TEMPEST INC. home


For more information, call us at: (703) 836-7378

Does Cybersecurity have you stumped?


Let us help you get started.
* Cybersecurity Threat Awareness.
* Cybersecurity Risk Assessment.
* Cybersecurity Plans.
* Cybersecurity Training.
* Cybersecurity Hardware and Software Solutions.



Call us: (703) 836-7378

SOME USEFUL INFORMATION ABOUT CYBER SECURITY ( cybersecurity ):

In 1965 the co-founder of Intel, Gordon Moore, noted that the number
of transistors that could be squeezed onto a square inch
of integrated circuit material had doubled every year since
the integrated circuit was invented.

He expected that this would continue for a while, and he was right.
Today, FIFTY years later, the amount of data that can be squeezed into
an integrated circuit continues to double about every 18 months.
This is is expected to continue for another TWENTY years.
This is known as MOORE'S LAW.

Because of this, computer manufacturers have been able to make products


that are smaller, faster, more powerful, and - incredibly - CHEAPER
than ever before, and doing it again and again every 18 months.

This has absolutely revolutionized the way people communicate
and do business.
It has led to cell phones and the internet.


In 1969 the United States sent astronauts to the surface of the moon and brought them back alive - something we could not do today even if
our national survival depended on it.
We repeated this feat six times, even sending an electric car,
( a "moon buggy ") in which the astronauts rode around moon.

Incredibly, we did it in spacecraft whose computer
had only 32 kilobytes (32,000 bytes) of memory.

Today, a typical cell phone contains over 32 Gigabytes of memory,
(32,000,000,000 bytes)- a MILLION TIMES as much.

Private individuals, businesses, and goverment
organizations have understandably rushed to
take advantage of the fast, convenient, and economical
services provided by this new and continually evolving technology.
Unintentionally, they have also chosen to become increasingly
dependent on it.

Unfortunately, up to now we have failed to make this new technology ROBUST.
We are discovering that it is easily disrupted and exploited.


As the technology advances, it is becoming easier and cheaper for
hostile governments, criminals, and even hobbyists to do this.
We can take steps to deter, detect and limit the damage,
but we cannot actually PREVENT it.


If our computers suddenly ceased to work today,
most vehicles and airplanes would stop working,


The power grid would shut down, and many parts of the government would
stop working. It has been estimated that in
developed countries like the United States, wthin a year
90% of the population would be dead.

For this reason, we are increasingly beginning to ask what we would do
if the internet suddenly shut down.
Enter the field of Cyber Security ( cybersecurity ).

Merriam Webster. defines Cyber Security ( cybersecurity ) as "measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack."

Cyber security ( cybersecurity ) is not new. Cyber security ( cybersecurity ) was originally known as "computer security ". Cyber security ( cybersecurity ) has also been known as " information systems security, " TEMPEST INC. personnel have been involved in Cyber security ( cybersecurity ) for over thirty years.

How do you find an expert "hacker" who can tell you if your system is secure? Unfortunately, many of them work for foreign governments or are otherwise not talking. Also, hacking techniques are constantly evolving. What works today might not work tomorrow.

At TEMPEST INC., we have recent, extensive training in Cyber Security ( cybersecurity ), backed up by over 30 years of practical experience in protecting military and government computer and communication systems.

We can help you take effective, economical, unclassified common-sense steps to protect your organization or your business from cyber security ( cybersecurity ) threats.

Call us to discuss your needs.
(703) 836-7378

**************************************************

THIS SECTION IS UNDER CONSTRUCTION

cyber security ( cybersecurity ) TOPICS:
[SEE ALSO cyber security ( cybersecurity )Definitions:]


cyber security training ( cybersecurity training )
cyber security risk ( cybersecurity risk )
cyber security risk assessment ( cybersecurity risk assessment)
cyber security risk mitigation ( cybersecurity risk mitigation )
cyber security plan ( cybersecurity plan )
cyber security planning ( cybersecurity planning )
cyber security matrix ( cybersecurity matrix )
cyber security tools ( cybersecurity tools )
cyber security awareness ( cybersecurity awareness )
cyber security awareness course ( cybersecurity awareness course )
cyber security threat ( cybersecurity threat )
cyber security threat assessment ( cybersecurity threat assessment )

