Tech

Mandia: Phishing numbers show better U.S. cyber hygiene

Almost all the successful hacks against U.S. companies that cybersecurity specialists from Fire Eye responded to over the past year originated as phishing attacks — but that's better news than it might at first appear, CEO Kevin Mandia said Tuesday.

By Shaun Waterman

September 13, 2016

Almost all the successful hacks against U.S. companies that cybersecurity specialists from FireEye responded to over the past year originated as phishing attacks — but that’s better news than it might at first appear, CEO Kevin Mandia said Tuesday.

That’s because, of the non-U.S. incidents they responded to, almost half were accomplished by directly exploiting vulnerabilities in an internet-facing server.

“Internationally … we found about 50-50 [spear-phishing and] the internet-facing server being compromised by exploits without involving spear-phishing,” he said.

SQL injection, in which commands are delivered to an internet-facing server through the text boxes provided for login or search functions on a webpage, is a classic form of direct server exploitation.

Spear-phishing attacks — in which an employee clicks on a link or email attachment loaded with malware, downloading it onto the machine they are using — are generally designed to allow hackers to steal username and password credentials. These are then used to get into the network.

But if hackers can directly exploit a server, there’s no need to compromise an employee credential.

“What that told me,” said Mandia of the preponderance of phishing attacks in the U.S. “is that the health and welfare of our internet-facing infrastructure in the U.S. has gone up” because those U.S. organizations couldn’t be hacked by exploiting their servers directly.

More Like This

Top Stories

More Scoops

The DOD wants cloud computing outside of the continental U.S. Here’s how it’s trying to do that. (Kenneth Lu via Flickr)

How the DOD plans to approach cloud differently outside of the U.S.

Setting up cloud computing outside of the U.S. is as important as it is difficult, the DOD told FedScoop.

By Jackson Barnett

FORT GEORGE G. MEADE, Md. (Sept. 27, 2018) – Sailors stand watch in the Fleet Operations Center at the headquarters of U.S. Fleet Cyber Command/U.S. 10th Fleet (FCC/C10F). Since its establishment, FCC/C10F has grown into an operational force composed of more than 14,000 Active and Reserve Sailors and civilians organized into 28 active commands, 40 Cyber Mission Force units, and 26 reserve commands around the globe. (U.S. Navy Photo by MC1 Samuel Souvannason/Released)

U.S. Cyber Command shifts its view of success

By Shannon Vavra

The Missile Defense Agency (MDA) and U.S. Navy sailors manning the Aegis Ashore Missile Defense Test Complex (AAMDTC) at the Pacific Missile Range Facility (PMRF) at Kauai, Hawaii, successfully conducted Flight Test Integrated-03 (FTI-03).

Cybersecurity flaws could allow adversaries to ‘circumvent’ U.S. missile defense systems

By Billy Mitchell

Why it’s such a bad idea for Trump to use an off-the-shelf smartphone

Obama: U.S. didn’t stall its response to Russia hacking

U.S. debates how to protect cars from hackers

U.S. Chamber of Commerce calls for cyber (anti-)regulation czar

Latest Podcasts

The Federal CIO is focused on cyber, a smooth transition in months ahead; New tech announcements made on Defense Secretary Lloyd Austin’s trip to the Indo-Pacific

Head of the Pentagon’s UAP office unveils new projects and more; Mayorkas hopes the Trump admin will preserve DHS’s AI board

How OpenAI’s new policy blueprint for AI imagines the role of government; a top Biden cyber official says the Trump administration should focus on cyber rules, grants and international partnerships

TTS Director Ann Lewis to step down from GSA; Inside DHS nominee Kristi Noem’s record on cyber

Tech

Defense

Cyber

FedScoop TV