, it frequently uses the words “us” and “we” as reference to the gang while blackmailing hacked victims.

advertisement:

The post Belgrade #Suspect #Arrested over Being #Part of #Hackers’ Group ‘The #Dark #Overlord’ appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Russian #hackers could #instantly cut #off the #internet for #half a #million people

Russian hackers have infected more than half a million routers across 54 countries with sophisticated malware that contains a killswitch to instantly cut internet access to users, security researchers have revealed.

The VPNFilter malware also allows attackers to monitor the web activity of anyone using the routers, including the their passwords, potentially opening up the possibility of further hacks.

“Both the scale and capability of this operation are concerning,” William Largent, a researcher at the cybersecurity firm Talos, said in a blogpost describing the vulnerability.

“The destructive capability particularly concerns us. This shows that the actor is willing to burn users’ devices to cover up their tracks, going much further than simply removing traces of the malware.”

The malware has been attributed to a group of Russian hackers, who are variously known as Sofacy Group, Fancy Bear and Apt28. The group has been in operation since the mid-2000s and has previously been blamed for attacks ranging from the Ukrainian military to the 2017 French elections.

Security researchers tell The Independent that the discovery of the malware highlights a broader issue of how vulnerable internet-connected infrastructure is to cyber attacks.

“No longer can we afford to keep our critical infrastructure connected to, and therefore directly accessible to, the internet,” said Eric Trexler, vice president of global governments and critical infrastructure at cybersecurity firm Forcepoint.

“VPNFilter proves that time tested military techniques such as network segregation not only makes sense, but is required if we expect industrial services to remain resilient in the face of sophisticated and persistent attacks.”

Routers found to be vulnerable to the VPNFilter malware include Linksys, MikroTik, Netgear and TP-Link, all of which are often used in homes or small offices. The researchers say they have not yet completed their research but they are making it public now to draw attention to it.

“Defending against this threat is extremely difficult due to the nature of the affected devices,” Mr Largent said.

“The majority of them are connected directly to the internet, with no security devices or services between them and the potential attackers.”

The FBI responded to the revelations by granting court permission to seize a web domain believed to be in control of the Russian hackers.

“This operation is the first step in the disruption of a botnet that provides the Sofacy actors with an array of capabilities that could be used for a variety of malicious purposes, including intelligence gathering, theft of valuable information, destructive or disruptive attacks, and the misattribution of such activities,” Assistant Attorney General for National Security John Demers said in a statement on Wednesday.

advertisement:

FBI Special Agent Bob Johnson added: “Although there is still much to be learned about how this particular threat initially compromises infected routers and other devices, we encourage citizens and businesses to keep their network equipment updates and to change default passwords.

The post Russian #hackers could #instantly cut #off the #internet for #half a #million people appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

North Korea #Hackers Use #Android Apps With #Malware To #Harass #Defectors

North Korean hackers are using Android apps with malware to target the country’s defectors, according to researchers from security software firm McAfee.

The Android apps, which were detected as Google Play Store malware, go beyond the usual unwanted advertisements and attempted scams. The apps track and blackmail the targets for escaping North Korea.

North Korea Launches Targeted Malware Attacks
A North Korea hacking team was recently able to upload three Android apps to the Google Play Store that targeted people who escaped from the authoritarian country, according to a report from McAfee.

The team behind the attacks was Sun Team, instead of the more infamous Lazarus, which was previously linked to the WannaCry ransomware from a year ago. This was not Sun Team’s first attempt at this kind of attack though. In January, McAfee spotted the same attempt, but it required the targets go out of their way and download the apps with malware outside of the Google Play Store.

The malware campaign, nicknamed RedDawn, involved the hackers contacting the targets through Facebook to invite them to install seemingly innocent apps from the Google Play Store. Compared to the first attempt, the new method of attack may have been more convincing, as the apps were downloaded from the official app store for Android devices.

Google Play Store Malware Harasses North Korea Defectors
The three apps were uploaded to the Google Play Store between January and March. The first app was Food Ingredients Info, which offered information on food, true to its name. The second and third apps were FastAppLock and Fast AppLock Free, which functioned as security tools.