**************************************************

Cybersecurity threat awareness ( Cybersecurity awareness ) :
To reduce the cybersecurity threat to your organization, the first thing to do is establish cybersecurity awareness, which means Cybersecurity threat awareness. Why is Cybersecurity threat awareness so important? Cybersecurity threat awareness is important because of a common Cybersecurity threat called "social engineering." social engineering is just a fancy name for fraud. An example of the Cybersecurity threat called social engineering is when someone calls you up and says he is from the IRS and needs your social security number. Since a chain is only as strong as its weakest link, it is important to build Cybersecurity threat awareness ( Cybersecurity awareness ) among all of the people in your organization. It only takes one person without Cybersecurity threat awareness ( Cybersecurity awareness ) to fall for a scam like that and compromise your sensitive data. Therefore, Cybersecurity threat awareness ( Cybersecurity awareness ) must now be part of every one of your people's training. WE consider Cybersecurity threat awareness ( Cybersecurity awareness ) to be the foundation on which your Cybersecurity program is built. Without Cybersecurity threat awareness ( Cybersecurity awareness ) your organization is vulnerable to social engineering tricks that are cheap and easy to pull off. The good news about Cybersecurity threat awareness ( Cybersecurity awareness ) is thatit is easy to explain and understand. You don't have to be and IT expert or a skilled hacker to understand the basic concepts of Cybersecurity threat awareness ( Cybersecurity awareness ). Cybersecurity threat awareness ( Cybersecurity awareness ) is even easy to explain to school age children.

**************************************************

cyber security ( cybersecurity ) Definitions:
Terms used in cyber security ( cybersecurity ) :

At this time there does not seem to be any single, official U.S. Government glossary of terms commonly used in cyber security ( cybersecurity ). Here are some common cyber security ( cybersecurity ) terms with definitions that are commonly used in the cyber security ( cybersecurity ) field.

Phishing (adapted from Wikipedia:)
In the cyber security ( cybersecurity ) field, " Phishing " has been defined as attempts to get sensitive information such as usernames, passwords, and credit card details by posing as auction sites, banks, online payment processors or IT administrators.
actor In the cyber security ( cybersecurity ) field, this term means
attacker In the cyber security ( cybersecurity ) field, this term means
Clone phishing: (adapted from wikipedia) In the cyber security ( cybersecurity ) field, this term means using the content and recipient addreses of legitimate email to create an almost identical copy. An attachment or link in the message is replaced with a malicious version and then sent from an email address spoofed to appear to come from the original sender.
cracking In the cyber security ( cybersecurity ) field, this term means
Denial of service In the cyber security ( cybersecurity ) field, this term means
exfiltrate In the cyber security ( cybersecurity ) field, this term means ~ homograph attack,
internationalized domain names
infiltrate In the cyber security ( cybersecurity ) field, this term means
kernel In the cyber security ( cybersecurity ) field, this term means
malware In the cyber security ( cybersecurity ) field, this term means
pivot In the cyber security ( cybersecurity ) field, this term means
Punycode
rootkit In the cyber security ( cybersecurity ) field, this term means
social engineering In the cyber security ( cybersecurity ) field, this term means
spear phishing In the cyber security ( cybersecurity ) field, this term means


trojan horse In the cyber security ( cybersecurity ) field, this term means
trojan In the cyber security ( cybersecurity ) field, this term means


virus In the cyber security ( cybersecurity ) field, this term means
whaling In the cyber security ( cybersecurity ) field this term means ,
whale phishing In the cyber security ( cybersecurity ) field, this term means
worm In the cyber security ( cybersecurity ) field, this term means


Link manipulation In the cyber security ( cybersecurity ) field, this term means
Filter evasion In the cyber security ( cybersecurity ) field, this term means
Website forgery In the cyber security ( cybersecurity ) field, this term means
Phone phishing In the cyber security ( cybersecurity ) field, this term means
Covert Redirect In the cyber security ( cybersecurity ) field, this term means

