Blowing up buildings, killing off the entire air traffic control grid, and stealing gobs and gobs of money. Live Free or Die Hard is the story of a guy (Bruce Willis) who does it all. Harrison Ford uses the database built into his daughters iPod to move 10 million accounts from the bank where he's the CISO to an offshore account, while his family lived (unknowingly at first) under the threat being killed in Firewall,
To far fetched for your liking? Alarmist or realist?... you decide...
- I published the (very true) story of “woshihaoren” (我是好人) Red Sky Weekly: “woshihaoren” (我是好人 in April. It told the story of a cat and mouse game between a real CISO (I called him Jack) and a group of folks somewhere on the other side of the world. Jack's outgunned and probably will never get these guys out of his networks, but he shuts them down quickly. Heck, he's probably their training ground... (maybe we'll see a new movie? -Training Day III?)
- I delivered the news to another CISO that an application that his company purchased (for a BOAT LOAD of money) was bought from another company who'd been completely p0wned. The result? The application he purchased was likely owned too... and probably leaking data.
- In yet another, I informed a CISO last week that he'd had several emails heading for his company, all with malware attached. How would I know? Let's just say I do ok? We received a copy of the malware, and sure enough... it wasn't a birthday card from gramma! The information we gave him was less than 30 minutes old and the malware was undetected in the major virus engines.
- This weeks fusion report detailed a shift in tactics by one group, moving to a new downloader process for a specific remote access trojan. A remote access trojan, RAT, allows hackers to have full control and interactivity with the machine or machines where they have it installed. We've been seeing this in some of the discussion boards outside of Red Sky and took some time this week to send out some good analysis (and mitigations or courses) to our members.
- We published a report on a bad guy that we've been tracking for several months now. The guy is active but practices really good tradecraft --no social media, not much open source communications --and seemingly never has, yet he's either an urban legend or he's just really careful.. not sure yet, but we know he writes some hellish malware.
- We took on a bit of a GEOPOL project this week. More to follow as that unfolds, but this is reminiscent of my first project as an Intelligence Officer.. basics count and they need to be taught; so we're teaching a junior analyst.