The apps, however, were laced with malware. Once installed, the malware used Dropbox and Yandex to upload data and issue commands. The hackers were able to steal their targets’ personal data, which could then be used to track, threaten, and blackmail them.

It is unclear, however, how effective the apps were. They have now been removed from the Google Play Store after McAfee contacted Google, but only after recording about 100 downloads. McAfee said that it was able to identify the malware early on, and that there have been no public reports of being infected with them.

Being careful in downloading apps does not only apply to North Korean defectors though. Targeted malware attacks may come in any form, so users will need to be very cautious with the apps that they install, even if they come from the Google Play Store.

advertisement:

The post North Korea #Hackers Use #Android Apps With #Malware To #Harass #Defectors appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers On Planet Earth (HOPE)

General Cybersecurity Conference

 July 20 – 22, 2018 | New York City, New York, United States

Cybersecurity Conference Description 

Join for three full days and nights of activities, including more of the provocative and enlightening speakers that the HOPE conferences are known for. In addition, we have access to a massive amount of space to put together all sorts of hacker projects and assorted fun stuff.

In the past we’ve had huge hackerspace villages, film festivals, Segway rides, lock picking villages, a wide variety of vendors, art installations, live video, vintage computers, robots, an amateur/ham radio station, electronics workshops, book signings, and the country’s biggest supply of Club-Mate.

Now imagine all of that happening right in the middle of New York City, across the street from Penn Station and down the block from the Empire State Building. It seems impossible, but with the hard work and dedication of our huge volunteer staff, we’re able to pull it off.

advertisement:

The post Hackers On Planet Earth (HOPE) appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers have #taken down #dozens of #911 #centers. Why is it so #hard to stop #them?

When news broke last week of a hacking attack on Baltimore’s 911 system, Chad Howard felt a rush of nightmarish memories.

Howard, the information technology manager for Henry County, Tennessee, faced a similar intrusion in June 2016, in one of the country’s first so-called ransomware attacks on a 911 call center. The hackers shut down the center’s computerized dispatch system and demanded more than $2,000 in bitcoin to turn it back on. Refusing payment, Howard’s staff tracked emergency calls with pencil and paper for three days as the system was rebuilt.

“It basically brought us to our knees,” Howard recalled.

Nearly two years later, the March 25 ransomware attack on Baltimore served as another reminder that America’s emergency-response networks remain dangerously vulnerable to criminals bent on crippling the country’s critical infrastructure ─ either for money, or something more nefarious.

There have been 184 cyberattacks on public safety agencies and local governments in the past 24 months, according to a compilation of publicly reported incidents by the cybersecurity firm SecuLore Solutions. That includes Atlanta, which fell victim to a ransomware attack a couple days before the one on Baltimore, scrambling the operations of many agencies, but not the 911 system.

911 centers have been directly or indirectly attacked in 42 of the 184 cases on SecuLore’s list, the company says. Two dozen involved ransomware attacks, in which hackers use a virus to remotely seize control of a computer system and hold it hostage for payment.

Most of the other attacks involve “denial of service,” in which centers are immobilized by a flood of automated bogus calls. One of the first occurred in October 2016, when Meetkumar Desai, then 18, of Arizona, distributed a computer bug on Twitter that overwhelmed 911 centers in 12 states. The motivations for such attacks are often less about the money than doing damage — sometimes as a form of protest, as when the “hacktivist” group Anonymous took down Baltimore’s city website after the death of Freddie Gray while in police custody, experts say. Desai reportedly told authorities he meant his attack more as a prank.

“911 is the perfect [target] because it can’t afford to be down,” said Tim Lorello, SecuLore’s president and CEO.

This is how 911 works: When someone dials for help ─ typically from a mobile phone ─ the call gets routed from a cell tower to a 911 center, where a “telecommunicator” answers the phone and gathers basic information. The telecommunicator enters that information into a computer-aided dispatch system, where a dispatcher picks it up and coordinates a response from firefighters, police officers or ambulances.