**************************************************

Useful articles about cyber security ( cybersecurity ) :

Hardware Trojan Horses


This article has been adapted and edited from:

Stopping Hardware Trojans in Their Tracks

A few adjustments could protect chips against malicious anti-Cyber Security ( cybersecurity ). circuitry

By Subhasish Mitra, H.-S. Philip Wong & Simon Wong Posted 20 Jan 2015 | 21:00 GMT

http://spectrum.ieee.org/semiconductors/design/stopping-hardware-trojans-in-their-tracks/?utm_source this term means techalert&utm_medium this term means email&utm_campaign this term means 012215

Long ago, Greek soldiers tried for 10 years to conquer the city of Troy. Eventually, they departed, leaving behind a large wooden horse, apparently as a gift. The Trojans pulled the beautiful tribute inside. Later, a group of Greek soldiers slipped out of the horse and opened the gates for their compatriots, who easily sacked the sleeping city.


Nowadays, a Trojan horse is a seemingly innocuous piece of software that actually contains malicious anti Cyber Security ( cybersecurity ).code. Cyber Security ( cybersecurity ) companies are constantly developing new Cyber Security ( cybersecurity ). tests to check for these Cyber Security ( cybersecurity ) threats. But there is another variety of Trojan horse; hardware Trojans. They could prove much harder for Cyber Security ( cybersecurity ).personnel to thwart.

A hardware Trojan hose is exactly what it sounds like: a small change to an integrated circuit that can disturb chip operation. With the right design, a clever Cyber Security ( cybersecurity ) attacker can alter a chip so that it fails at a crucial time or generates false signals. Or the Cyber Security ( cybersecurity ) attacker can add a backdoor that can sniff out encryption keys or passwords or transmit internal chip data to the outside world.

There 1s good reason to be concerned. In 2007, a Syrian radar failed to warn of an incoming air strike; a backdoor built into the system's chips was rumored to be responsible. Other serious allegations of added circuits have been made. And there has been an explosion in reports of counterfeit chips, raising questions about just how much the global supply chain for integrated circuits can be trusted.

A lot of Cyber Security ( cybersecurity ). research is still being devoted to understanding the scope of the Cyber Security ( cybersecurity ).problem. But Cyber Security ( cybersecurity ). solutions are already starting to emerge. Today we try to protect against hardware Trojans by keeping careful tabs on where chips are made, limiting the opportunity for mischief by limiting who is authorized to make a chip.

Today's chips are so complex and costly to design and build that it is very difficult for a single company to create them without outside help. One company might conceive and market an integrated circuit, but other companies often make critical contributions to pinning down the design. Still others may have a hand in manufacturing, packaging, and distributing the chips.

With so many cooks in the kitchen, there are multiple opportunities to meddle with the hardware. A natural place to start is at the very beginning, when a chip is being designed. Today, that's done using sophisticated computer-aided-design software. These CAD tools are created by specialized companies that often work closely with chipmakers. The tools frequently contain millions of lines of code, and they change quickly: New algorithms are added almost continuously to help design faster, lower-power circuits. In principle, among the many thousands or perhaps millions of lines of code, it is easy to slip in a few extra ones to modify a hardware design. And there are multiple places it could be done. For one thing, routine circuit blocks, such as the accelerators used to crunch numbers for encryption and decryption, are often designed by third parties. '' The other obvious time for an integrated circuit to be altered is during manufacturing. This was less of a concern decades ago, when chip manufacturing was more affordable and companies could make their own chips in their own fabrication plants, or fabs. But nowadays a new chip fab can cost upwards of US $10 billion, and research and development costs keep increasing. Because of this very high up-front cost, most chipmakers now rely on a handful of outside foundry services, based in China, South Korea, Taiwan, and the United States, among other countries, that specialize in implementing silicon designs. Although there is no reason to suspect that any of these foundries may be adding malicious anti-Cyber Security ( cybersecurity ).hardware, it's impossible to exclude the possibility that they might make aanti-Cyber Security ( cybersecurity ).adjustments to the designs, potentially altering an entire batch of chips or a subset of them. '

In one experiment, conducted in 2008 at the University of Illinois at Urbana-Champaign, Cyber Security ( cybersecurity ). researchers designed a small backdoor circuit that gave access to privileged regions of chip memory. The Trojan could be used to change the process identification number of malicious anti-Cyber Security ( cybersecurity ). software, allowing Cyber Security ( cybersecurity ). attackers to perform any anti- Cyber Security ( cybersecurity ). operation and access any data they wish. Incorporating this Trojan added fewer than 1,000 transistors to the 1.8 million already on the chip, an increase of just 0.05 percent. And such tiny tweaks are likely to be par for the course: It doesn't take much additional circuitry to wreak Cyber Security ( cybersecurity ).havoc on a chip. In fact, it might not require any added circuitry. Recent research suggests that even slight adjustments to the electrical properties of existing transistors in a design could compromise Cyber Security ( cybersecurity ).

How would you find changes to the circuitry? You might think you could simply take a finished chip and look at it under a microscope. It's easy to imagine doing that back in the early 1970s, when Intel debuted its 4004 microprocessor. The 4004 had about 2,300 transistors, each measuring an optical microscope-friendly 10 micrometers or so. But today's integrated circuits are in another realm entirely. They can easily have billions of transistors, each well less than a hundredth the size of those in the 4004. While it's possible to scrutinize them with an electron microscope, the process is destructive. To get to the transistor level, you have to chemically remove or mechanically polish away the layers of metal that have been added on top of the transistors to wire everything together.

A straightforward solution to this problem is to destructively examine a representative sample of chips; if they're free of Trojans, you might conclude that all the untested chips in the batch are as well. But there is no guarantee that's the case; an anti-Cyber Security ( cybersecurity ). attacker may have targeted only a subset of the chips in question.

Today's integrated circuits are international creatures. But trust isn't something that's built in from the start

*****************************************************************

The following cyber security ( cybersecurity ) information comes from an interview with a cyber security ( cybersecurity ) expert based in Moscow, Russia. The original article on cyber security ( cybersecurity ) was published in the Washington Post on January 14, 2015.


To see the complete cyber security ( cybersecurity ) article, see:

http://www.washingtonpost.com/blogs/the-switch/wp/2015/01/14/the-time-a-major-financial-institution-was-hacked-in-under-15-minutes/

The time a major financial institution was hacked in under 15 minutes.


By Brian Fung January 14 Follow @b_fung

Christopher B. Doggett is managing director of cybersecurity firm Kaspersky Lab North America. (Courtesy Kaspersky)

Online attacks against such prominent targets as Sony, Target and Home Depot have brought cyber security ( cybersecurity ) and digital privacy to the forefront of the national consciousness. But as the cyber security ( cybersecurity ) technologies we use grow more sophisticated, so will criminals' attempts to defeat them, according to Chris Doggett, North American managing director of Kaspersky Lab, a Moscow-based international cyber security ( cybersecurity ) information security firm. In an interview this month in Washington, Doggett said financial fraud and identity theft pose far more cyber security ( cybersecurity ) danger to Americans than shadowy hacking groups such as Lizard Squad, which has taken partial credit for breaching Sony's systems. He added that no cyber security ( cybersecurity ) network is ever completely secure.

[ we agree with this ]

 as one major Wall Street cyber security ( cybersecurity ) client found out when Doggett was working as a private cyber security ( cybersecurity ) consultant.

The following transcript has been edited for length and clarity.

Brian Fung: What are some of the big issues in cyber security ( cybersecurity ) y now, and what do you see as the top cyber security ( cybersecurity ) priorities in 2015?

Chris Doggett: What we've seen is a major acceleration in cybercriminal operations, number one, and then secondarily in cyberespionage operations. Targeted cyber security ( cybersecurity ) attacks have been on the rise, and they're now a major part of the cyber security ( cybersecurity ) threat landscape. That's something that's been of a lot of interest to us in the cyber security ( cybersecurity ) community and something we do a lot of cyber security ( cybersecurity ) research on.