This 911 system relies on redundancy, meaning that call centers that are taken out of service by a hacking attack can work around the disruption by shutting down the computer-aided dispatch system and sharing information person-to-person, or by sending calls to a nearby center. But depending on the type of attack and a 911 center’s resources, those disruptions can make it more difficult for people to reach someone in case of an emergency. A July 2017 investigation by Scripps News on the vulnerabilities of 911 systems noted the case of a 6-month-old Dallas boy who died after his babysitter’s 911 calls were delayed during an apparent denial-of-service attack.

J.J. Guy, chief technology officer at the cybersecurity firm Jask, said that the spread of ransomware attacks on public safety agencies and other key government operations shows the potential for cyberterrorists to target the country’s critical infrastructure.

Last month, the Department of Homeland Security outlined in a report how Russian hackers have gained access to American power plants. The hackers did not cause service interruptions, but the fact that they could gain access at all is troubling to security experts.

“To date, if you don’t have credit cards or lots of personal information, attackers had little motivation and thus you were mostly safe,” Guy said in an email. “This will change those dynamics. Manufacturing, logistics, etc — any field with an operations mindset that loses money when ‘the line is down’ will be targeted.”

The attack on Baltimore was discovered March 25, after a morning breach of its computer-aided dispatch system, officials said. The city’s cybersecurity unit took the system down, forcing support staff to pass 911 calls to dispatchers using paper rather than electronically. Call-center operations returned to normal early the next day, officials said. Investigators later determined that the intrusion was an attempted ransomware attack, but “no ransom was demanded or paid,” a city spokesman James Bentley said. He declined to explain further, saying that “could compromise the investigation.”

Most ransomware cases end similarly, with governments refusing to pay hackers, choosing instead to switch to a more primitive version of 911 services while they rebuild their systems. Governments have caved at times, however, although officials decline to say much about those incidents, out of concern that it will encourage more attacks.

Another problem with the current 911 system is that it doesn’t accommodate the ways people communicate in the modern world ─ through texts, photos, videos, etc. That is why the 911 industry is pushing telecommunication companies and state and local governments to adopt what it calls Next Generation 911, which allows callers to send data through approved telecommunications carriers and internet service providers (while still taking calls from landlines).

Adoption of Next Generation 911 has been slow and costly, said Brian Fontes, CEO of the National Emergency Number Association, or NENA. A tiny fraction of America is on Next Generation 911; the short list includes Maine and Vermont, with Indiana, Washington state’s King County and part of Texas getting close, Fontes said.

The Next Generation 911 systems will have advanced security baked into their foundations, including the ability to instantly identify suspicious activity, immediately shut down in response to intrusions, and simultaneously move incoming calls to other centers in a way that is undetectable to someone dialing for help, officials say.

But the increased connectivity also opens the modern systems to new potential modes of attack, experts say. No matter how sophisticated a defense, all it takes is one overlooked vulnerability to let hackers in, experts say.

That makes it essential to develop sophisticated defense systems run by in-house cybersecurity teams, they say.

In Baltimore’s case, the ransomware attack was discovered and repelled by Baltimore City Information Technology, which maintains defenses across the local government. It determined that the hackers had found access after a technician troubleshooting the computer-aided dispatch system made a change to a firewall and mistakenly left an opening, the city’s chief information officer, Frank Johnson, said in a statement. The FBI is now helping the city investigate.

Howard, in Tennessee, knows how his attacker obtained access to the 911 center — by finding a weak password left by a deceased former system administrator. The FBI told him it looked as if the attack came from Russia. But he still isn’t sure.

Howard cleaned and rebuilt his system, but struggles to maintain patches for his outdated CAD system. “It’s been a nightmare,” he said.

No one has been caught or prosecuted in the Tennessee or Baltimore attack.

advertisement:

The post Hackers have #taken down #dozens of #911 #centers. Why is it so #hard to stop #them? appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Computer #Hackers Are #Demanding #Money From #Cities, #States, And #Companies In The #U.S.