Anti- cyber security ( cybersecurity ) Perpetrators:

The common theme we see is that the actors in a lot of these cyber security ( cybersecurity ) operations, whether they're cyber security ( cybersecurity ) criminals or nation states, have continued to become more and more sophisticated and more and more elusive. So it's become harder and harder to uncover these anti- cyber security ( cybersecurity )  operations, unless they're folks that want to get recognized.

The worst cyber security ( cybersecurity ) threat:

Which do you see as the more pernicious cyber security ( cybersecurity ) threat, the Lizard Squad-type hacking groups or state-based actors [ i.e.Anti- cyber security ( cybersecurity ) Perpetrators]?

I think it was cyber security ( cybersecurity ) and privacy expert Bruce Schneier who referred to the Lizard Squad guys as being kids playing politics. I think that's troublesome, and certainly in the case of Sony some of the information disclosures are damaging for sure. But I think the more concerning areas [ of cyber security ( cybersecurity ) ] are more primarily based around financial fraud and theft. It's very clear that organized crime has started to really become a major player in the cyberthreat [anti cyber security ( cybersecurity ) ] landscape, so most of these cyber security ( cybersecurity ) attacks that we see that are major thefts are very sophisticated and involve almost an ecosystem of different players.[ i.e.Anti- cyber security ( cybersecurity ) Perpetrators]

Financial crime obviously has a very long history. What's new about the cyber security ( cybersecurity ) attacks we're seeing now against banks or other institutions?

In this past year we saw just how deeply these guys can get into the cyber security ( cybersecurity ) systems. For example, there was a major Anti- cyber security ( cybersecurity ) operation that we saw in Eastern Europe, "Tyupkin," which involved ATM attacks. These guys [ i.e.Anti- cyber security ( cybersecurity ) Perpetrators] were basically able to upload malware to ATMs and then send mules into this ATM network and have them walk up to a machine at a prescribed time and enter a cyber security ( cybersecurity ) code that would bring up a management console that would show them how much money was in each cassette in the ATM. And they could select to dump the cash out of that cassette right into their hands, and then they had to go make a drop.

That is not just an easy, interesting visual cyber security ( cybersecurity ) story for people to see -- it's clearly a sophisticated cyber security ( cybersecurity ) attack when it comes to banking.

It certainly seems like there have been more cyber security ( cybersecurity ) data breaches and hacks in the past year. But are there really more, or are people paying more attention? [ to cyber security ( cybersecurity ) ]

I think it's both. In terms of any of the [ cyber security ( cybersecurity ) ] stats we've looked at, we've seen a rise in [ cyber security ( cybersecurity ) ] attacks. We're now seeing 325,000 pieces of new malware daily coming through Kaspersky Labs. We saw a tenfold increase in mobile malware over the last year.

And malware is the common thread that's used in all these [ cyber security ( cybersecurity ) ] attacks. It doesn't matter if you look at Home Depot or Sony or JP Morgan or any of these [ cyber security ( cybersecurity ) ] attacks that are going on, what's the common cyber security ( cybersecurity ) thread? It's malware.

To answer the cyber security ( cybersecurity ) question, I think some of it has to do with our [ cyber security ( cybersecurity ) ] awareness, and some of it has to do with the actual level of [ anti cyber security ( cybersecurity ) ]activity. Many of these [ anti-cyber security ( cybersecurity ) ] operations we've discovered recently have been going on for a year or several years. But certainly there's a much higher concentration of them. People are waking up to the fact that systems are fundamentally insecure.
[ we agree with this ]
The presumption that things were secure, [ from a cyber security ( cybersecurity ) viewpoint ] whether it's their company's data or their money in the bank, people are waking up to the fact that that's no longer true. And it hasn't been for some time.

You said we're getting better at detecting these cyber security ( cybersecurity ) attacks. How have our cyber security ( cybersecurity ) capabilities improved?

That varies a lot depending on the cyber security ( cybersecurity ) segment you're in. We [at Kaspersky] have been in the business of detecting [ cyber security ( cybersecurity ) ] malware since our inception. So our cyber security ( cybersecurity ) capabilities and our technology have obviously improved over that time, and that's been an ongoing cyber security ( cybersecurity ) arms race of sorts versus the criminal elements. Part of it has to do with how you collect information. If you have our cyber security ( cybersecurity ) software to protect your system, you can opt in to providing anonymous diagnostic cyber security ( cybersecurity ) information about how often that machine is being attacked, and diagnostic cyber security ( cybersecurity ) information on the malware that's been detected. And if you aggregate that across 400 million machines in our case, you begin to get very good real-time information about what cyber security ( cybersecurity ) attacks are going on, where and how.

In a lot of retail cyber security ( cybersecurity ) breaches, consumers have been hit with fraudulent charges that they didn't have to pay. Who bears the cost for that, and are consumers fully insulated?

As companies have woken up to the fact that "pretty good" cyber security ( cybersecurity ) security is no longer enough, they've had to really up their cyber security ( cybersecurity ) defenses. And that includes upping their cyber security ( cybersecurity ) costs, significantly increasing the amount they're spending on securing their systems and infrastructure. Ultimately, that flows down to consumers. Cybercrime and cyberespionage have a very significant cost: You've seen estimates from hundreds of millions of dollars a year to tens of billions of dollars. Are consumers insulated? If your credit card is breached, you're liable for $25 or $50, and the company covers the rest, initially. So in some respect, yes. If your banking card credentials are stolen, you could have your account wiped out. And that does happen.

Can you talk a bit about Apple Pay and Bitcoin and some of the potential pitfalls of these technologies?

I think one of the things we can say with Apple Pay is that while it's a great concept, and certainly Apple puts a lot more effort and thought and strategy into security [ cyber security ( cybersecurity ) ] than you see in some of the open operating systems like Android and therefore is more cyber security ( cybersecurity ) secure, we also know that no system is totally cyber security ( cybersecurity ) secure. We've seen a rise in Mac OS X malware [ anti- cyber security ( cybersecurity ) ]that's very significant. About 40 percent of that right now is targeting users in the U.S. It's very easy to predict that as the adoption of mobile payment systems like Apple Pay increases, that cyber security ( cybersecurity ) attacks will grow to follow that. It's like that famous saying, "Why do you rob banks? Because that's where the money is." If Apple Pay becomes a big, pervasive system for payments, you can be sure that the cyber security ( cybersecurity ) criminals are going to be right behind, figuring out how to breach Apple's cyber security ( cybersecurity ) security and how to steal money.

What about virtual currencies? People say they are secure and relatively anonymous, and folks are working to integrate Bitcoin into the financial system.

Bitcoin is used not only for legitimate financial transactions but for financial transactions amongst the folks who are doing the hacking. So I think it's going to be interesting to see in one sense, if cyber security ( cybersecurity ) hackers, cybercriminals are using Bitcoin to move money around or do money laundering or other things as part of the financial portion of their operations, they're probably going to be somewhat reticent to develop ways to compromise Bitcoin. And actually Bitcoin itself is obviously based on an encryption algorithm, so that in some ways creates inherent security, as well.

[ we disagree ]

One could speculate that that would not be an attractive target because the guys who are the
attackers are also using it. That's number one.

Number two, it comes down to how easy a cyber security ( cybersecurity ) target is to breach. There's fundamentally two parts to the formula for cybercriminals. One is, how big a target? How juicy is it? How attractive is it? How much money is there to steal? The other one is, how easy is it to breach? In mobile cyber security ( cybersecurity ) malware, for example, we see over 98 percent of the mobile malware that's created is created for Android. Why? Because it's much, much easier to exploit than iOS.

In the case of Bitcoin, you have to look at it relative to other forms of currency and things guys could go steal. I don't think it's the most attractive target because of not only who's using it but the difficulty in compromising Bitcoin.

As Bitcoin becomes more integrated with the financial system, do you see its role shrinking as the mode of exchange for cyber security ( cybersecurity ) hackers? Or do they wind up coexisting somehow?

That's a great question. This is purely my personal opinion, but I would expect to see it coexisting. I don't necessarily see it going away, and I'm not sure it gets more dangerous because of the anonymity that's involved for cybercriminals to use it and risk getting caught.