Computer hackers are getting more sophisticated. They are not afraid to hold cities, states, and companies’ hostage until they pay a ransom. Hackers are modern day tech pirates that disrupt computer programs and turn shareholders into anxiety-ridden puppets. Computer networks in Denver, Atlanta, and Baltimore, as well as a computer network of Boeing Airlines, are recent victims. Atlanta’s computers went down on March 22nd when a hacker locked important data behind an encrypted wall. The wall would stay in place, according to the hackers, until the city pays the hackers $51,000 in Bitcoins. Atlanta has a week to comply. If the city doesn’t pay, all that important data will vanish, according to the computer pirates. No one is sure if Atlanta paid the money, according to a Fox News report. But Mayor Keisha Lance Bottoms didn’t rule out payment.

The hacking group calls itself “SamSam.” SamSam is not new to the hacking world. The group pocketed more than $800,000 in 2017. The city of Leeds, Atlanta paid SamSam $12,000 in February 2018 to release their data. But Atlanta is not the only city that SamSam has in its hacking sights this month. Officials in Baltimore said their 911 dispatch system was under attack. The system was down for 17 hours recently to prove the hackers were serious. The hackers were able to get into the system after the city made an internal change to their firewall. But the Baltimore hackers didn’t ask for money, and that is concerning, according to Frank Johnson, Baltimore’s chief information officer.

Boeing, the world’s top aerospace company, is also under attack by the now famous WannaCry ransomware. WannaCry is the same ransomware that crippled Britain’s healthcare services in 2017. The Boeing attack is not as serious as the attack in Britain, according to Boeing’s head of communications Linda Mills. Mills also said the 777 jet program was not part of the hack. Mills said only a few company machines were under attack.

Denver also had a suspicious outage when denvergov.org and pocketgov.org, as well as other online services, suddenly stopped in March. Some city staffers lost access to their email account. Denver officials claim the shutdown was the work of a computer bug, but Colorado’s Department of Transportation was a SamSam victim in February. The hackers said the information would come back to them if Colorado paid in Bitcoins, according to a news report by Denver7.

advertisement:

The post Computer #Hackers Are #Demanding #Money From #Cities, #States, And #Companies In The #U.S. appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

New York offers free #cyber #security #tools to #public to deter #hackers

New York City will offer free cyber security tools to the public as part of a new effort to improve online safety, officials said on Thursday, a week after Atlanta was hit with a ransomware attack that knocked some municipal systems offline.

The program, dubbed NYC Secure, will launch a free smartphone protection app to warn users when suspicious activity is detected on their devices, New York Mayor Bill de Blasio announced at a news conference.

“New Yorkers aren’t safe online. We can’t wait around for other levels of government to do something about it or the private sector,” New York Mayor Bill de Blasio said.

The program will cost the city about $5 million per year, he said.

“It’s our job in government to make sure that people are safe online. It’s a new reality,” de Blasio said.

City agencies will also beef up security protection on public Wi-Fi networks by the end of the year to protect residents, workers and visitors.

Those networks will be secured with a tool, dubbed Quad9, that is available to anybody in New York City and beyond at quad9.net Quad9 routes a user’s web traffic through servers that identify and block malicious sites and email.

NYC Secure was unveiled as Atlanta officials worked alongside federal law enforcement and technicians from private security firms to investigate the cause of the attack that encrypted data on computers.

Atlanta City Council President Felicia Moore said she was waiting to hear more about how the hackers breached city networks, the scope of the attack and when city services would be fully operational.

“Everybody in the public wants to know. I want to know, too,” Moore said at a news conference. “But I do think that we need to give them an opportunity to get the information.”

Atlanta on Thursday reactivated a website that allows residents to make requests for trash pickup, report traffic signal outages and ask for other public works-related services.

Municipal court services remained offline on Thursday and City Hall employees told Reuters their work computers were still unusable a week after the hack was detected.

advertisement:

The post New York offers free #cyber #security #tools to #public to deter #hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

EVEN #ELITE #HACKERS MAKE #DUMB #MISTAKES

A report from the Daily Beast alleged that the Guccifer 2.0 hacking persona—famous for leaking data stolen from the Democratic National Committee in 2016—has been linked to a GRU Russian intelligence agent. What appears to have given Guccifer away: The hacker once failed activate a VPN before logging into a social media account. This slip eventually allowed US investigators to link the persona to a Moscow IP address. In fact, they traced it directly to GRU headquarters.