Can you tell me about how business cyber security ( cybersecurity ) needs differ from consumer cyber security ( cybersecurity ) needs and how you're addressing them?

The cyber security ( cybersecurity ) consumer is primarily concerned with two things. One is privacy. I don't want my data getting out there. As we've seen with some celebrity picture hacks, for example, that can be a really big concern with people. Corporations also have to worry about mobile devices being the weak link in their cyber security ( cybersecurity ) security posture, and the way a cyber security ( cybersecurity ) criminal can use that to get into their network.

The cyber security ( cybersecurity ) challenge for corporations is that they no longer have a cyber security ( cybersecurity ) perimeter. We used to think about this cyber security ( cybersecurity ) perimeter where everything was either outside the cyber security ( cybersecurity ) firewall or inside the cyber security ( cybersecurity ) firewall, and it was easy to control on a network cyber security ( cybersecurity ) infrastructure. With mobile devices there's no longer a cyber security ( cybersecurity ) perimeter. The cyber security ( cybersecurity ) perimeter is the device. Because your phone is sitting there on the table.

I'm taking it out of the building, I can download all kinds of apps.

Sure, and it's got direct access into your [company's] e-mail server, for example. And that's just one of probably many things you can do with your mobile device. And, yes, you're taking it into a lot of dangerous cyber security ( cybersecurity ) environments.

Darkhotel is a specific cyber security ( cybersecurity ) operation where cyber security ( cybersecurity ) attackers are targeting C-level executives at major companies, and they're compromising hotel WiFi networks such that when you go to log into the hotel network, you get into the network and you think you're on the hotel's network, but they've actually gotten into the middle, so to speak, and your device then tells you, "Oh, you need to download a security [ cyber security ( cybersecurity ) ] patch for Adobe. Click here to update." And you're actually executing some cyber security ( cybersecurity ) malware on your device.

Why are the C-level execs the cyber security ( cybersecurity ) target? Well, a couple of reasons. First, C-level execs are famous for wanting the [ cyber security ( cybersecurity ) ] rules bent for them. "I know you've got your cyber security ( cybersecurity ) security policies, but just make my iPad work, please!" That kind of thing. And number two, it's much easier to pick up and anticipate when those people are going to be in that hotel.

I imagine they're also more attractive cyber security ( cybersecurity ) targets, too access to more information.

Yeah, unfettered access to pretty much all information in their company. If you're compromising their devices and using that as a way in, that's a pretty good bet you can get anywhere you want to go.

So companies are starting to become more aware about the cyber security ( cybersecurity ) threats that are out there and steps they need to take. On the other hand, you have consumers who fall victim all the time to phishing or social engineering cyber security ( cybersecurity ) attacks. Are we getting better as a society about understanding how these cyber security ( cybersecurity ) attacks take place and how to safeguard ourselves? We are, and we aren't.

We see people still not practicing good cyber security ( cybersecurity ) security hygiene in terms of cyber security ( cybersecurity ) basics like not having your password be "password" or "qwerty." It's humorous, in some respects. But I think, generally, user cyber security ( cybersecurity ) awareness has gotten better. People are smarter and, generally speaking, know to be suspicious about e-mails from people they don't know and clicking on links.

To tell you a little story: I used to run a boutique cyber security ( cybersecurity ) security consulting organization that specialized in doing cyber security ( cybersecurity ) vulnerability assessments. The thing for me that was most shocking that I quickly developed as I was talking to the CEO of a company or the VP of security was that I could guarantee them that I could break in. I'd say, "Look, I guarantee if you let us use every tool in our toolbox, including social engineering, that we will find at least one way and usually multiple ways into your organization." And they'd say, "How can you guarantee that?" Very simple answer: If we don't succeed, we will write you a report telling you we couldn't find a way in, and you don't have to pay us a dime." You know how many of those I gave away for free? None. Not a single time did we fail.


What was the fastest you were able to break your way in?

The fastest and one of the most alarming ones was a I have to be very circumspect about a publicly traded financial company where the CEO hired us because he wanted to double-check the cyber security ( cybersecurity ) security he was getting from an outsourced, third-party cyber security ( cybersecurity ) provider. Because of the nature of their business, we had an agreement that we would not start the cyber security ( cybersecurity ) testing until after business hours on Friday and we would test over the weekend.


We commenced our cyber security ( cybersecurity ) test on 6 p.m. on Friday, and our lead engineer called me within 15 minutes of starting the cyber security ( cybersecurity ) test and said, "You've gotta get the CEO on the line and tell him to pull the plug on their Internet connection, immediately."

It took less than 15 minutes. That was through compromising an FTP server that wasn't properly secured, which in turn gave them access to a Web server that was behind the cyber security ( cybersecurity ) firewall but that was used to communicate with most of the major banks in New York. This was an institution with a large credit facility, shall we say. And he had the ability within minutes to establish connections, sending wiring instructions, and to wire transfer funds to the tune of several hundred million dollars to anywhere in the world within 15 minutes.

All this inevitably leads to the Sony hack, and I wonder if you've had any opportunity to look into that.

Well, I'll start by saying my comments reflect an outside cyber security ( cybersecurity ) view as opposed to an inside cyber security ( cybersecurity ) view. So nothing that I'm commenting on reflects any relationship that we do or don't have, or any interaction that our company may or may not have had with Sony. But, yes, I'm certainly familiar with what's going on, and I think it's another example of where we can say that "pretty good enough" cyber security ( cybersecurity ) security was totally insufficient.

If Sony, for example, had been monitoring their network flows, they could've easily detected that there was a lot of data being exfiltrated from the organization, fairly easily. That's one example that as an outsider I can say is common cyber security ( cybersecurity ) guidance for companies, and some basic, top-10 cyber security ( cybersecurity ) guidance likely would've protected them from that happening.

In January 2013, the New York Times reported that the Chinese cyber security ( cybersecurity ) hacking unit had been sitting in their network for a long time undetected, exfiltrating data on a very quiet basis. I understand that's a very hard thing to do. It seems like the Sony case is a much less subtle attack.

Yes, it doesn't appear to be nearly as sophisticated an attack as some of the other cyber security ( cybersecurity ) cases we've seen New York Times being a good example. Many of the targeted cyber security ( cybersecurity ) attacks we've seen are much more sophisticated, much more covert, where the cyber security ( cybersecurity ) attackers are much more elusive. Sony certainly appears from an external view to be not terribly sophisticated. More along the lines of your garden-variety cyber security ( cybersecurity ) hacking operation than a highly sophisticated state-sponsored cyberespionage group, for example.

So you're skeptical that North Korea was behind the driving force behind this.

I think the way I would put it is, cyber security ( cybersecurity ) attribution is very, very difficult to do conclusively. And certainly there's nothing that I'm aware of in terms of cyber security ( cybersecurity ) diagnostic information in Sony's case -- that provides either conclusive or high-confidence-level attribution to North Korea. Is it possible the Sony attack was a highly sophisticated cyber security ( cybersecurity ) attack that's been made to look not so sophisticated and that there have been false flags planted? That's possible.

If you take a look at any of our in-depth cyber security ( cybersecurity ) reports, you'll find a huge amount of cyber security ( cybersecurity ) research and a lot of detail about specifically how the cyber security ( cybersecurity ) attack was perpetrated, what the steps were, what cyber security ( cybersecurity ) malware was used. We provide a huge amount of cyber security ( cybersecurity ) information, but we don't do what we call the last mile of attribution and apprehension. We provide all the cyber security ( cybersecurity ) diagnostic information to get you there, and then we turn that cyber security ( cybersecurity ) information over to victims, to law enforcement agencies, and we finally publish it.

***********************************************

MISSION STATEMENT:

We are committed to helping our clients customers use state of the art technology while mnimizing the cyber security threat ( cybersecurity threat) As a leader in the TEMPEST industry, we combine our strengths to give you cyber security ( cybersecurity ) solutions that increase your productivity. We constantly build our expertise in this field to give you cyber security ( cybersecurity ) without interereing with your operations.