Guccifer 2.0 took careful precautions to remain anonymous for months, yet one small mistake may have blown the whole cover. Such a gaffe may seem unthinkable for such a prominent and seemingly powerful hacker, but security experts note that, as the truism goes, everyone makes mistakes. And anyone who has worried about operations security, the process of limiting what information an outside party can discover, knows that you can’t rely on being perfect.

“It’s really easy for a hacker to slip up even if they’ve perfected their tradecraft,” says David Kennedy, CEO of the security firm TrustedSec, who formerly worked at the NSA and with the Marine Corps’ signal intelligence unit. “It happens all the time even to the most skilled of attackers, because it only takes one packet that an attacker didn’t think about or data that wasn’t intended to go to a certain destination to find its source.”

Cyber Goofs

From the outside, the faceless world of cyber espionage and digital nation-state aggression has an air of drama and mystery. Personas like Guccifer 2.0 or so-called Advanced Persistent Threat hacking groups have a certain mystique that makes their capers even more disconcerting, like being under attack from a phantom. But in practice it’s easy to see that the work isn’t glamorous at all, and that the individuals behind it are, of course, regular people. Who screw up.

Though it may feel surprising every time, elite hackers regularly make crucial opsec mistakes. North Korean hackers accidentally exposed their IP addresses during their attack on Sony Pictures in 2015. Investigators traced two of the founders of the dark web marketplace Silk Road simply because both men used their personal email addresses to establish accounts related to the project. And researchers at the Russian antivirus firm Kasperksy Labs exposed evidencein 2015 of an elite hacking group tied to the NSA, after the group accidentally let some IP addresses it owned expire, allowing Kaspersky to buy them and track malware that phoned home to them.

In spite of their insuperable aura, black hat hackers don’t all need to be at the very pinnacle of their field. Different skill levels suffice for different projects, and the goal is generally to do the minimum required and save resources rather than making everything completely watertight. Bad actors of all levels use slapdash code, open source tools, and sloppy methods if they’ll get a job done.

“A key point when people talk about ‘groups’ is that in a lot of cases, operators are not always going to know exactly what they’re doing or how things work, regardless of how advanced the tooling is,” says Will Strafach, a mobile security researcher and the president of Sudo Security Group.

StopSec

Though missteps can be damaging to offensive operations, attempting to avoid gaffes is just as crucial when people are using operations security best practices to defend themselves or others and use information control as a form of protection. For a survivor fleeing an abuser, a political dissident, or an activist, the cost of small mistakes can be enormous. But high-profile examples of the types of mistakes that can occur can serve as teachable anecdotes for those seeking to defend themselves.

“There are some situations for journalists/activists/human rights defenders where the stakes are high,” says Eva Gelperin, the director of cybersecurity at the digital rights group Electronic Frontier Foundation. “Telling people that they always need to have perfect opsec all the time is not very helpful. I’m hoping to use the Guccifer 2.0 story [in trainings] to make the point that you don’t have to protect everything from everyone all the time, but you do need to identify high-risk behavior with potentially catastrophic consequences and be disciplined about avoiding it.”

And though human error is ubiquitous, experts note that it’s important to stay vigilant about the possibility that a slip up is actually a false flag, and is intentionally misleading observers and investigators. “We all know we make mistakes, but I think there is a ton of skepticism on if Guccifer 2.0 really slipped up or not,” TrustedSec’s Kennedy notes. “It’s absolutely possible, but when dealing with a nation state whose entire goal is espionage it’s always hard to tell.”

Celebrity hacking personas don’t deserve too much credit, given that cyberespionage and hacking operations inevitably lead to high-profile blunders at times. But don’t give them too little credit either over mistakes that can and do happen to anyone.

advertisement:

The post EVEN #ELITE #HACKERS MAKE #DUMB #MISTAKES appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures